search

cloudposse / terraform-provider-awsutils

Terraform provider to help with various AWS automation tasks (mostly all that stuff we cannot accomplish with the official AWS terraform provider)
https://cloudposse.com/accelerate
Mozilla Public License 2.0
41 stars 9 forks source link

awsutils_default_vpc_deletion does nothing #26

Closed sebastianmacarescu closed 2 years ago

sebastianmacarescu commented 2 years ago

Describe the Bug

I'm trying to delete the default VPC using awsutils_default_vpc_deletion but nothing happens on apply. After apply it said it removed the default vpc with id vpc-caf666b7 but my default vpc id is vpc-d60a80ab After destroy then apply again it says there is no default VPC.

Code

terraform {
  required_providers {
    awsutils = {
      source  = "cloudposse/awsutils"
      version = "~> 0.11.0"
    }
  }
}

provider "awsutils" {
  region = "us-east-1"
}

resource "awsutils_default_vpc_deletion" "default" {
}

Additional Context

According to AWS SDK documentation from here: https://docs.aws.amazon.com/sdk-for-go/api/service/ec2/#DescribeVpcsInput the filter should be is-default but here https://github.com/cloudposse/terraform-provider-awsutils/blob/0.11.0/internal/service/ec2/find.go#L72 it is isDefault.

mcalhoun commented 2 years ago

Hi @sebastianmacarescu,

The fact that the provider reported that it found and deleted a VPC makes me believe that possibly there was a misconfiguration when specifying the region?

I have used the provider to delete default VPCs for several customers and just for sanity ran the following test to verify the logic is correct:

Using the aws-cli you can see I have two VPCs:

$ aws ec2 describe-vpcs

{
    "Vpcs": [
        {
            "CidrBlock": "172.31.0.0/16",
            "DhcpOptionsId": "dopt-4144d927",
            "State": "available",
            "VpcId": "vpc-7151eb08",
            "OwnerId": "226010001608",
            "InstanceTenancy": "default",
            "CidrBlockAssociationSet": [
                {
                    "AssociationId": "vpc-cidr-assoc-ee50e685",
                    "CidrBlock": "172.31.0.0/16",
                    "CidrBlockState": {
                        "State": "associated"
                    }
                }
            ],
            "IsDefault": true
        },
        {
            "CidrBlock": "10.99.0.0/16",
            "DhcpOptionsId": "dopt-4144d927",
            "State": "available",
            "VpcId": "vpc-05fff1a9b219ef790",
            "OwnerId": "226010001608",
            "InstanceTenancy": "default",
            "CidrBlockAssociationSet": [
                {
                    "AssociationId": "vpc-cidr-assoc-09004d20e6e48b6f0",
                    "CidrBlock": "10.99.0.0/16",
                    "CidrBlockState": {
                        "State": "associated"
                    }
                }
            ],
            "IsDefault": false,
            "Tags": [
                {
                    "Key": "Name",
                    "Value": "test2"
                }
            ]
        }
    ]
}

So I created this quick go program with the relevant code from the provider:

package main

import (
    "fmt"

    "github.com/aws/aws-sdk-go/aws"
    "github.com/aws/aws-sdk-go/aws/session"
    "github.com/aws/aws-sdk-go/service/ec2"
)

func main() {

    sess, _ := session.NewSession(&aws.Config{
        Region: aws.String("us-east-1")},
    )
    conn := ec2.New(sess)

    filters := []*ec2.Filter{
        {
            Name:   aws.String("isDefault"),
            Values: []*string{aws.String("true")},
        },
    }

    input := &ec2.DescribeVpcsInput{
        Filters: filters,
    }

    output, _ := conn.DescribeVpcs(input)
    fmt.Printf("%+v\n", output)
}

And when I execute the code, I get the default VPC as expected:

$ go run main.go

{
  Vpcs: [{
      CidrBlock: "172.31.0.0/16",
      CidrBlockAssociationSet: [{
          AssociationId: "vpc-cidr-assoc-ee50e685",
          CidrBlock: "172.31.0.0/16",
          CidrBlockState: {
            State: "associated"
          }
        }],
      DhcpOptionsId: "dopt-4144d927",
      InstanceTenancy: "default",
      IsDefault: true,
      OwnerId: "REDACTED",
      State: "available",
      VpcId: "vpc-7151eb08"
    }]
}
sebastianmacarescu commented 2 years ago

Hi @mcalhoun thank you for your response. I've doubled checked everything (account, region, etc) and everything seems correct. I have tried to use the module in a brand new account but it could not find any default VPC. Upon inspection I can see the default VPC but somehow the Default VPC field is No. If i switch to us-west-2 region then I can see a VPC with same settings but it's marked as Default.

I'm closing this as I think it's a bug in AWS.