GCP - "Terraform Import" on VPC SC Perimeter removing Access List

Question

I am trying to import VPC SC Perimeter in to terraform state, but the plan shows removing one Access Level(test_ent_perim_access_002) in the perimeter, not sure why. Also Access List "test_ent_perim_access_001" is getting removed and again added.

Below is the resource

resource "google_access_context_manager_service_perimeter" "test-ent-prod-perim-001" {
    parent         = "accessPolicies/263896276372"
    name           = "accessPolicies/263896276372/servicePerimeters/test_ent_prod_perim_001"
    title          = "test_ent_prod_perim_001"
    description = "Test Org VPC SC perimeter"
    perimeter_type = "PERIMETER_TYPE_REGULAR"
    status {
      resources = ["7654356728263"]
      restricted_services = ["bigquery.googleapis.com"]
          access_levels       = [
              "accessPolicies/263896276372/accessLevels/test_onprem_ipwhitelist",
              "accessPolicies/263896276372/accessLevels/test_ent_cmn_perim_access_001",
              "accessPolicies/263896276372/accessLevels/test_ent_perim_access_001",
              "accessPolicies/263896276372/accessLevels/test_ent_perim_access_002",
              ]
    }
  }

Below is the import command

- terraform import --var-file=$VARS --var-file=$BACKEND --var-file=vars/$ENV/terraform.tfvars google_access_context_manager_service_perimeter.test-ent-prod-perim-001 accessPolicies/263896276372/servicePerimeters/test_ent_prod_perim_001

Below is the plan where it shows the removal of Access Level

Terraform will perform the following actions:
  # google_access_context_manager_service_perimeter.test-ent-prod-perim-001 will be updated in-place
  ~ resource "google_access_context_manager_service_perimeter" "test-ent-prod-perim-001" {
      ~ description               = "Perimeter shielding projects" -> "Prod VPC perimeter"
        id                        = "accessPolicies/263896276372/servicePerimeters/test_ent_prod_perim_001"
        name                      = "accessPolicies/263896276372/servicePerimeters/test_ent_prod_perim_001"
        # (4 unchanged attributes hidden)
      ~ status {
          ~ access_levels       = [
              - "accessPolicies/263896276372/accessLevels/test_ent_perim_access_001",
                "accessPolicies/263896276372/accessLevels/test_onprem_ipwhitelist",
                # (1 unchanged element hidden)
                "accessPolicies/263896276372/accessLevels/test_ent_perim_access_002",
              - "accessPolicies/263896276372/accessLevels/test_ent_perim_access_002",
              + "accessPolicies/263896276372/accessLevels/test_ent_perim_access_001",
            ]
            # (2 unchanged attributes hidden)
        }
        # (1 unchanged block hidden)
    }
Plan: 0 to add, 1 to change, 0 to destroy.

GCP - "Terraform Import" on VPC SC Perimeter removing Access List

0 Answers0