I’m sure I’m not the first to encounter this challenge with parameter conflicts in a resource.
I have an AWS SQS queue created by the aws_sqs_queue resource in my scenario. I want to change the encryption from the customer master key to the AWS-managed SSE (and vice-versa) without creating a new queue (i.e. just updating the existing one).
Terraform validation doesn’t allow me to define both parameters in the resource, even if both or one is set to null.
Dynamic properties also don’t seem to be a possibility.
How can we deal with resources with a conflict of properties, as explained in the scenario?
Good question. I should have said that we have an internal module that wraps the resource to enforce standards. For that reason, it could have either of the options, depending on the the user’s usage of the module.