From 598ec7181a81f66352e84d1b247f46389aecdfc7 Mon Sep 17 00:00:00 2001
From: Ramon Snir <r@mon.dev>
Date: Fri, 9 Aug 2024 18:01:22 -0400
Subject: [PATCH] fix to team-level firewall traffic rules

---
 .../misc/team_firewall_traffic_rules/main.tf  | 51 +++++++++++++++++++
 .../firewall_traffic_rules_resource.go        |  1 +
 2 files changed, 52 insertions(+)
 create mode 100644 examples/misc/team_firewall_traffic_rules/main.tf

diff --git a/examples/misc/team_firewall_traffic_rules/main.tf b/examples/misc/team_firewall_traffic_rules/main.tf
new file mode 100644
index 0000000..f1ab3c5
--- /dev/null
+++ b/examples/misc/team_firewall_traffic_rules/main.tf
@@ -0,0 +1,51 @@
+terraform {
+  required_providers {
+    netlify = {
+      source = "registry.terraform.io/netlify/netlify"
+    }
+  }
+  required_version = ">= 1.6.0"
+}
+
+# `token` comes from NETLIFY_API_TOKEN, but can be specified with a Terraform variable
+provider "netlify" {}
+
+data "netlify_team" "team" {
+  slug = "netlify-terraform-test"
+}
+
+resource "netlify_team_firewall_traffic_rules" "team" {
+  team_id = data.netlify_team.team.id
+  published = {
+    default_action = "allow"
+    ip_restrictions = [
+      {
+        description = "Meow"
+        addresses   = ["173.54.6.0/30"]
+      },
+      {
+        description = "bot network"
+        addresses = [
+          "90.12.4.1/32",
+          "90.12.4.2/32",
+          "90.12.5.5/32",
+        ]
+      }
+    ]
+    geo_exceptions = [
+      {
+        description = "brazil"
+        countries   = ["BR"]
+      }
+    ]
+  }
+  unpublished = {
+    default_action = "deny"
+    ip_exceptions = [
+      {
+        description = "Allow my IP"
+        addresses   = ["71.105.184.66/32"]
+      }
+    ]
+  }
+}
diff --git a/internal/provider/firewall_traffic_rules_resource.go b/internal/provider/firewall_traffic_rules_resource.go
index 2ffdc77..0400f2a 100644
--- a/internal/provider/firewall_traffic_rules_resource.go
+++ b/internal/provider/firewall_traffic_rules_resource.go
@@ -245,6 +245,7 @@ func (r *firewallTrafficRulesResource) Read(ctx context.Context, req resource.Re
 		var err error
 		config, _, err = r.data.client.AccountsAPI.
 			GetAccountFirewallRuleSet(ctx, state.TeamID.ValueString()).
+			Id(state.TeamID.ValueString()).
 			Execute()
 		if err != nil {
 			resp.Diagnostics.AddError(