Closed hknutsen closed 3 months ago
@equinor/terraform-baseline-maintainers I think the prevent_destroy
meta-argument should be removed from the database submodule, and that an Azure delete lock should be preferred instead (as documented in best practices).
@equinor/terraform-baseline-maintainers I think the
prevent_destroy
meta-argument should be removed from the database submodule, and that an Azure delete lock should be preferred instead (as documented in best practices).
I agree. We could document in the README.md
that its recommended to use the prevent_destroy
meta-argument and/or demonstrate in the examples how its used with a comment?
@equinor/terraform-baseline-maintainers After some testing, I can confirm that resources configured with prevent_destroy
can still be explicitly destroyed by commenting out the relevant module block. I think this is an argument in favor of allowing (and maybe even promoting) the use of this meta-argument, to prevent accidental deletion of stateful resources such as databases and storage, then commenting out modules if you need to explicitly delete something. Thoughts? 🙂
Module Name
sql
Module Version
10.3.1
Terraform Version
1.8.0
Description
Use of the
prevent_destroy
meta-argument in the database submodule prevents the use ofterraform destroy
to explicitly destroy a database, for example during a disaster recovery drill where we tear everything down to rebuild it. This prevents any teardown of databases using Terraform, which means that databases will have to be tore down using other tools (e.g. using theaz sql db delete
Azure CLI command), which can lead to dangling resources (e.g. diagnostic settings) that might then lead to errors during future applies.Relevant lines of code that I think should be removed: https://github.com/equinor/terraform-azurerm-sql/blob/deb06d70f3c90b8747dabf0bcdf99786d8034587/modules/database/main.tf#L52-L55
Example Terraform Configuration
No response
Steps to Reproduce
No response