search

hashicorp / terraform

Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
https://www.terraform.io/
Other
42.71k stars 9.55k forks source link

prevent_destroy prevents initial creation #35758

Closed mcqj closed 1 month ago

mcqj commented 1 month ago

Terraform Version

Terraform v1.9.5
on darwin_arm64
+ provider registry.terraform.io/hashicorp/aws v5.68.0

Terraform Configuration Files

resource "aws_dynamodb_table" "xxx_table" {
  name           = "${var.prefix}_roleplays_${var.stage}"
  billing_mode   = "PAY_PER_REQUEST"
  hash_key       = "xxxId"

  attribute {
    name = "xxxId"
    type = "S"
  }

  attribute {
    name = "createdAt"
    type = "N"
  }

  attribute {
    name = "createdBy"
    type = "S"
  }

  tags = {
    Name        = "xxx table"
    Environment = var.stage
  }

   point_in_time_recovery {
    enabled = true
  }

  lifecycle {
    prevent_destroy = true
  }
}
...terraform config...

Debug Output

NA

Expected Behavior

Resource should be created.

Actual Behavior

Terraform gave an error saying that the plan called for the resource to be destroyed when prevent_destroy was set to true. In fact, this is the first time running the plan so no resources have ever been created, so the plan should not call for a resource to be deleted when that resource has never been created.

Steps to Reproduce

Use terraform resource to create a dynamo db table with prevent_destroy and run terraform apply.

Additional Context

No response

References

No response

jbardin commented 1 month ago

Hi @mcqj,

There must be something not shown here, because the error associated with prevent_destroy don't be shown unless there is actually a destroy or replace operation being planned. This means there must be some pre-existing state which contains the resource you are trying to change, either from a forgotten earlier state, or maybe via an import of the resource. Can you show a complete example of what you are trying to do?

mcqj commented 1 month ago

Hi @jbardin Thanks for your prompt response. It is indeed human error on my side. I was creating a new environment and pointing to the incorrect remote state. John

github-actions[bot] commented 2 weeks ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.