Blocker: NixOps tries to delete a non-existing AWS resource

[coretemp]

nixops destroy -d mydeployment outputs:

fooResource..................> deleting EC2 security group `fooResource' ID `None'...

  * fooResource: EC2ResponseError: 400 Bad Request
<?xml version="1.0" encoding="UTF-8"?>
<Response><Errors><Error><Code>MissingParameter</Code><Message>The request must contain the parameter groupName or groupId</Message></Error></Errors>

I expected that my fooResource would be deleted without errors. I also don't expect a Python thing like "None" in user facing output.

The state has been created by some set of NixOps invocations; I did not delete any resource manually.

[coretemp]

This is the same issue, but for Hetzner. https://github.com/NixOS/nixops/issues/707

[coretemp]

nixops info shows:

fooResource | Starting / Obsolete | ec2-security-group [eu-west-1] | fooResourceNix    |     |

I don't really see how an ec2-security-group can be in "Starting" mode. Something like "Constructing" would make sense, but "Starting" is more suitable for EC2 instances. I am also not sure how it can be in two states. Either it should be obsolete or it should be starting, not both.

All this persists regardless of calls to nixops check.

[roberth]

This still happens. In my case the security group already existed before it was created and it appears that the id isn't saved for pre-existing security groups. Note the ID 'None' in

fooResource..................> deleting EC2 security group `fooResource' ID `None'...