update vault_jwt_auth_backend description should not force replacement

[thomas-riccardi]

Terraform Version

Terraform v0.15.0
on linux_amd64
+ provider registry.terraform.io/hashicorp/vault v2.19.0

Affected Resource(s)

Please list the resources as a list, for example:

• vault_jwt_auth_backend
• possibly other auth backends ?

Terraform Configuration Files

provider "vault" {
}
resource "vault_jwt_auth_backend" "oidc" {
  description = "first description"
  path        = "oidc"
  type        = "oidc"

  oidc_discovery_url = var.oidc_discovery_url
  oidc_client_id     = var.oidc_client_id
  oidc_client_secret = var.oidc_client_secret

  default_role = "developer"
}

Scenario

Expected Behavior

Terraform updates the oid auth backend description without deleting and re-creating it. i.e. the equivalent of vault auth tune oidc/ description='new description'.

Actual Behavior

Terraform force replacement of the vault_jwt_auth_backend upon description update.

  # vault_jwt_auth_backend.oidc must be replaced
-/+ resource "vault_jwt_auth_backend" "oidc" {
      ~ accessor               = "auth_oidc_714fe51c" -> (known after apply)
      - bound_issuer           = "" -> null
      ~ description            = "first description" -> "new description" # forces replacement
      ~ id                     = "oidc" -> (known after apply)
...

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

1. terraform apply
2. update the vault_jwt_auth_backend.oidc.description
3. terraform apply

[benashz]

Fixed in #1550