Do not allow read only key to be changed during planning phase.

Describe the bug config.public_key is being allowed to be a configurable resource during terraform plan phase.

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # module.fivetran.fivetran_connector.connector_resource["raw_nebula_content"] will be updated in-place
  ~ resource "fivetran_connector" "connector_resource" {
        id           = "XXX"
        name         = "YYY"
        # (4 unchanged attributes hidden)

      ~ config {
          # Warning: this attribute value will no longer be marked as sensitive
          # after applying this change. The value is unchanged.
          ~ public_key       = (sensitive value)
            # (13 unchanged attributes hidden)
        }

        # (1 unchanged block hidden)
    }

To Reproduce

resource "fivetran_connector" "connector_resource" {
  for_each = {
    for index, connector in local.connectors.postgres :
    data.fivetran_connector.connector[connector.connector_id].name => connector
  }
  group_id = data.fivetran_group.group.id
  service  = each.value.service
  destination_schema {
    prefix = contains(["postgres_rds", "mysql_rds"], each.value.service) ? data.fivetran_connector.connector[each.value.connector_id].name : null
    name   = contains(["postgres_rds", "mysql_rds"], each.value.service) ? null : data.fivetran_connector.connector[each.value.connector_id].name
  }
  config {
    host             = each.value.config.host
    port             = each.value.config.port
    database         = each.value.config.database
    user             = each.value.config.user
    password         = each.value.config.password
    tunnel_host      = each.value.config.tunnel_host
    tunnel_port      = each.value.config.tunnel_port
    tunnel_user      = each.value.config.tunnel_user
    public_key       = each.value.config.public_key
    always_encrypted = each.value.config.always_encrypted
    connection_type  = each.value.config.connection_type
    update_method    = each.value.config.update_method
    replication_slot = each.value.config.replication_slot
    publication_name = each.value.config.publication_name
  }

}

Expected behavior public key should not be allowed here or the output message should warn.

Logs & Output Plan:

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # module.fivetran.fivetran_connector.connector_resource["raw_nebula_content"] will be updated in-place
  ~ resource "fivetran_connector" "connector_resource" {
        id           = "XXX"
        name         = "YYY"
        # (4 unchanged attributes hidden)

      ~ config {
          # Warning: this attribute value will no longer be marked as sensitive
          # after applying this change. The value is unchanged.
          ~ public_key       = (sensitive value)
            # (13 unchanged attributes hidden)
        }

        # (1 unchanged block hidden)
    }

apply:

Error: Provider produced inconsistent result after apply

When applying changes to
module.fivetran.fivetran_connector.connector_resource["raw_nebula_content"],
provider
"module.fivetran.provider[\"registry.terraform.io/fivetran/fivetran\"]"
produced an unexpected new value: .config.public_key: inconsistent values for
sensitive attribute.

This is a bug in the provider, which should be reported in the provider's own
issue tracker.
Error: Terraform exited with code 1.

Plugin version: 1.1.22

Additional context Previously created in https://github.com/fivetran/terraform-provider-fivetran/issues/308

fivetran / terraform-provider-fivetran

Do not allow read only key to be changed during planning phase. #309