Skip to content

Provider perpetually tries to add encryption_key on GCP instances despite null value #448

New issue
New issue
Open
Open
Provider perpetually tries to add encryption_key on GCP instances despite null value#448
Labels
terraform-provider
@jamiezieziula

Description

@jamiezieziula
jamiezieziula
opened on Feb 4, 2026

Environment:

  • Terraform ClickHouse Provider Version: 3.8.0
  • Cloud Provider: GCP
  • Affected Tier: Development instances

Description

When running Terraform apply against a development ClickHouse service, the provider consistently attempts to add the encryption_key attribute on every plan, even if I explicitly set the value to null in the configuration. This does not occur on production instances with identical configuration.

Configuration

resource "clickhouse_service" "clickhouse" {
  name           = "dev"
  cloud_provider = "gcp"
  region         = "us-east1"
  tier           = "development"

  encryption_key = null  # Explicitly set to null, but still shows in plan
}

or

resource "clickhouse_service" "clickhouse" {
  name           = "dev"
  cloud_provider = "gcp"
  region         = "us-east1"
  tier           = "development"
}

Expected Behavior

Since the ClickHouse API returns null for encryption_key on GCP instances (the attribute is only relevant for AWS), explicitly setting encryption_key = null should prevent Terraform from detecting drift or attempting to add this attribute.

Actual Behavior

On every terraform plan or terraform apply, the provider shows:

+ encryption_key = null

Metadata

Metadata

Assignees

No one assigned

    Labels

    terraform-provider

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions