google_cloudfunctions_function unable to remove vpc_connector if vpc_connector_egress_settings previously set

[mattalbr]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.
• If an issue is assigned to the modular-magician user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to hashibot, a community member has claimed the issue already.

Terraform Version

Terraform v1.1.8 on linux_arm64

• provider registry.terraform.io/cyrilgdn/postgresql v1.15.0
• provider registry.terraform.io/hashicorp/archive v2.2.0
• provider registry.terraform.io/hashicorp/google v4.20.0
• provider registry.terraform.io/hashicorp/google-beta v4.20.0
• provider registry.terraform.io/hashicorp/random v3.1.3

Affected Resource(s)

• google_cloudfunctions_function

Terraform Configuration Files

Before:

resource "google_cloudfunctions_function" "patient_data_uploader_function" {
  name        = "patient-data-uploader-function"
  description = "Uploads patient data to spreadsheet"
  runtime     = "python310"
  region      = var.region

  available_memory_mb           = 512
  source_archive_bucket         = google_storage_bucket.cloud_function_bucket.name
  source_archive_object         = google_storage_bucket_object.patient_data_uploader_zip.name
  timeout                       = 60
  entry_point                   = "upload_patient_data"
  max_instances                 = 1
  service_account_email         = google_service_account.patient_data_uploader_user.email
  vpc_connector                 = google_vpc_access_connector.connector.self_link
  vpc_connector_egress_settings = "PRIVATE_RANGES_ONLY"

  event_trigger {
    event_type = "google.pubsub.topic.publish"
    resource   = google_pubsub_topic.patient_data_uploader_trigger_topic.id
  }
}

AFter

resource "google_cloudfunctions_function" "patient_data_uploader_function" {
  name        = "patient-data-uploader-function"
  description = "Uploads patient data to spreadsheet"
  runtime     = "python310"
  region      = var.region

  available_memory_mb           = 512
  source_archive_bucket         = google_storage_bucket.cloud_function_bucket.name
  source_archive_object         = google_storage_bucket_object.patient_data_uploader_zip.name
  timeout                       = 60
  entry_point                   = "upload_patient_data"
  max_instances                 = 1
  service_account_email         = google_service_account.patient_data_uploader_user.email
  #vpc_connector                 = google_vpc_access_connector.connector.self_link
  #vpc_connector_egress_settings = "PRIVATE_RANGES_ONLY"

  event_trigger {
    event_type = "google.pubsub.topic.publish"
    resource   = google_pubsub_topic.patient_data_uploader_trigger_topic.id
  }
}

Debug Output

Panic Output

Expected Behavior

The function should have been updated with the vpc connector removed.

Actual Behavior

Error: Error while updating cloudfunction configuration: googleapi: Error 400: The request has errors │ Details: │ [ │ { │ "@type": "type.googleapis.com/google.rpc.BadRequest", │ "fieldViolations": [ │ { │ "description": "\"vpc_connector_egress_settings\" requires \"vpc_connector\" field to be set.", │ "field": "vpc_connector_egress_settings" │ } │ ] │ } │ ] │ , badRequest │ │ with google_cloudfunctions_function.patient_data_uploader_function, │ on main.tf line 376, in resource "google_cloudfunctions_function" "patient_data_uploader_function": │ 376: resource "google_cloudfunctions_function" "patient_data_uploader_function" {

Steps to Reproduce

1. terraform apply first config
2. terraform apply second config

Important Factoids

This also seemed to fail when I tried via command line: cloud functions deploy patient-data-uploader-function --clear-vpc-connector

I had to manually change via UI to get this to work.

References

b/274818550

[sangngocle]

Hi @mattalbr, is there any update regarding this one? Do you have any workaround or something? I have the same issue and would like to hear any info from you.

[sewei9]

Just stumbled upon the same error. Removing the existing settings manually from GCP and redeploy vpc config worked for me.