Created/generated the secret via Terraform vault_kv_secret_v2. Manually changed the value in Hashivault to test drift detection. Expected next Terraform plan to detect drift, and revert secret back to expected values.
Actual Behavior
Terraform did not detect drift on the secret, and did not detect a new version of a secret. Terraform plan -refresh-only DID detect a new secret version, and updated state, but did not detect drift in data_json.
Terraform Core Version
1.7.4
Terraform Vault Provider Version
3.25.0
Vault Server Version
1.12.2
Affected Resource(s)
vault_kv_secret_v2
Expected Behavior
Created/generated the secret via Terraform vault_kv_secret_v2. Manually changed the value in Hashivault to test drift detection. Expected next Terraform plan to detect drift, and revert secret back to expected values.
Actual Behavior
Terraform did not detect drift on the secret, and did not detect a new version of a secret. Terraform plan -refresh-only DID detect a new secret version, and updated state, but did not detect drift in data_json.
Relevant Error/Panic Output Snippet
No response
Terraform Configuration Files
resource "vault_kv_secret_v2" "testing" { mount = "pricing" name = "mssql/database/testing" data_json = jsonencode( { username = local.sql_database_admin_username password = random_password.passwords["testing"].result } ) }
Steps to Reproduce
Ran terraform generating a secret, modified the secret manually, ran terraform again. Drift not detected.
Debug Output
No response
Panic Output
No response
Important Factoids
No response
References
No response
Would you like to implement a fix?
None