search

DataDog / terraform-provider-datadog

Terraform Datadog provider
https://www.terraform.io/docs/providers/datadog/
Mozilla Public License 2.0
399 stars 375 forks source link

Erroneous update-in-place on datadog_monitor_json with restriction policy #2515

Open sscheible opened 1 month ago

sscheible commented 1 month ago

Datadog Terraform Provider Version

v3.42.0

Terraform Version

v1.9.0

What resources or data sources are affected?

datadog_monitor_json

Terraform Configuration Files

resource "datadog_monitor_json" "sample_monitor" {
  monitor = <<-EOF
{
    "id": 18360519,
    "name": "Sample Monitor",
    "type": "log alert",
    "query": "logs(\"env:prod\").index(\"*\").rollup(\"count\").last(\"5m\") > 1",
    "message": "Sample Monitor is firing",
    "tags": [
        "team:datadog-project"
    ],
    "options": {
        "thresholds": {
            "critical": 1
        },
        "enable_logs_sample": false,
        "notify_audit": false,
        "on_missing_data": "default",
        "include_tags": false,
        "new_host_delay": 300,
        "groupby_simple_monitor": false,
        "silenced": {}
    },
    "priority": null,
    "restriction_policy": {
        "bindings": [
            {
                "relation": "editor",
                "principals": [
                    "team:67885f39-07e6-43bb-83a1-b12b656c41f5"
                ]
            },
            {
                "relation": "viewer",
                "principals": [
                    "org:4e66b06e-40d3-11ee-b8d2-da7ad0900005"
                ]
            }
        ]
    }
}
EOF
}

Relevant debug or panic output

  # datadog_monitor_json.sample_monitor will be updated in-place
  ~ resource "datadog_monitor_json" "sample_monitor" {
        id      = "18360519"
      ~ monitor = jsonencode(
          ~ {
                name               = "Sample Monitor"
              + restriction_policy = {
                  + bindings = [
                      + {
                          + principals = [
                              + "team:67885f39-07e6-43bb-83a1-b12b656c41f5",
                            ]
                          + relation   = "editor"
                        },
                      + {
                          + principals = [
                              + "org:4e66b06e-40d3-11ee-b8d2-da7ad0900005",
                            ]
                          + relation   = "viewer"
                        },
                    ]
                }
                tags               = [
                    "team:datadog-project",
                ]
                # (5 unchanged attributes hidden)
            }
        )
    }

Expected Behavior

tf plan should show no changes

Actual Behavior

tf plan shows that terraform would add the restriction policy (which is already in place, confirmed via UI)

Steps to Reproduce

  1. terraform apply # (to create the monitor with restriction policy)
  2. terraform plan # (to see if the plan differs from what has just been created)

Important Factoids

Related resource datadog_monitor does not support restriction policies at all, might be a related omission in the implementation within datadog_monitor_json

References

No response