Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

terminate doesn't tolerate dependency #10945

Open
navi86 opened this issue Nov 20, 2019 · 1 comment
Open

terminate doesn't tolerate dependency #10945

navi86 opened this issue Nov 20, 2019 · 1 comment
Labels
service/iam Issues and PRs that pertain to the iam service. waiting-response Maintainers are waiting on response from community or contributor.

Comments

@navi86
Copy link

navi86 commented Nov 20, 2019
edited

hello,

Terraform Version

Terraform v0.12.12
+ provider.aws v2.28.1

terminate process doesn't tolerate dependency as far as I understand it's correctly.

Affected Resource(s)

  • aws_iam_role_policy_attachment
  • aws_iam_policy
resource "aws_iam_policy" "s3_replication_policy" {
  count = var.enable_s3_replication ? 1 : 0
  name  = local.policy

  policy = data.aws_iam_policy_document.s3_replication_policy[0].json
}

# Attach IAM policy to S3 replication role
resource "aws_iam_role_policy_attachment" "replication" {
  count      = var.enable_s3_replication ? 1 : 0
  role       = "${aws_iam_role.s3_replication[0].name}"
  policy_arn = "${aws_iam_policy.s3_replication_policy[0].arn}"
}

Debug Output

according to graph "aws_iam_role_policy_attachment" depends on aws_iam_policy

Screenshot 2019-11-20 at 11 18 20

Expected Behavior

Attachment policy would be deleted and then process of deletion policy will start.

Actual Behavior

Destroying process runs in parallel:
[0m�[1mmodule.s3.aws_iam_role_policy_attachment.replication[0]: Destroying...
�[0m�[1mmodule.s3.aws_iam_policy.s3_replication_policy[0]: Destroying...
therefore I got an error that "deleteConflict: Cannot delete a policy attached to entities."
@ghost ghost added the service/iam Issues and PRs that pertain to the iam service. label Nov 20, 2019
@github-actions github-actions bot added the needs-triage Waiting for first response or review from a maintainer. label Nov 20, 2019
@justinretzolk
Copy link
Member

Hey @navi86 👋 Thank you for taking the time to file this issue. Given that there's been a number of Terraform and AWS provider releases since you initially filed it, can you confirm whether you're still experiencing this behavior?

@justinretzolk justinretzolk added waiting-response Maintainers are waiting on response from community or contributor. and removed needs-triage Waiting for first response or review from a maintainer. labels Nov 18, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
service/iam Issues and PRs that pertain to the iam service. waiting-response Maintainers are waiting on response from community or contributor.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@navi86 @justinretzolk