Terraform plan try to delete network when Nutanix Aplos raise an error (503)

We are getting a strange issue where authentication failed and terraform continue to work. Even when we trigger a terraform plan.

Our current LDAP auth does not work as expect and give random 503 error (Server is busy). When running terraform plan on a simple terraform definition with one network and one karbon cluster, it will try to delete the network.

The worrying thing is that it will try to delete a resource even when requesting a plan. It might also affect other resources.

Nutanix Cluster Information

Nutanix Cluster (Prism Element / AOS): 6.5.2 LTS
Nutanix Prism Central: pc.2022.6.0.3

Terraform Version

2023-03-21T14:03:10.986+0100 [INFO]  Terraform version: 1.3.7
2023-03-21T14:03:10.986+0100 [DEBUG] using github.com/hashicorp/go-tfe v1.9.0
2023-03-21T14:03:10.986+0100 [DEBUG] using github.com/hashicorp/hcl/v2 v2.15.0
2023-03-21T14:03:10.987+0100 [DEBUG] using github.com/hashicorp/terraform-config-inspect v0.0.0-20210209133302-4fd17a0faac2
2023-03-21T14:03:10.987+0100 [DEBUG] using github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734
2023-03-21T14:03:10.987+0100 [DEBUG] using github.com/zclconf/go-cty v1.12.1
2023-03-21T14:03:10.987+0100 [INFO]  Go runtime version: go1.19.4
2023-03-21T14:03:10.987+0100 [INFO]  CLI args: []string{"terraform", "-v"}
2023-03-21T14:03:10.987+0100 [TRACE] Stdout is a terminal of width 269
2023-03-21T14:03:10.987+0100 [TRACE] Stderr is a terminal of width 269
2023-03-21T14:03:10.987+0100 [TRACE] Stdin is a terminal
2023-03-21T14:03:10.989+0100 [DEBUG] ignoring non-existing provider search directory /usr/local/share/terraform/plugins
2023-03-21T14:03:10.989+0100 [DEBUG] ignoring non-existing provider search directory /usr/share/terraform/plugins
2023-03-21T14:03:10.991+0100 [INFO]  CLI command args: []string{"version", "-v"}
Terraform v1.3.7
on linux_amd64
+ provider registry.terraform.io/hashicorp/local v2.4.0
+ provider registry.terraform.io/nutanix/nutanix v1.6.1

Also tried with 1.7.1 and 1.8.0 with the same result

Affected Resource(s)

nutanix_karbon_cluster
nutanix_subnet

Terraform Configuration Files

/*resource "nutanix_subnet" "nutanix_networks" {
    name                             = "NTX_1"
    cluster_uuid                     = "UUID"
    vlan_id                          = "10"
    default_gateway_ip               = IP_GW
    subnet_ip                        = IP_SUB
    ip_config_pool_list_ranges       = []
    prefix_length                    = 24

    vswitch_name                     = "br0"
    subnet_type                      = "VLAN"
    dhcp_domain_name_server_list     = ["IPs"]
    dhcp_domain_search_list          = ["DOMAIN.LOCAL"]
    dhcp_options                     = {
        "boot_file_name"   = ""
        "domain_name"      = "DOMAIN.LOCAL"
        "tftp_server_name" = ""
    }
}*/

Debug Output

https://gist.github.com/Fen0l/cb1816a69c79e7f7b0dde9f01c1e17e1

Expected Behavior

Terraform should end without triggering any updates.

Actual Behavior

Terraform detect changes on the network and try to delete it. As the network is already in use, Nutanix does not delete it but fail the task.

Steps to Reproduce

Our LDAP Authentication does not work as expect. So aplos is unable to authenticate and raise a 503 error Server is busy.

Configure a broken LDAP (unsure how to reproduce the issue)
run terraform plan
Notice that the network is trying to be deleted

KR,

nutanix / terraform-provider-nutanix