After checking internally, we found this is not a Terraform issue.
Our IT team added a custom route for creating log-related resources, which changed the behavior compared to before and caused the confusion on our side.
sorry for the noise, I will close the issue.