search

seqeralabs / terraform-seqera-aws

Apache License 2.0
5 stars 3 forks source link

Investigate why the module can't delete Security groups and Subnets #37

Open bebosudo opened 7 months ago

bebosudo commented 7 months ago

As reported in https://github.com/seqeralabs/devops-backlog/issues/380, it seems the module fails to delete SGs and subnets:

module.terraform-seqera-aws.module.vpc.aws_subnet.private[0]: Still destroying... [id=subnet-0fa23ef68528640f6, 19m40s elapsed]
module.terraform-seqera-aws.module.vpc.aws_subnet.private[0]: Still destroying... [id=subnet-0fa23ef68528640f6, 19m50s elapsed]
module.terraform-seqera-aws.module.vpc.aws_subnet.private[0]: Still destroying... [id=subnet-0fa23ef68528640f6, 20m0s elapsed]
╷
│ Error: deleting Security Group (sg-01a597fdb9b6d498a): DependencyViolation: resource sg-01a597fdb9b6d498a has a dependent object
│   status code: 400, request id: 69257ac0-7cee-403d-b16d-c370123e0cab
│ 
│ Error: deleting EC2 Subnet (subnet-0fa23ef68528640f6): DependencyViolation: The subnet 'subnet-0fa23ef68528640f6' has dependencies and cannot be deleted.
│   status code: 400, request id: bcd72938-a453-465f-bb7a-3959148122d7
bebosudo commented 7 months ago

The reason was that the SG had an attached Network Interface which wasn't deleted by Terraform. Once that was deleted I could also delete the Security Group, the Subnet and the VPC.