Arg removal not properly applied for aws_secret_backend_role

[AndreasSko]

When an existing argument like policy_document is removed for aws_secret_backend_role, the change won't be properly applied to Vault, as it's only checking for existing data: If there is a removal, Terraform will simply not send the data to Vault. This results in constant attempts of Terraform to remove the data without success.

This changes the checks for what data should be sent to Vault, so arguments will always be set in case their data has changed (even if it's a change to null).

Community Note

• Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
• Please do not leave "+1" comments, they generate extra noise for pull request followers and do not help prioritize the request

Closes #742

Release note for CHANGELOG:

aws_secret_backend_role: Removal of arguments will be properly applied to Vault

Output from acceptance testing:

❯ AWS_ACCESS_KEY_ID=abcd AWS_ACCESS_KEY=abc AWS_SECRET_ACCESS_KEY=abd TESTARGS="-v --run TestAccAWSSecretBackendRole*" make testacc
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test $(go list ./...) -v -v --run TestAccAWSSecretBackendRole* -timeout 20m
?   	github.com/hashicorp/terraform-provider-vault	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/cmd/coverage	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/cmd/generate	[no test files]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/codegen	(cached) [no tests to run]
?   	github.com/hashicorp/terraform-provider-vault/generated	[no test files]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/generated/datasources/transform/decode	(cached) [no tests to run]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/generated/datasources/transform/encode	(cached) [no tests to run]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/generated/resources/transform/alphabet	(cached) [no tests to run]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/generated/resources/transform/role	(cached) [no tests to run]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/generated/resources/transform/template	(cached) [no tests to run]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/generated/resources/transform/transformation	(cached) [no tests to run]
?   	github.com/hashicorp/terraform-provider-vault/helper	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/schema	[no test files]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/util	(cached) [no tests to run]
=== RUN   TestAccAWSSecretBackendRole_basic
--- PASS: TestAccAWSSecretBackendRole_basic (1.87s)
=== RUN   TestAccAWSSecretBackendRole_import
--- PASS: TestAccAWSSecretBackendRole_import (1.24s)
=== RUN   TestAccAWSSecretBackendRole_nested
--- PASS: TestAccAWSSecretBackendRole_nested (1.50s)
PASS
ok  	github.com/hashicorp/terraform-provider-vault/vault	4.634s

[AndreasSko]

cc @universam1 @dhohengassner @icereed

[benashz]

LGTM!

Thank you for your contribution to HashiCorp!