azure_rm_virtualmachineextension always changed

[UnwashedMeme]

An azure_rm_virtualmachineextension always reports as changed even when nothing changes.

I have used this module to make 3 extensions and 2 are always listed as having changes-- the two that use protected_settings. I noticed in the output it shows state.protected_settings is null even though I am setting that in my ansible config.

To reproduce:

• Try to add the JsonADDomainExtension to a windows VM, passing the password as a protected_setting
• Don't modify anything and repeat -- it still reports changes.

e.g.

- name: "Create VM Extension to join AD"
  delegate_to: localhost
  tags:
    - vm
    - base
  vars:
    extension_settings:
      Name: "{{ domain_name }}"
      User: "{{ domain_admin_user }}"
      Restart: "true"
      Options: "3"
      OUPath: "{{ domain_server_ou }}"
    protected_extension_settings:
      Password: "{{ domain_admin_password }}"
  azure_rm_virtualmachineextension:
    name: "join-domain"
    virtual_machine_extension_type: "JsonADDomainExtension"
    resource_group: "{{ resource_group_vm }}"
    virtual_machine_name: "{{ inventory_hostname }}"
    publisher: "Microsoft.Compute"
    type_handler_version: "1.3"
    auto_upgrade_minor_version: true
    settings: "{{ extension_settings | to_json }}"
    protected_settings: "{{ protected_extension_settings | to_json }}"

I'm guessing that the Azure API doesn't return protected_settings so when the code looks for a change (right about here) it is always different.