Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.
• If an issue is assigned to a user, that user is claiming responsibility for the issue.
• Customers working with a Google Technical Account Manager or Customer Engineer can ask them to reach out internally to expedite investigation and resolution of this issue.

Terraform Version & Provider Version(s)

Terraform v1.7.0
on darwin_amd64

Affected Resource(s)

google_datastream_connection_profile

Terraform Configuration

#example 
resource "google_datastream_connection_profile" "default" {
    display_name          = "Connection profile"
    location              = "us-central1"
    connection_profile_id = "my-profile"

    gcs_profile {
        bucket    = var.my_bucket
        root_path = "/path"
    }

    forward_ssh_connectivity {
        hostname = var.hostname
        username = var.username
        port     = var.port
        private_key = var.private_key #forces replacement
    }

}

Debug Output

No response

Expected Behavior

The Cloud SDK documentation for the SSH tunnel states the private key is mutable. I'd like to propose google_datastream_connection_profile is updated-in-place when a private key is updated in forward_ssh_connectivity

Actual Behavior

Updating the private key in forward_ssh_connectivity forces a connection profile replacement. When a stream has a connection profile that is replaced it results in an unrecoverable failed stream.

Steps to reproduce

1. terraform plan

Important Factoids

No response

References

Connection-Profiles Cloud SDK

b/358666784