Open t-dever opened 2 years ago
Upon investigation, this behavior can be explained due to that current design, destroy does not do anything other than state removal, as you have observed. This is because the default value is currently different for cloud providers, for now.
We can make destroying this resource disable the management option, when the default behavior is false for all clouds, under the controller.
For now, a workaround for this is to use a variable for the setting, and you can have it default to true (to maintain workflow of having to just use terraform apply
for initial setup).
For cleanup, you can pass the variable value as false at runtime in the CLI using -var
(eg. terraform apply -var foo_variable_name=false
), and then proceed with destroy as normal
Describe the problem
Please describe the issue you observed, and any steps we can take to reproduce it:
To Reproduce
What did you do? Describe in your own words.
Applying the above terraform code works for enabling security group management. When destroying the code it will remove the security group management from state but it will not "Disable" the security group management. Therefore, deleting the account will fail since it's still configured for security group management.
If possible, provide steps to reproduce the behavior:
terraform init
terraform apply -var=application_key="<insert application key>"
terraform apply -destroy
Expected behavior When terraform removes the
aviatrix_controller_security_group_management_config
resource it should also disable it.Additional data / screenshots Include any relevant tf files.
Error Message:
If applicable, add screenshots to help explain your problem.
Environment:
Additional context What was the impact?
Unable to destroy configured resources in the controller.
Add any other context about the problem here.