Error: Provider produced inconsistent result after apply

[rad-ed]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.
• If an issue is assigned to a user, that user is claiming responsibility for the issue.
• Customers working with a Google Technical Account Manager or Customer Engineer can ask them to reach out internally to expedite investigation and resolution of this issue.

Terraform Version & Provider Version(s)

Terraform v1.6.6 on linux_amd64

• provider registry.terraform.io/hashicorp/google v4.84.0
• provider registry.terraform.io/hashicorp/google-beta v5.32.0

Affected Resource(s)

google_bigquery_table_iam_member

Terraform Configuration

terraform {
  required_providers {
    gcp = {
      source  = "hashicorp/google"
      version = "~> 4.0"
    }
  }
  backend "pg" {}
}

# Configure the GCP Provider
provider "gcp" {
  project = "***-devops-sandbox"
}

Debug Output

module.iam-binding-table.data.google_project.project: Read complete after 3s [id=projects/umg-devops-sandbox]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:

• create

Terraform will perform the following actions:

module.iam-binding-table.google_bigquery_table_iam_member.member will be created

• resource "google_bigquery_table_iam_member" "member" {
  • dataset_id = "ad_users"
  • etag = (known after apply)
  • id = (known after apply)
  • member = "user:*****"
  • project = "***-devops-sandbox"
  • role = "roles/*****"
  • table_id = "*****" }

Plan: 1 to add, 0 to change, 0 to destroy. module.iam-binding-table.google_bigquery_table_iam_member.member: Creating... ╷ │ Error: Provider produced inconsistent result after apply │ │ When applying changes to │ module.iam-binding-table.google_bigquery_table_iam_member.member, provider │ "provider[\"registry.terraform.io/hashicorp/google\"]" produced an │ unexpected new value: Root object was present, but now absent. │ │ This is a bug in the provider, which should be reported in the provider's │ own issue tracker. ╵

Expected Behavior

module.iam-binding-table.google_bigquery_table_iam_member.member will be created

• resource "google_bigquery_table_iam_member" "member" {
  • dataset_id = "*****"
  • etag = (known after apply)
  • id = (known after apply)
  • member = "user:****"
  • project = "*****"
  • role = "roles/*****r"
  • table_id = "*****" }

Actual Behavior

error without resource creation

Steps to reproduce

1. terraform apply

Important Factoids

No response

References

No response

[ggtisc]

Hi @rad-ed are you having issues only with the provided code, or also with the google_bigquery_table_iam_member resource? If that is the case please provide the terraform code of this resource and all other resources, variables and so on that you consider relevant (you may include comments on fields that you consider sensitive data that indicate these data is private and could be replaced like project = "my-project")

[rad-ed]

This provider error is appearing only when the google_bigquery_table_iam_member is being created.

The resource is being implemented as a simple module

---

Module code

variable "gcp_identity" {
    type = string
    description = "Full string identity of the binding; i.e. user:jane@example.com"
}

variable "bq_dataset"{
    type = string
    description = "Dataset binding is being created on"
}

variable "bq_table" {
    type = string
    description = "Table within dataset binding is being created on"
}

variable "gcp_role" {
    type = string
    description = "Role being granted"
}

variable "gcp_project" {
    type = string
    description = "GCP project dataset is within"
}

data "google_project" "project" {
}

resource "google_bigquery_table_iam_member" "member" {
  provider      = google
  project       = var.gcp_project
  dataset_id    = var.bq_dataset
  table_id      = var.bq_table
  role          = var.gcp_role
  member        = var.gcp_identity
}

---

Module implementation.

module "iam-binding-table" {
  source  = "../../modules/bq-iam-binding/table"
  gcp_project   = "****"
  bq_dataset    = "****"
  bq_table      = "****"
  gcp_role      = "*****"
  gcp_identity  = "user:****"
}

[ggtisc]

We have simplified the code in order to find the root of the problem, but the result was successfully without errors with the next code:

resource "google_bigquery_dataset" "bigquery_dataset_18351" {
  dataset_id                  = "bigquery_dataset_18351"
  friendly_name               = "bigquery-dataset-18351"
  description                 = "something"
  location                    = "EU"
  default_table_expiration_ms = 3600000

  labels = {
    env = "default"
  }
}

resource "google_bigquery_table" "bigquery_table_18351" {
  dataset_id = google_bigquery_dataset.bigquery_dataset_18351.dataset_id
  table_id   = "bigquery-table-18351"

  time_partitioning {
    type = "DAY"
  }

  labels = {
    env = "default"
  }

  schema = <<EOF
  [
    {
      "name": "permalink",
      "type": "STRING",
      "mode": "NULLABLE",
      "description": "The Permalink"
    },
    {
      "name": "state",
      "type": "STRING",
      "mode": "NULLABLE",
      "description": "State where the head office is located"
    }
  ]
EOF
}

resource "google_bigquery_table_iam_member" "bigquery_table_iam_member_18351" {
  provider      = google
  project       = "my-project"
  dataset_id    = google_bigquery_table.bigquery_table_18351.dataset_id
  table_id      = google_bigquery_table.bigquery_table_18351.table_id
  role          = "roles/bigquery.dataOwner"
  member        = "user:your-user-name@your-domain.com"
}

I suggest you 1st to implement a similar simplified example to detect if your values are correct, and then check the values of your environment variables, and the same for your module.