Erroneous update-in-place on datadog_monitor_json with restriction policy

[sscheible]

Datadog Terraform Provider Version

v3.42.0

Terraform Version

v1.9.0

What resources or data sources are affected?

datadog_monitor_json

Terraform Configuration Files

resource "datadog_monitor_json" "sample_monitor" {
  monitor = <<-EOF
{
	"id": 18360519,
	"name": "Sample Monitor",
	"type": "log alert",
	"query": "logs(\"env:prod\").index(\"*\").rollup(\"count\").last(\"5m\") > 1",
	"message": "Sample Monitor is firing",
	"tags": [
		"team:datadog-project"
	],
	"options": {
		"thresholds": {
			"critical": 1
		},
		"enable_logs_sample": false,
		"notify_audit": false,
		"on_missing_data": "default",
		"include_tags": false,
		"new_host_delay": 300,
		"groupby_simple_monitor": false,
		"silenced": {}
	},
	"priority": null,
	"restriction_policy": {
		"bindings": [
			{
				"relation": "editor",
				"principals": [
					"team:67885f39-07e6-43bb-83a1-b12b656c41f5"
				]
			},
			{
				"relation": "viewer",
				"principals": [
					"org:4e66b06e-40d3-11ee-b8d2-da7ad0900005"
				]
			}
		]
	}
}
EOF
}

Relevant debug or panic output

  # datadog_monitor_json.sample_monitor will be updated in-place
  ~ resource "datadog_monitor_json" "sample_monitor" {
        id      = "18360519"
      ~ monitor = jsonencode(
          ~ {
                name               = "Sample Monitor"
              + restriction_policy = {
                  + bindings = [
                      + {
                          + principals = [
                              + "team:67885f39-07e6-43bb-83a1-b12b656c41f5",
                            ]
                          + relation   = "editor"
                        },
                      + {
                          + principals = [
                              + "org:4e66b06e-40d3-11ee-b8d2-da7ad0900005",
                            ]
                          + relation   = "viewer"
                        },
                    ]
                }
                tags               = [
                    "team:datadog-project",
                ]
                # (5 unchanged attributes hidden)
            }
        )
    }

Expected Behavior

tf plan should show no changes

Actual Behavior

tf plan shows that terraform would add the restriction policy (which is already in place, confirmed via UI)

Steps to Reproduce

1. terraform apply # (to create the monitor with restriction policy)
2. terraform plan # (to see if the plan differs from what has just been created)

Important Factoids

Related resource datadog_monitor does not support restriction policies at all, might be a related omission in the implementation within datadog_monitor_json

References

No response

[atze234]

We're experiencing the same issue 👍

[sa-dbilling]

We're also seeing this issue on the latest provider version 3.50.0

[AlexVasiukov]

This issue is still actual.

[jcpoconnor]

Seeing same issue as well.

[sscheible]

If I'm reading https://github.com/DataDog/terraform-provider-datadog/pull/2767 right (which was merged just after v3.53.0), next release v3.54.0 should have a fix

[AlexVasiukov]

@sscheible, as I see, #2767 was not merged. It was closed. So, the issue is still actual.

[AlexVasiukov]

@ecdatadog, @sanjaythakkar-dd, Are there any expectations regarding the fix for this bug?
It seems like a simple fix is required.
However, the bug was reported in August last year and is still relevant.

[ecdatadog]

I agree the issue is relevant (so the issue is still opened) but we are still looking on how to fix properly the issue.

[sscheible]

I agree the issue is relevant (so the issue is still opened) but we are still looking on how to fix properly the issue.

@ecdatadog any news? It's been a while, and the issue keeps polluting terraform plans to unreadability. Still actual with Terraform v1.11.4 and datadog provider v3.63.0

For the record, we would also be happy to use datadog_monitor if the Monitor UI export would include restriction policy