consul_acl_role_policy_attachment does not reliably get saved in state

[reskin89]

Hi there,

Thank you for opening an issue. Please note that we try to keep the Terraform issue tracker reserved for bug reports and feature requests. For general usage questions, please see: https://www.terraform.io/community.html.

Terraform Version

Terraform v1.6.6
on linux_arm
+ provider registry.terraform.io/hashicorp/consul v2.20.0

Affected Resource(s)

Please list the resources as a list, for example:

• consul_acl_role_policy_attachment

Terraform Configuration Files

data "consul_acl_role" "mgmt_role" {
  name = split("-", var.client)[1]
}

# Attach the acl policy to the management token created.  If the team name for this application changes, it will then re-attach it to a new management token
resource "consul_acl_role_policy_attachment" "app-management" {
  count   = terraform.workspace == "default" ? 0 : length(local.service_names)
  role_id = data.consul_acl_role.mgmt_role.id
  policy  = consul_acl_policy.app-management[count.index].name
}

Debug Output

Unavailable

Expected Behavior

The policy attachments should all be stored in state

Actual Behavior

They are not consistently added in state, leading to a plan that shows it needs to be added, which errors out because its already there in consul

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

1. create a set of consul acl policies, a role, and attach those policies to this role
2. terraform plan and apply them

Important Factoids

No

References

NA