[Bug]: Updating vault_kv_secret_v2 disable_read errors when using data_json_wo #2588
Description
Terraform Core Version
1.13.0
Terraform Vault Provider Version
5.2.0
Vault Server Version
1.20.1
Affected Resource(s)
vault_kv_secret_v2
Expected Behavior
Given this code (already existing and applied):
resource "vault_kv_secret_v2" "mtls_cert_private" {
mount = "kvv2"
name = "some_path"
data_json_wo = jsonencode({
private = ephemeral.tls_private_key.mtls_cert.private_key_pem
})
delete_all_versions = true
}And I add the flag disable_read = true.
It should update this in the state only, not trying to do a request to vault.
Actual Behavior
It plans correctly like:
# vault_kv_secret_v2.mtls_cert_private will be updated in-place
~ resource "vault_kv_secret_v2" "mtls_cert_private" {
~ disable_read = false -> true
id = "kvv2/somepath"
name = "somepath"
# (6 unchanged attributes hidden)
# (1 unchanged block hidden)
}
But then i get the following error on apply:
╷
│ Error: data_json "" syntax error: unexpected end of JSON input
│
│ with vault_kv_secret_v2.mtls_cert_private,
│ on ./main.tf line 98, in resource "vault_kv_secret_v2" "mtls_cert_private":
│ 98: resource "vault_kv_secret_v2" "mtls_cert_private" {This implies calls are happening for this change, which ofcourse fails because i initially wrote the value from an epehemeral value.
Would you like to implement a fix?
None