attempting to destroy aws_lakeformation_resource produces error

[WafflesMcDuff]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform AWS Provider Version

Terraform v0.13.6

• provider registry.terraform.io/hashicorp/aws v3.23.0

Affected Resource(s)

• aws_lakeformation_resource

Terraform Configuration Files

Please include all Terraform configurations required to reproduce the bug. Bug reports without a functional reproduction may be closed without investigation.

# Copy-paste your Terraform configurations here - for large Terraform configs,
# please use a service like Dropbox and share a link to the ZIP file. For
# security, you can also encrypt the files using our GPG public key: https://keybase.io/hashicorp
terraform {
  required_version = ">= 0.12"
}

provider "aws" {
  version = "~> 3.23"
  region  = "us-east-2"

}

data "aws_s3_bucket" "selected" {
  bucket = var.s3_bucket
}

resource "aws_lakeformation_resource" "main" {
  arn = data.aws_s3_bucket.selected.arn
}

Debug Output

Panic Output

Expected Behavior

terraform should be able to apply and destroy

Actual Behavior

apply works, destroy returns this error: Error: error deregistering Lake Formation Resource (arn:aws:s3:::mybucket): InvalidInputException: Must manually delete service-linked role to deregister last S3 location.

Steps to Reproduce

1. terraform apply
2. terraform destroy

Important Factoids

References

[trejas]

I see exactly the same behavior.

[tuannguyen0901]

Same here

[WafflesMcDuff]

Hmm wonder if we need to create a service linked role as a resource managed by this TF config in order so that destroy removes it?

[WafflesMcDuff]

@bflad - Who is the right person to tag for LakeFormation issues?

[abhihashi]

I had the same issue, tried rerunning my apply and seems to have worked. Anyone with the same experience ?

[pkdcloud]

Simulated @abhihashi 's retry as a stop gap to standup and terardown cleanly until a permanent fix is applied in a buildkite pipeline. ``

• label: ":terraform: Destroy" command: make destroy retry: automatic: true
  <<: *dev ``

[github-actions[bot]]

Marking this issue as stale due to inactivity. This helps our maintainers find and focus on the active issues. If this issue receives no comments in the next 30 days it will automatically be closed. Maintainers can also remove the stale label.

If this issue was automatically closed and you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thank you!