Diff in imported google_data_catalog_policy_tag resource (beta)

[pietrodn]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.
• If an issue is assigned to the modular-magician user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to hashibot, a community member has claimed the issue already.

Description of the problem

When an existing google_data_catalog_policy_tag is imported, subsequent terraform plan invocations show a diff on the taxonomy attribute, requiring the user to replace the policy tag resource (a disruptive and avoidable action, especially if the policy tag has already been used in BigQuery).

Terraform Version

Terraform 0.13.5

Affected Resource(s)

• google_data_catalog_policy_tag

Terraform Configuration Files

provider "google-beta" {
  project = "my-project-id"
}

terraform {
  required_version = ">= 0.13"

  required_providers {
    google = {
      source  = "hashicorp/google"
      version = "~> 3.48.0"
    }
    google-beta = {
      source  = "hashicorp/google-beta"
      version = "~> 3.48.0"
    }
  }
}

resource "google_data_catalog_taxonomy" "my_taxo" {
  provider               = google-beta
  display_name           = "Test taxonomy"
  description            = "Taxonomy to test a Terraform bug in the google-beta provider."
  region                 = "us"
  activated_policy_types = ["FINE_GRAINED_ACCESS_CONTROL"]
}

resource "google_data_catalog_policy_tag" "my_policy_tag" {
  provider     = google-beta
  taxonomy     = google_data_catalog_taxonomy.my_taxo.id
  display_name = "my_policy_tag"
  description  = "Protecting some data."
}

Debug Output

https://gist.github.com/pietrodn/40c1e04c2839a44008af90c913aa19ed

Expected Behavior

Running terraform plan after importing a google_data_catalog_policy_tag should give no diff.

Actual Behavior

Running terraform plan after importing a google_data_catalog_policy_tag gives a diff on the taxonomy attribute, requiring the user to replace the google_data_catalog_policy_tag unnecessarily.

Steps to Reproduce

1. terraform apply on the Terraform resources written above
2. terraform plan. Notice how there is no diff.
3. Remove the policy tag from the Terraform state: terraform state rm google_data_catalog_policy_tag.my_policy_tag
4. Go on Google Data Catalog and copy the full name of the created policy tag (it will be in the form projects/my-project-id/locations/us/taxonomies/$TAXONOMY_ID/policyTags/$TAG_ID)
5. Reimport the resource: terraform import google_data_catalog_policy_tag.my_policy_tag projects/my-project-id/locations/us/taxonomies/$TAXONOMY_ID/policyTags/$TAG_ID
6. terraform plan
7. Notice how Terraform shows a diff on the policy tag resource, in the taxonomy attribute. It wants to replace the policy tag.

References

• google_data_catalog_taxonomy, google_data_catalog_policy_tag: import not working #7679

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks!