-
Notifications
You must be signed in to change notification settings - Fork 9.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
destroy > systematic DependencyViolation #497
Comments
Perhaps similar, I have a VPC (no instances yet) that creates fine but
Yet I can can select the VPC in the AWS VPC Dashboard and delete it just fine. |
This is still an issue for me in 0.3.6 |
+1 I'm also seeing this exact issue (0.3.6) |
+1 ... really anoying |
Faced the same issue. My workaround is to define an explicit dependency of the instances on VPC's gateway. In my setup there are 4 instances in a VPC ( resource "aws_instance" "www_a" {
...
depends_on = ["aws_internet_gateway.prd_plntr"]
}
resource "aws_instance" "www_c" {
...
depends_on = ["aws_internet_gateway.prd_plntr"]
}
resource "aws_instance" "db_a" {
...
depends_on = ["aws_internet_gateway.prd_plntr"]
}
resource "aws_instance" "db_a" {
...
depends_on = ["aws_internet_gateway.prd_plntr"]
}
resource "aws_internet_gateway" "prd_plntr" {
vpc_id "${aws_vpc.prd_plntr}"
} I believe this dependency should be set implicitly by terraform. |
Here's the shortest example for reproducing the problem: resource "aws_vpc" "default" {
cidr_block = "10.10.0.0/16"
}
resource "aws_internet_gateway" "default" {
vpc_id = "${aws_vpc.default.id}"
}
resource "aws_subnet" "public" {
vpc_id = "${aws_vpc.default.id}"
cidr_block = "10.10.0.0/24"
availability_zone = "eu-west-1a"
}
resource "aws_instance" "nat" {
ami = "ami-14913f63"
availability_zone = "eu-west-1a"
instance_type = "t2.micro"
key_name = "radeksimko"
subnet_id = "${aws_subnet.public.id}"
associate_public_ip_address = true
} If I set It is reproducible with the very latest version
Simplest workaround is just to run |
Running into this too. 👍 |
This resurfaced recently in #1203 . The workaround that resulted for this particular issue was to add a
Terraform is trying to move on and delete other things, but AWS API is still working on destroying things so as to not violate dependencies. Documentation was added in #1189 to document this, but that change hasn't been deployed to terraform.io yet. I'm not sure what else can be done here. cc @phinze for ideas about implicitly setting that dependency(?) |
The way I worked around this specific issue was: I associated EIP's with my instances instead of giving them public IPs. When Terraform goes to destroy the VPC it disassociates the EIPs from the instances cleanly, then destroys the EIP. I have a small number of publicly facing instances so this works for me. Additionally, there is no extra charge associated with EIPs as long as you are using them, however you are limited to five EIPs per region per account. |
Hey all – #1325 was just merged and should fix this. Let me know if you're still running into it on |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
When trying to
terraform destroy
while running instance(s) with public ip(s) on a subnet inside a VPC with an Internet Gateway associated with it, each time I get the following error when trying to destroy the igw :A full
repro.tf
is available here : https://gist.github.com/frntn/12126851cdc2ef1cdbafIf this is impossible, then the internet gateway destruction attempt should occur after every public addresses are detached.
May be wait for at least :
associate_public_ip_address
(have to add it as attribute ofaws_instance
)map_public_ip_on_launch
set to true (have to add it as attribute ofaws_subnet
).But you may have better way to implement this dependency. Just saying.. :)
version: terraform v0.3.1
platform: linux 64bits (debian wheezy)
The text was updated successfully, but these errors were encountered: