Update key_prefix resource to only write updated keys

[mbillow]

Overview

Currently the consul_key_prefix resource reads all of the keys from Consul, compares this against the provided configuration, and rewrites all of the existing keys whether they have been updated or not. This is causes a large amount of needless writes when the resource is used to manage keys at scale. This change simply adds validation if a subkey or items in the subkeys map are in the correct state and skips them in the update stage.

This change also makes the change plans that Terraform generates match the eventual API calls made to Consul.

Previously, this change actually made 9 API calls, now it properly makes 2, like the plan suggests:

Terraform will perform the following actions:

  # consul_key_prefix.myapp_config will be updated in-place
  ~ resource "consul_key_prefix" "myapp_config" {
        id          = "myapp/config/"
      ~ subkeys     = {
          - "gux" = "gux" -> null
          + "hux" = "hux"
            # (7 unchanged elements hidden)
        }
        # (2 unchanged attributes hidden)
    }

PCI review checklist

• I have documented a clear reason for, and description of, the change I am making.

• If applicable, I've documented a plan to revert these changes if they require more than reverting the pull request.

• If applicable, I've documented the impact of any changes to security controls.

  Examples of changes to security controls include using new access control methods, adding or removing logging pipelines, etc.