Auth0 Terraform Provider auth0_flow_vault_connection always changes when I run terraform plan

Help
,
1

Ready to post? :mag: First, try searching for your answer.
Hello everyone,

I am having some unexpected output when I run a terraform plan for my Auth0 terraform.

The problem is with the auth0_flow_vault_connection, I have my resource like this:

resource "auth0_flow_vault_connection" "actions_connection" {
  name         = "Auth0 Actions Connection"
  app_id       = "AUTH0"
  setup = {
    client_id     = data.auth0_client.actions_client.client_id
    client_secret = data.auth0_client.actions_client.client_secret
    domain        = var.auth0_domain
    type          = "OAUTH_APP"
  }
}

I applied the terraform with this new resource and it was created. The problem is when I run another terraform plan, the plan shows aways that the resources has changed even if I didn’t make any change. The output I see is:

Terraform will perform the following actions:

  # auth0_flow_vault_connection.actions_connection will be updated in-place
  ~ resource "auth0_flow_vault_connection" "actions_connection" {
      ~ account_name = <auth0-tenant>.us.auth0.com" -> null
        id           = "ac_xxxxxxxxxxxxxxx"
        name         = "Auth0 Actions Connection"
      - ready        = true -> null
      ~ setup        = (sensitive value)
        # (3 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

My expectation here is that if I don’t make any change to the resource then the terraform plan should not show any change for the resource.

Maybe have you seen that before, do you know how to fix it?

1 Like
3

Hi @hhurtado

Welcome back to the Auth0 Community!

When Terraform creates the plan, it does two separate actions for each of your instances:

  • Terraform reads the lates values that have been associated with the resource, taking into the account any changes you have made outside it.
  • Compares the resource against the configuration to check for any differences, proposing them in order for the resource to match the configuration

There might be something detected in one of these actions and there might not be any actual changes. I would advise to to check the connection’s settings that you are attempting to plan with Terraform and then apply them and check if any changes actually took place.

I am not sure why this might be the case, as mentioned above, it might detect some changes in either the configuration or resource.

Let me know if you have any additional questions or if the terraform still displays possible changes on the specific connection. If you notice some actual changes, feel free to let us know what was causing this discrepancy.

Kind Regards,
Nik