search

sassoftware / viya4-iac-azure

This project contains Terraform configuration files to provision infrastructure components required to deploy SAS Viya platform products on Microsoft Azure Cloud.
Apache License 2.0
73 stars 88 forks source link

Unclean Terraform Destroy Operation : Terraform 1.0.0 on release 6.4.0 #306

Closed SundareshSankaran closed 1 year ago

SundareshSankaran commented 1 year ago

Here's an error that appeared when I attempted to destroy my IAC-Azure provisioned cluster. The error shown below is one example. Other objects which cropped up were :

  1. AKS Identity
  2. VNet
  3. Network Security Group (represented in error message below)

Eventually I deleted the resources (successively) with az cli commands.

A request : if the suggested flag prevent_deletion_if_contains_resources = false is planned to be implemented as a fix to this issue, can it be included as part of terraform.tfvars as a configuration variable, instead of having to modify main.tf / anything which involves building a modified docker? If possible, thanks.

A list of resources which affected me : 

`/subscriptions/e22907da-4bf4-41eb-9f04-946940c6c4a6/resourceGroups/cde-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/cde-aks-identity`
│ * `/subscriptions/e22907da-4bf4-41eb-9f04-946940c6c4a6/resourceGroups/cde-rg/providers/Microsoft.Network/networkSecurityGroups/cde-nsg`
│ * `/subscriptions/e22907da-4bf4-41eb-9f04-946940c6c4a6/resourceGroups/cde-rg/providers/Microsoft.Network/virtualNetworks/cde-vnet`

The main error received 

│ Error: deleting Resource Group "cde-rg": the Resource Group still contains Resources.
│
│ Terraform is configured to check for Resources within the Resource Group when deleting the Resource Group - and
│ raise an error if nested Resources still exist to avoid unintentionally deleting these Resources.
│
│ Terraform has detected that the following Resources still exist within the Resource Group:
│
│ * `/subscriptions/e22907da-4bf4-41eb-9f04-946940c6c4a6/resourceGroups/cde-rg/providers/Microsoft.Network/networkSecurityGroups/cde-nsg`
│
│ This feature is intended to avoid the unintentional destruction of nested Resources provisioned through some
│ other means (for example, an ARM Template Deployment) - as such you must either remove these Resources, or
│ disable this behaviour using the feature flag `prevent_deletion_if_contains_resources` within the `features`
│ block when configuring the Provider, for example:
│
│ provider "azurerm" {
│   features {
│     resource_group {
│       prevent_deletion_if_contains_resources = false
│     }
│   }
│ }
riragh commented 1 year ago

Terraform version has been updated and viya4-iac-azure had a few major version updates. @SundareshSankaran could you please check if you are still seeing this issue on the latest version?

riragh commented 1 year ago

Closing this issue, please feel free to open a new issue if you the error persists.