Introduction of CMEK support for instance causes diff for CMEK referenced disks

[drebes]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment
• If an issue is assigned to the "modular-magician" user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to "hashibot", a community member has claimed the issue already.

Terraform Version

$ terraform -v
Terraform v0.11.14
+ provider.google v2.8.0
+ provider.google-beta v2.8.0
+ provider.kubernetes v1.6.2
+ provider.random v2.1.2
+ provider.template v2.1.2

Affected Resource(s)

• google_compute_instance

Terraform Configuration Files

resource "google_compute_instance" "infra-europe-west1-b" {
  name         = "infra-europe-west1-b"
  machine_type = "f1-micro"
  zone         = "europe-west1-b"

  boot_disk {
    auto_delete = false
    source      = "${google_compute_disk.infra-europe-west1-b-root.self_link}"
  }

  attached_disk {
    source = "${google_compute_disk.infra-europe-west1-b-home.self_link}"
  }

[...]
}

resource "google_compute_disk" "infra-europe-west1-b-root" {
  name  = "infra-europe-west1-b-root"
  type  = "pd-ssd"
  zone  = "europe-west1-b"
  image = "centos-7-v20190515"
  size  = 10

  disk_encryption_key {
    kms_key_self_link = "${google_kms_crypto_key.pd.self_link}"
  }
}

resource "google_compute_disk" "infra-europe-west1-b-home" {
  name = "infra-europe-west1-b-home"
  type = "pd-ssd"
  zone = "europe-west1-b"
  size = 5

  disk_encryption_key {
    kms_key_self_link = "${google_kms_crypto_key.pd.self_link}"
  }
}

Expected Behavior

No diff on change after upgrading from 2.6.0 to 2.8.0.

Actual Behavior

Diff caused by the introduction of CMEK (#3481)

      boot_disk.0.kms_key_self_link:                                           "projects/drebes-playground-infra-b69a/locations/europe-west1/keyRings/storage/cryptoKeys/pd" => "" (forces new resource)

kms_key_self_link on boot and attached disk should be Computed.

https://github.com/terraform-providers/terraform-provider-google/pull/3481/files#diff-6ebc1a840e42235a51a46d537f17ddaaR79

Steps to Reproduce

1. terraform apply

Important Factoids

References

• Add support for creating instances with CMEK #3481

[drebes]

For others facing the same, I'm working around this by changing my resource definition to:

  boot_disk {
    auto_delete = false
    source      = "${google_compute_disk.infra-europe-west1-b-root.self_link}"
    kms_key_self_link = "${google_kms_crypto_key.pd.self_link}"
  }

  attached_disk {
    source = "${google_compute_disk.infra-europe-west1-b-home.self_link}"
    kms_key_self_link = "${google_kms_crypto_key.pd.self_link}"
  }

to not trigger the diff.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks!