vault_ssh_secret_backend_role constantly reports changes to cidr_list

Terraform Version

➜ terraform -v Terraform v0.12.18

provider.azurerm v1.31.0
provider.vault v2.6.0

Affected Resource(s)

vault_ssh_secret_backend_role

Terraform Configuration Files

resource "vault_ssh_secret_backend_role" "ssh_client_signer_aops" {
  name                    = "admin"
  backend                 = vault_mount.ssh_client_signer.path
  key_type                = "ca"
  allow_user_certificates = true
  cidr_list               = "0.0.0.0/0"
  allowed_users           = var.ADMIN_USER
  default_user            = var.ADMIN_USER
  max_ttl                 = "2592000"
  ttl                     = "2592000"
  allow_user_key_ids      = false
  key_id_format           = "{{token_display_name}}"
  default_extensions      = map("permit-pty", "")
}

Debug Output

There's a lot of potentially secure stuff that I'd rather not share unless necessary, but the relevant parts:

2020/01/16 14:08:31 [WARN] Provider "registry.terraform.io/-/vault" produced an unexpected new value for module.ssh.vault_ssh_secret_backend_role.ssh_client_signer_aops, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .cidr_list: was cty.StringVal("0.0.0.0/0"), but now cty.StringVal("")

Expected Behavior

After the change was applied, further terraform apply wouldn't report a change.

Actual Behavior

Every apply reports the change

Steps to Reproduce

Add an object with cidr "0.0.0.0/0"
terraform apply

Important Factoids

Tested against Vault 1.1.3

hashicorp / terraform-provider-vault

vault_ssh_secret_backend_role constantly reports changes to cidr_list #652