oci_dns_resolver_endpoint gets recreated when trying to update the TAGS on parent resource

[rajsshah86]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version and Provider Version

$ terraform -v
Terraform v1.5.5
on darwin_arm64
+ provider registry.terraform.io/hashicorp/random v3.5.1
+ provider registry.terraform.io/oracle/oci v5.15.0

Affected Resource(s)

oci_dns_resolver_endpoint

Terraform Configuration Files

resource "oci_core_vcn" "self" {
  compartment_id = <COMPARTMENT-ID>
  display_name   = var.virtual_cloud_network.display_name
  cidr_blocks    = var.virtual_cloud_network.cidr_blocks
  dns_label      = "${var.region_key}${random_id.dns_label.hex}"

  defined_tags  = var.defined_tags
  freeform_tags = var.freeform_tags
}

resource "oci_core_subnet" "self" {
  for_each       = var.subnets
  compartment_id = <COMPARTMENT-ID>
  display_name   = each.key

  vcn_id                     = oci_core_vcn.self.id
  cidr_block                 = each.value.cidr_block
  prohibit_public_ip_on_vnic = each.value.is_public_subnet ? false : true

  defined_tags  = var.defined_tags
  freeform_tags = var.freeform_tags
}

data "oci_core_vcn_dns_resolver_association" "self" {
  vcn_id = oci_core_vcn.self.id
}

resource "oci_dns_resolver_endpoint" "forwarding" {
  name          = var.dns_resolver_endpoint_forwarding.name
  is_forwarding = true
  is_listening  = false

  resolver_id = data.oci_core_vcn_dns_resolver_association.self.dns_resolver_id
  subnet_id   = oci_core_subnet.self[var.dns_resolver_endpoint_forwarding.subnet].id
  scope       = "PRIVATE"

  endpoint_type      = "VNIC"
  forwarding_address = var.dns_resolver_endpoint_forwarding.forwarding_address
}

Debug Output

Panic Output

Expected Behavior

When updating the TAG values (be it a freeform tag or defined tag) , Terrafrom should just update the TAGS on the resource and should not recreate the oci_dns_resolver_endpoint resource.

Actual Behavior

It destroys the oci_dns_resolver_endpoint resource and recreates it causing downtime in the environment.

Steps to Reproduce

1. terraform apply

[tf-oci-pub]

Thank you for reporting the issue. We have raised an internal ticket to track this. Our service engineers will get back to you.