search

digitalocean / terraform-provider-digitalocean

Terraform DigitalOcean provider
https://registry.terraform.io/providers/digitalocean/digitalocean/latest/docs
Mozilla Public License 2.0
505 stars 276 forks source link

Unable to destroy the VPC provisioned with terraform #472

Open ghost opened 4 years ago

ghost commented 4 years ago

Hi there,

Thank you for opening an issue. Please note that we try to keep the Terraform issue tracker reserved for bug reports and feature requests. For general usage questions, please see: https://www.terraform.io/community.html.

Terraform Version

Terraform version: 0.12.29

Affected Resource(s)

Please list the resources as a list, for example:

Terraform Configuration Files

variable "do_token" {}
variable "pub_key" {}
variable "pvt_key" {}
variable "ssh_fingerprint" {}

provider "digitalocean" {
  token = var.do_token
}

resource "digitalocean_vpc" "example" {
  name     = "example-project-network"
  region   = "nyc3"
  ip_range = "10.10.10.0/24"
}

Debug Output

https://gist.github.com/outlawvik/175648e995aff182cec080ea765499b0

Panic Output

NA

Expected Behavior

Unable to delete the VPC with the destroy command

Actual Behavior

digitalocean_vpc.example: Still destroying...

Steps to Reproduce

Please list the steps required to reproduce the issue, for example: Create the VPC as per the guidance in the document https://registry.terraform.io/providers/digitalocean/digitalocean/latest/docs/resources/vpc

  1. terraform plan
  2. terraform apply
  3. terraform destroy

Note: there is no problem in resource creation, only destroy has a issue.

Important Factoids

NA

References

NA

jonathanvansina commented 4 years ago

See your debug output line 21:

"message": "Can not delete default VPCs",

It's just as clear as this. You can't delete the default VPC.

Beside this, I don't understand why it's not possible to delete a default VPC by the API. It's logic that you can't delete a VPC with droplets (or other resources) attached to it. But if a VPC is attached to anything, it seems logic that you can delete it, even it's the default VPC.

ghost commented 4 years ago

Thanks for the review, I already have a default VPC, the VPC I am trying to remove is not the default one, I was aware of the context "message": "Can not delete default VPCs" but as it was not the default one as well as its not connected to any of the resources, due to the reason I requested the issue.

jonathanvansina commented 4 years ago

I just did a little test with your code and I can confirm that I'm having the same issue. But I saw what happened here. You created your first VPC for the NYC3 region, that VPC will automatically be your default VPC. And so as I mentioned that you can't delete a default VPC, Terraform will fail here (as of the API).

I repeat the same as in my previous post.. I don't understand why you can't delete a default VPC with no resources attached to it. This is not logic in this Terraform context.

andrewsomething commented 4 years ago

Unfortunately, this is a restriction in the DigitalOcean API, not something imposed by Terraform. There are plans to allow changing the default VPC for a region, but currently the first one created in a region is its default and the default can not be delete. I've passed this feedback along to the VPC team at DO.