google_compute_address: the resource already exists when trying to replace

lripoche commented 5 months ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
If you are interested in working on this issue or have submitted a pull request, please leave a comment.
If an issue is assigned to a user, that user is claiming responsibility for the issue.
Customers working with a Google Technical Account Manager or Customer Engineer can ask them to reach out internally to expedite investigation and resolution of this issue.

Terraform Version

Terraform v1.7.5 on linux_amd64

provider registry.terraform.io/hashicorp/google v4.84.0
provider registry.terraform.io/hashicorp/google-beta v4.84.0
provider registry.terraform.io/hashicorp/random v3.6.0

Your version of Terraform is out of date! The latest version is 1.8.1. You can update by downloading from https://www.terraform.io/downloads.html

Affected Resource(s)

google_compute_address

Terraform Configuration

resource "google_compute_address" "private_ip" {
  depends_on = [module.project_services, , google_compute_network.private_network]
  project    = var.deployment_project_id

  name         = format("%s-private-ip", var.environment_name)
  subnetwork   = google_compute_network.private_network.id
  address_type = "INTERNAL"
  purpose      = "GCE_ENDPOINT"
  ip_version   = "IPV4"
  region       = var.deployment_region
}

Debug Output

https://gist.github.com/lripoche/ef1afd3a6b3eafb15e3a367abadf2374

Expected Behavior

Compute address should be destroyed and re-created

Actual Behavior

Terraform tries to create the address before destroying it, resulting in an error:

Plan: 36 to add, 2 to change, 1 to destroy.
module.keygen_infra.google_compute_address.private_ip: Creating...
2024-04-17T16:56:01.742+0200 [ERROR] provider.terraform-provider-google_v5.25.0_x5: Response contains error diagnostic: tf_proto_version=5.4 @module=sdk.proto diagnostic_detail="" diagnostic_severity=ERROR diagnostic_summary="Error creating Address: googleapi: Error 409: The resource 'projects/2zjpo18of960rnv7sqcblqy/regions/europe-west1/addresses/private-ip' already exists, alreadyExists" tf_provider_addr=registry.terraform.io/hashicorp/google tf_req_id=67a8da00-640e-852b-751d-83c3345ffc2c tf_resource_type=google_compute_address tf_rpc=ApplyResourceChange @caller=github.com/hashicorp/terraform-plugin-go@v0.22.1/tfprotov5/internal/diag/diagnostics.go:58 timestamp="2024-04-17T16:56:01.742+0200"
2024-04-17T16:56:01.743+0200 [ERROR] vertex "module.keygen_infra.google_compute_address.private_ip" error: Error creating Address: googleapi: Error 409: The resource 'projects/2zjpo18of960rnv7sqcblqy/regions/europe-west1/addresses/private-ip' already exists, alreadyExists
╷
│ Error: Error creating Address: googleapi: Error 409: The resource 'projects/2zjpo18of960rnv7sqcblqy/regions/europe-west1/addresses/private-ip' already exists, alreadyExists
│ 
│   with module.xxxx.google_compute_address.private_ip,
│   on ../../modules/xxxx/main.tf line 1, in resource "google_compute_address" "private_ip":
│    1: resource "google_compute_address" "private_ip" {

Steps to reproduce

terraform apply

Important Factoids

No response

References

No response

ggtisc commented 5 months ago

Hi @lripoche!

Please confirm if you already have the google_compute_address resource created, and then when you are trying to update some properties it returns the last error.

If that is right, please include the arguments that you're modifying (like subnetwork, address_type, purpose, etc.)

lripoche commented 4 months ago

Yes the google_compute_address already exists. For an unknown reason, each time I run tf apply terraform thinks the subnetwork will change (although the configuration did not changed) and say the google_compute_address must be replaced.

That's when the "bug" occurs because terraform tries to create the google_compute_address before destroying it.

ggtisc commented 4 months ago

Hi @lripoche!

This scenario was replicated successfully and without errors.

The 1st thing I noticed is that you are attaching a network in the subnetwork attribute of the google_compute_address. You need to fix it.
Then you have more than just the google_compute_address resource in your terraform configuration. For this I suggest you to separate your resources and test only the involved resources in 1 separated project to confirm that everything works(google_compute_address, google_compute_network and google_compute_subnetwork), and then check the other resources to identify where you have a bad configuration.

You can learn more of how to work with these services on this link

lripoche commented 4 months ago

You are right, at the time I created the issue I was only creating a network and I left it to handle the auto-provisioning of the regional subnetworks.

As google_compute_network, to my knowledge, does not have an attribute listing regional subnetworks IDs I used the network ID.

Now I deploy my own subnetwork to use its ID and I don't have the issue anymore.

Thanks for your help!

ggtisc commented 4 months ago

It was a pleasure, have a happy coding!

github-actions[bot] commented 3 months ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

hashicorp / terraform-provider-google