google_compute_subnetwork - updating logging config forces new resource

[arvindgorur]

Hi,

I created a VPC network and subnet following the configuration here but with a few changes. I initially created the network and subnet without the beta provider or the flow log configuration. I then added the flow log configuration with the beta provider and ran terraform apply. Terraform wants to destroy and recreate the resource with the logging configuration. I do not believe this should be the case. If I attempt the same operations using the gcloud command, it updates it in place. The configuration files are below.

Terraform Version

Terraform v0.11.10
+ provider.google v1.20.0
+ provider.google-beta v2.6.0

Affected Resource(s)

• google_compute_subnetwork

Terraform Configuration Files

Initial configuration without flow log enabled

resource "google_compute_subnetwork" "subnet-with-logging" {
  name          = "log-test-subnetwork"
  ip_cidr_range = "10.2.0.0/16"
  region        = "us-central1"
  network       = "${google_compute_network.custom-test.self_link}"
}

resource "google_compute_network" "custom-test" {
  name                    = "log-test-network"
  auto_create_subnetworks = false
}

New configuration file with flow log enabled

resource "google_compute_subnetwork" "subnet-with-logging" {
  provider      = "google-beta"
  name          = "log-test-subnetwork"
  ip_cidr_range = "10.2.0.0/16"
  region        = "us-central1"
  network       = "${google_compute_network.custom-test.self_link}"

  enable_flow_logs = true

  log_config {
    aggregation_interval = "INTERVAL_5_SEC"
    flow_sampling        = 0.5
    metadata             = "INCLUDE_ALL_METADATA"
  }
}

resource "google_compute_network" "custom-test" {
  provider                = "google-beta"
  name                    = "log-test-network"
  auto_create_subnetworks = false
}

provider "google-beta" {
  region = "us-central1"
  zone   = "us-central1-a"
}

Debug Output

output from terraform plan
https://gist.github.com/arvindgorur/55703332e989127dec98850796307714

Expected Behavior

Terraform should update the resource in place

Actual Behavior

Terraform removes the resource and re-provisions it with the new configuration

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

1. terraform apply

[rileykarson]

We're not able to effectively support update on this block until it goes GA due to some limitations in our API + code generator for the provider interacting badly. We've filed an issue on the API to try to ease the restriction blocking us, and it should become possible to update this field when it goes GA.

I'll update this issue as the API advances to GA or relaxes the restriction.

[arvindgorur]

Thanks for the update!

[abutnare]

quick check if any update on this one?

[rileykarson]

It looks like the feature went GA, so custom update code should be possible now. That's currently unassigned though, and I don't have a clear timeline, though. If this is something you're interested in, please 👍 the parent post!

[rileykarson]

Fixing this will probably end up involving a breaking change or some 3.0.0 work.

[rileykarson]

I'm not confident I can get to this in time before the release, so @slevenick is going to take a crack at it.

[rileykarson]

@slevenick: Mind attaching the PRs that added support?

[slevenick]

Added support for updating this block in #4791

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!