Hi everyone,
I’m facing a subtle but annoying behaviour every time i run a terraform plan
.
It keeps modifying etag
argument
~ resource "google_project_iam_member" "my_iam_member" {
~ etag = "BwXE3hebQlI=" -> "BwXFhX/Yo1g="
this argument is not supported in the doc as it can be seen here:
https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#argument-reference
but is exported:
etag - (Computed) The etag of the project’s IAM policy.
Any ideas about how to solve it?
> terraform version
Terraform v1.0.1
on darwin_arm64
terraform {
required_version = "1.0.1"
required_providers {
google = {
source = "hashicorp/google"
version = "3.74.0"
}
Thanks in advance
3 Likes
I have been seeing this with multiple providers for a bit now. Makes Atlantis much harder to use with all of the spurious output.
I’m seeing this as well, though I used to use the same resource without this problem happening so consistently.
This problem with nearly constantly changing etags persists for me. This happens with “google_project_iam_member” most often.
resource "google_project_iam_member" "project_roles" {
# Creat a flat map with keys of the form `<role>=<member>` for use in the for_each
for_each = { for pair in local.project_roles : "${pair.role}=${pair.member}" => pair }
project = var.project
role = each.value.role
member = each.value.member
}
That code seems to be the culprit computing a new set of roles to compare which may or may not have matching etags. When etags do’t match I get the predictable, and sometimes long string of these:
~ resource "google_project_iam_member" "project_roles" {
~ etag = "BwXnKF8Pz8U=" -> "BwXnKLIJRsk="
is there a way to prevent this happening?