-
Notifications
You must be signed in to change notification settings - Fork 9.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug]: aws_s3_bucket data sources cannot be destroyed if the bucket no longer exists #39673
Comments
Community NoteVoting for Prioritization
Volunteering to Work on This Issue
|
Hey @josephmidura 👋 Thank you for taking the time to raise this! Can you give me an idea of what Unfortunately, I don't believe there's a way to skip a data source being read during a destroy (Terraform assumes you need the most up to date information possible), so this might be a bit tricky to get around. |
Thanks for the reply @justinretzolk. Here is some additional code that helps explain local.project_stage:
So the code snippet I included above could be rewritten as the following:
or
Yes, I created the name-prod-glue bucket using an Workaround that was successful in my caseToday, I created the name-prod-glue bucket manually, ran |
Hey @josephmidura 👋 Thank you for the additional insight! The only thing that still stands out to me is the use of the data source paired with the resource as well. I'm fairly confident that doing so is what caused this issue, and I'm having a hard time understanding why you would need to do so. Are you able to give me a better idea of why that's needed? As an aside, I'd not tested using $ terraform state list
data.null_data_source.this
$ terraform state rm data.null_data_source.this
Removed data.null_data_source.this
Successfully removed 1 resource instance(s).
$ terraform state list
|
Hi @justinretzolk thanks for the suggestion. When I ran In my use case, there is an s3 bucket used with a data lake. The goal is to register a lake formation resource (S3) to the data lake. Here are the relevant parts of the code:
|
Thanks for the additional information here @josephmidura! Based on your sample configuration, this should be a fairly easy fix. Right now, there's no dependency between On the other hand, the variable "project" {
description = "Project name"
default = "name"
}
variable "stage" {
type = string
description = "Stage"
default = "prod"
}
locals {
project_stage = "${var.project}-${var.stage}"
region = data.aws_region.current.name
account_id = data.aws_caller_identity.current.account_id
}
resource "aws_s3_bucket" "glue" {
bucket = "${local.project_stage}-glue"
}
resource "aws_lakeformation_resource" "glue-bucket-as-location" {
arn = aws_s3_bucket.glue.arn
} |
Terraform Core Version
1.5.3
AWS Provider Version
4.67.0
Affected Resource(s)
data.aws_s3_bucket
Expected Behavior
A warning is displayed and
terraform destroy
continues to remove the resource as normal.Actual Behavior
The aws_s3_bucket data source is unable to delete during
terraform destroy
if the associated bucket is already deleted.Relevant Error/Panic Output Snippet
No response
Terraform Configuration Files
Steps to Reproduce
The
terraform destroy
was run on a project. The destroy operations stopped with an error because deletion protection was enabled on an RDS database. After deletion protection was disabled in the console for the RDS database,terraform destroy
command was run again.The aws_s3_bucket data source now references a bucket that no longer exists (was deleted during the initial terraform destroy) and the destroy operation failed with the following error:
Error: Failed getting S3 bucket (bucket-name): NotFound: Not Found
terraform state list
does not show the bucket resource.Debug Output
No response
Panic Output
No response
Important Factoids
terraform installed via asdf
References
No response
Would you like to implement a fix?
None
The text was updated successfully, but these errors were encountered: