Assigned
Status Update
No update yet.
Comments
ba...@google.com
on...@google.com
Hello,
Thanks for reaching out to us!
The Product Engineering Team has been made aware of your feature request, and will address it in due course. Though we can't provide an ETA on feature requests nor guarantee their implementation, rest assured that your feedback is always taken very seriously, as it allows us to improve our products. Thank you for your trust and continued support to improve Google Cloud Platform products.
In case you want to report a new issue, please do not hesitate to create a new [Issue Tracker]
Thanks and Regards,
Onkar Mhetre
Google Cloud Support
Description
Problem you have encountered:
The customer wants to perform bulk operation to remove the deleted service principals/accounts from the dry-run and enforced perimeter using Terraform.
Steps to reproduce:
Methods with bulk operation worked and were able to remove the non-existing service accounts.
However, the new terraform-plan is not able to match the IaC code with the "updated" egress rule from the gcloud command. Therefore, the terraform-plan thinks the rule is not there and wants to create a new egress rule, but the "apply" fails because the object already exists.
Further, used the same bulk update methods to remove the egress rules in question and let terraform re-apply the objects and it worked.
Therefore, this feature request has been raised to have a possibility to remove non-existing service accounts with terraform apply.
Other information (workarounds you have tried, documentation consulted, etc):