Service Account change in google_bigquery_data_transfer_config forces replacement

[giulianobr]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.
• If an issue is assigned to the modular-magician user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to hashibot, a community member has claimed the issue already.

Terraform Version

1.4.2

Affected Resource(s)

• google_bigquery_data_transfer_config

Google Provider version

4.59

Terraform Configuration Files

In the resource "google_bigquery_data_transfer_config" if you change the service_account_name after you already applied your tf plan, the new apply will force replace the Scheduled Query.

Why is this happening, if we can replace the service account in a scheduled query using the following cmd:

bq update \
--transfer_config \
--update_credentials \
--service_account_name=service.account@gcpproject.iam.gserviceaccount.com \
projects/xxxxxxxx/locations/us/transferConfigs/xxxxxxxx-xxxxx-xxxx-xxxx-xxxxx

Thanks,

[edwardmedia]

Looks like it could take below updateMask

query: ?updateMask=transfer_config.scheduleOptions%2Cservice_account_name&serviceAccountName=myaccount%40myproject.iam.gserviceaccount.com&%24.xgafv=2&alt=json

[zli82016]

@giulianobr , can you please provide the config if possible? Thanks.

[giulianobr]

Hi, I'm using a simple one, like this:

resource "google_bigquery_data_transfer_config" "temp_query" {
  display_name         = "Temp Scheduled Query to test owner change"
  location             = "US"
  data_source_id       = "scheduled_query"
  schedule             = "every 15 minutes"
  service_account_name = google_service_account.sa_bq_usage_queries.email
  email_preferences {
    enable_failure_email = true
  }
  params = {
    query = <<EOT
        select current_date()
        EOT
  }
}

For testing purpose, try to create it without the service_account_name, apply the code, then include it again and apply it. You will see Terraform will force-replace the resource, instead of, in place modification.

[zli82016]

It looks like setting the update_mask accordingly for a url_param_only is currently not supported in magic-modules and needs a workaround.

https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/products/bigquerydatatransfer/Config.yaml#L60

[giulianobr]

So, there's a way to solve it ? @zli82016 and @edwardmedia

[zli82016]

Unfortunately, I do not find a way to solve it.

[rileykarson]

Note: Looks harder than size/s, marking size/m. Update support is considered a feature request, not a bug.

[trodge]

b/280337862

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.