Storage class reclaim_policy changes don't force recreation

[paul-civitas]

For a plan like this:

  # kubernetes_storage_class.ebs_csi will be updated in-place
  ~ resource "kubernetes_storage_class" "ebs_csi" {
        id                     = "ebs-sc"
      ~ reclaim_policy         = "Retain" -> "Delete"

It says you can change the reclaim_policy for the storage class.

When you apply it, it applies without error, but it doesn't actually do the change.

When you try and change it via kubectl or similar you get this error:

Failed to save resource: {"error":{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"StorageClass.storage.k8s.io \"ebs-sc\" is invalid: reclaimPolicy: Forbidden: updates to reclaimPolicy are forbidden.","reason":"Invalid","details":{"name":"ebs-sc","group":"storage.k8s.io","kind":"StorageClass","causes":[{"reason":"FieldValueForbidden","message":"Forbidden: updates to reclaimPolicy are forbidden.","field":"reclaimPolicy"}]},"code":422},"messages":["StorageClass.storage.k8s.io \"ebs-sc\" is invalid: reclaimPolicy: Forbidden: updates to reclaimPolicy are forbidden."],"isUsedForNotification":false}

"updates to reclaimPolicy are forbidden"

So there's two bugs here. The first is that this error isn't surfaced in a terraform apply, that the provider erroneously reports that the apply occurs without error.

The second bug is that changes to storage class don't force recreation of the resource, where they should due to the fact that updating the reclaim policy is forbidden..

[wad-hongsumin]

I agree. I think force_replacement should be displayed when attempting to change reclaim policy.