search

hashicorp / terraform-provider-aws

The AWS Provider enables Terraform to manage AWS resources.
https://registry.terraform.io/providers/hashicorp/aws
Mozilla Public License 2.0
9.71k stars 9.07k forks source link

[Bug]: Issue with force_destroy behavior in aws_backup_vault deletion #37774

Open emansawalhaa opened 3 months ago

emansawalhaa commented 3 months ago

Terraform Core Version

1.5.7

AWS Provider Version

5.51.1

Affected Resource(s)

Hi, When attempting to delete an AWS Backup Vault using Terraform with force_destroy set to true, Terraform fails on the first try with the error message "Backup vault cannot be deleted because it contains recovery points." However, upon inspection, it's observed that the recovery points are indeed deleted from the console after the initial failure. Subsequently, on the second apply, the recovery point value becomes 0, and the AWS Backup Vault is removed successfully without any issues.

Expected Behavior

Terraform should successfully delete the AWS Backup Vault on the first attempt when force_destroy is set to true, regardless of the presence of recovery points.

Actual Behavior

Terraform fails on the first attempt to delete the AWS Backup Vault, with the presence of recovery points. However, the recovery points are deleted, and the second apply will successfully remove the aws_backup_vault resource.

Relevant Error/Panic Output Snippet

Error Message (First Apply):

Error: deleting Backup Vault (dev-rds-vault): InvalidRequestException: Backup vault cannot be deleted because it contains recovery points.
{
  RespMetadata: {
    StatusCode: 400,
    RequestID: "0e9fa73d-75ab-4a94-9197-adadf35e632c"
  },
  Code_: "ERROR_9101",
  Message_: "Backup vault cannot be deleted because it contains recovery points."
}

Terraform Configuration Files

resource "aws_backup_vault" "this" {
  name           = "dev-rds-vault"
  force_destroy  = true
  # Other attributes...
}

Steps to Reproduce

  1. Set up Terraform configuration with an AWS Backup Vault resource and set force_destroy to true with the existence of recovery points.
  2. Apply the destroy plan to delete the AWS Backup Vault.

Debug Output

Terraform Output (First Apply - Plan):

- resource "aws_backup_vault" "this" {
    - name            = "dev-rds-vault" -> null
    - recovery_points = 1 -> null
    # Other attributes...
  }

Terraform Output (Second Apply - Plan):

- resource "aws_backup_vault" "this" {
    - name            = "dev-rds-vault" -> null
    - recovery_points = 0 -> null
    # Other attributes...
  }

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

None

github-actions[bot] commented 3 months ago

Community Note

Voting for Prioritization

Volunteering to Work on This Issue