Open imsathyakumar opened 2 years ago
In my case, I had created a default VPC using the AWS provider through terraform. I had also mentioned force_destroy = true
. After doing terraform destroy
, I even got a log aws_default_vpc.default: Destroying... [id=vpc-XXXXXXX]
and aws_default_vpc.default: Destruction complete after 0s
. However, it was not deleted and was still visible through the AWS console.
I tried to do terraform destroy
again, but it did not work because, according to terraform, there were no changes to do as the resources were already deleted. However, I was still able to see the VPC through AWS console.
I am getting the same issue due to the internet gateway not allowing the VPC to delete from terraform.
2023-01-06T12:20:18.207+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: Action=DeleteVpc&Version=2016-11-15&VpcId=vpc-07b81b4b0e659****
2023-01-06T12:20:18.207+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: -----------------------------------------------------
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: [DEBUG] [aws-sdk-go] DEBUG: Response ec2/DeleteVpc Details:
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: ---[ RESPONSE ]--------------------------------------
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: HTTP/1.1 400 Bad Request
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: Connection: close
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: Transfer-Encoding: chunked
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: Cache-Control: no-cache, no-store
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: Content-Type: text/xml;charset=UTF-8
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: Date: Fri, 06 Jan 2023 01:20:18 GMT
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: Server: AmazonEC2
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: Strict-Transport-Security: max-age=31536000; includeSubDomains
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: Vary: accept-encoding
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: X-Amzn-Requestid: cdb95100-be50-49d1-952b-34a0f72e0d6e
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5:
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5:
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: -----------------------------------------------------
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: [DEBUG] [aws-sdk-go] <?xml version="1.0" encoding="UTF-8"?>
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: <Response><Errors><Error><Code>DependencyViolation</Code><Message>The vpc 'vpc-07b81b4b0e659****' has dependencies and cannot be deleted.</Message></Error></Errors><RequestID>cdb95100-be50-49d1-952b-34a0f72e0d6e</RequestID></Response>
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: [DEBUG] [aws-sdk-go] DEBUG: Validate Response ec2/DeleteVpc failed, attempt 0/25, error DependencyViolation: The vpc 'vpc-07b81b4b0e659****' has dependencies and cannot be deleted.
2023-01-06T12:20:19.410+1100 [DEBUG] provider.terraform-provider-aws_v4.49.0_x5: status code: 400, request id: cdb95100-be50-49d1-952b-34a0f72e0d6e
Hello, we are seeing this issue as well when trying to delete a default VPC. Getting something like "errorMessage": "The vpc 'vpc-XYZ' has dependencies and cannot be deleted.",
We've managed to replicate this issue as well. The default VPC cannot be destroyed by Terraform because it depends on the default IGW.
aws_default_vpc.default: Still destroying... [id=vpc-1234567890, 4m50s elapsed]
╷
│ Error: deleting EC2 VPC (vpc-1234567890): operation error EC2: DeleteVpc, https response error StatusCode: 400, RequestID: 1904efaa-fb89-4fb1-9ec5-4b22c46f45c9, api error DependencyViolation: The vpc 'vpc-1234567890' has dependencies and cannot be deleted.
│
There's no such thing as a default IGW, so the only way is to import it and destroy it afterwards.
Community Note
Terraform CLI and Terraform AWS Provider Version
Affected Resource(s)
aws_default_vpc
Terraform Configuration Files
Please include all Terraform configurations required to reproduce the bug. Bug reports without a functional reproduction may be closed without investigation.
Expected Behavior
When the
terraform destroy -target 'aws_default_vpc.default_vpc'
is run, expect the Internet gateway to get detached from the VPC and deleted. Followed by the VPC deletionActual Behavior
Important Factoids
There is no
force_destroy
option in Internet gateway and internet gateway attachment to get it added into the current state like in default_vpc, default_subnets. Without default internet gateway getting detached and deleted, there are no options to get the default VPC destroyed. This ruins the purpose of force_destroy in aws_default_vpc resource.