Nutanix Cluster Information
Terraform Version
It is a GitLab pipeline, run a gitlab provided official docker image, uses opentofu:
registry.gitlab.com/components/opentofu/gitlab-opentofu:2.10.2-opentofu1.9.1-alpine
Affected Resource(s)
Terraform Configuration Files
#main.tf
resource "nutanix_users_v2" "user" {
for_each = var.nutanix_users
username = each.value.username
user_type = each.value.user_type
password = var.nutanix_user_passwords[each.key]
email_id = each.value.email
display_name = each.value.display_name
first_name = each.value.first_name
last_name = each.value.last_name
force_reset_password = each.value.force_reset_password
status = each.value.status
}
#vars.tf
variable "pc" {
description = "Connection details for Nutanix. This can be Prism Central and Prism element as well."
type = object({
address = string
username = string
password = string
})
}
variable "nutanix_user_passwords" {
type = map(string)
sensitive = true
}
variable "nutanix_users" {
type = map(object({
username = string
email = string
user_type = string
display_name = string
first_name = string
last_name = string
force_reset_password = bool
status = string
}))
}
#test.tfvars
nutanix_users = {
"test1" = {
username = "test_1"
email = "some@email.com"
user_type = "LOCAL"
display_name = "test_1"
first_name = "NetBox"
last_name = "Service Account"
force_reset_password = false
status = "ACTIVE"
},
"test2" = {
username = "test_2"
email = "some2@email.com"
user_type = "LOCAL"
display_name = "test_2"
first_name = "NetBox"
last_name = "Service Account"
force_reset_password = false
status = "ACTIVE"
}
}
#provider.tf
terraform {
required_providers {
nutanix = {
source = "nutanix/nutanix"
version = "2.3.0"
}
}
}
provider "nutanix" {
endpoint = var.pc.address
username = var.pc.username
password = var.pc.password
insecure = true
wait_timeout = 30
session_auth = true
}Debug Output
Panic Output
Expected Behavior
IaC plan detect the password change, apply the change, and user has the new password associated with it.
Actual Behavior
The code runs without issue for first try (to create user with original password). But when you change the password of the user, in IaC code, OpenToFu / Terraform should detect, and apply the password changes in the nutanix (prims central, or prism element). Instead of that, plan detects the changes, IaC code runs, and looks like password changed, but not in the the Prism Central. The user has the same, original password.
So tofu / terraform thinks, the password was changed for the user, for next plan(s) it does not detect any drift, but in reality, the user's password was not changed.
Steps to Reproduce
terraform apply
Important Factors
- #0000 <!---Github Issue number --->
Nutanix Cluster Information
Terraform Version
It is a GitLab pipeline, run a gitlab provided official docker image, uses opentofu:
Affected Resource(s)
Terraform Configuration Files
Debug Output
Panic Output
Expected Behavior
IaC plan detect the password change, apply the change, and user has the new password associated with it.
Actual Behavior
The code runs without issue for first try (to create user with original password). But when you change the password of the user, in IaC code, OpenToFu / Terraform should detect, and apply the password changes in the nutanix (prims central, or prism element). Instead of that, plan detects the changes, IaC code runs, and looks like password changed, but not in the the Prism Central. The user has the same, original password.
So tofu / terraform thinks, the password was changed for the user, for next plan(s) it does not detect any drift, but in reality, the user's password was not changed.
Steps to Reproduce
terraform applyImportant Factors