google_alloydb_cluster cause permdiff if psc_enabled = true

[marblejenka]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.
• If an issue is assigned to a user, that user is claiming responsibility for the issue.
• Customers working with a Google Technical Account Manager or Customer Engineer can ask them to reach out internally to expedite investigation and resolution of this issue.

Terraform Version & Provider Version(s)

Terraform v1.7.5 on linux_amd64

• provider registry.terraform.io/hashicorp/google v5.40.0
• provider registry.terraform.io/hashicorp/random v3.6.2
• provider registry.terraform.io/hashicorp/time v0.12.0

Affected Resource(s)

google_alloydb_cluster

Terraform Configuration

resource "google_alloydb_cluster" "default" {
  project    = var.project_id
  cluster_id = "alloydb-cluster"
  location   = "us-central1"

  psc_config {
    psc_enabled = true
  }
}

resource "google_alloydb_instance" "default" {
  cluster       = google_alloydb_cluster.default.name
  instance_id   = "alloydb-instance"
  instance_type = "PRIMARY"
}

Debug Output

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place

Terraform will perform the following actions:

module.alloydb.google_alloydb_instance.default will be updated in-place

~ resource "google_alloydb_instance" "default" { id = "projects/xxx/locations/us-central1/clusters/alloydb-cluster/instances/alloydb-instance" name = "projects/xxx/locations/us-central1/clusters/alloydb-cluster/instances/alloydb-instance"

(15 unchanged attributes hidden)

  - psc_instance_config {
      - allowed_consumer_projects = [] -> null
      - psc_dns_name              = "f8c55e7c-35fe-4f50-ac25-dabd9f5de757.b2c9c511-8f7d-4de5-9e4c-8cc64aba194b.us-central1.alloydb-psc.goog." -> null
      - service_attachment_link   = "https://www.googleapis.com/compute/v1/projects/xxx/regions/us-central1/serviceAttachments/alloydb-f8c55e7c-35f-alloydb-instance-sa" -> null
    }

    # (3 unchanged blocks hidden)
}

Plan: 0 to add, 1 to change, 0 to destroy.

───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now.

Expected Behavior

(terraform apply && terraform plan) won't cause diff

Actual Behavior

shown in Debug Output

Steps to reproduce

1. terraform apply
2. terraform plan

Important Factoids

No

References

No response

b/359930998

[ggtisc]

Confirmed issue!

There is a permadiff with the specific shared terraform configuration including all the resources