Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Instance cannot be destroyed message should say why resource needs to be destroyed or recreated #22264

Open
tmccombs opened this issue Jul 31, 2019 · 3 comments
Open

Instance cannot be destroyed message should say why resource needs to be destroyed or recreated #22264

tmccombs opened this issue Jul 31, 2019 · 3 comments
Labels
cli enhancement

Comments

@tmccombs
Copy link
Contributor

Current Terraform Version

Terraform v0.12.6-dev
+ provider.aws (unversioned)

Use-cases

When I have the prevent_destroy option enabled, and I make a change to config that would require the resource to be created, terraform plan doesn't tell me which change would result in the resource getting recreated. However, if prevent_destroy is not enabled, then it informs me of which attribute(s) results in the resource getting recreated.

Attempted Solutions

I can see the information I want by temporarily removing the prevent_destroy option, running and plan, and putting it back, but it is quite a pain to do that.

Proposal

In the case that a destroy is prevented, output the diff as if it would be destroyed in the plan phase
@djakielski
Copy link

For my point of view, it's a bug. It is nessesary to see witch reason causes deletion.

@u2g-tg
Copy link

u2g-tg commented Apr 17, 2020

I just encountered this bug using a Terraform 0.12.24 resource through ConcourseCI.

It was managing an existing GKE cluster with prevent_destroy = true, and wanted to recreate the cluster. In order to debug the issue, I had to run a terraform plan with prevent_destroy = false, to expose the reason that the module thought the resource needed a destroy/create cycle.

The terraform could definitely output the change reason at the point it errored.

@jufemaiz
Copy link

jufemaiz commented Nov 3, 2021
edited
Loading

Just started writing this up separately and then of course found this when putting together references. I'll add my details here.

Current Terraform Version

Terraform v1.0.10
--
  | on linux_amd64
  | + provider registry.terraform.io/hashicorp/aws v3.63.0
  | + provider registry.terraform.io/hashicorp/random v2.3.1
  | + provider registry.terraform.io/hashicorp/template v2.2.0

Use-cases

Currently if a plan requires a resource to by destroyed, and that resource has prevent_destroy set to true as part of its lifecycle configuration block, then the plan fails. In the event of a failure, the message one gets is not at all informative enough for someone to take action on.

the plan would destroy this resource, but it currently has lifecycle.prevent_destroy set to true. To avoid this error and continue with the plan, either disable lifecycle.prevent_destroy or adjust the scope of the plan using the -target flag.

Attempted Solutions

N/A

Proposal

Where a resource meets the above requirements, the failure should provide sufficient information to determine the cause of the attempt to destroy the resource. This would then provide details as to whether the attempt is required – and an alternative pathway is needed to resolve the issue – or if it is invalid and needs to be corrected before successfully applying the actual desired changes.

References

Related issues raised (which go beyond the scope of this proposal):

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
cli enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@jufemaiz @tmccombs @u2g-tg @djakielski @teamterraform