Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

KMS instance being deleted before deleting KMS keys #469

Closed
tyao117 opened this issue Apr 30, 2024 · 3 comments
Closed

KMS instance being deleted before deleting KMS keys #469

tyao117 opened this issue Apr 30, 2024 · 3 comments
Assignees
@ocofaigh
Labels
bug 🐞 Something isn't working internal-synced

Comments

@tyao117
Copy link

tyao117 commented Apr 30, 2024
edited

The keys are being deleted before the instance is being deleted:

logs from the schematics run:

 2024/04/30 17:27:08 �[34mStarting command: terraform1.5 destroy -state=terraform.tfstate -var-file=schematics.tfvars -auto-approve -no-color�[39m�[0m
 2024/04/30 17:27:08 Starting command: terraform1.5 destroy -state=terraform.tfstate -var-file=schematics.tfvars -auto-approve -no-color
 2024/04/30 17:27:21 Terraform destroy | module.resource_group.ibm_resource_group.resource_group[0]: Refreshing state... [id=bd6abdd1802d49e6b31c8d9960ee37cc]
 2024/04/30 17:27:22 Terraform destroy | module.kms.module.key_protect[0].ibm_resource_instance.key_protect_instance: Refreshing state... [id=crn:v1:bluemix:public:kms:us-south:a/37cb83958369439db2ef3d6156f82b9d:225a321c-37b3-4ef3-9204-acbd30361d50::]
 2024/04/30 17:27:23 Terraform destroy | module.kms.module.key_protect[0].ibm_kms_instance_policies.key_protect_instance_policies: Refreshing state... [id=crn:v1:bluemix:public:kms:us-south:a/37cb83958369439db2ef3d6156f82b9d:225a321c-37b3-4ef3-9204-acbd30361d50::]
 2024/04/30 17:27:27 Terraform destroy | 
 2024/04/30 17:27:27 Terraform destroy | Terraform used the selected providers to generate the following execution
 2024/04/30 17:27:27 Terraform destroy | plan. Resource actions are indicated with the following symbols:
 2024/04/30 17:27:27 Terraform destroy |   - destroy
 2024/04/30 17:27:27 Terraform destroy | 
 2024/04/30 17:27:27 Terraform destroy | Terraform will perform the following actions:
 2024/04/30 17:27:27 Terraform destroy | 
 2024/04/30 17:27:27 Terraform destroy |   # module.resource_group.ibm_resource_group.resource_group[0] will be destroyed
 2024/04/30 17:27:27 Terraform destroy |   - resource "ibm_resource_group" "resource_group" {
 2024/04/30 17:27:27 Terraform destroy |       - created_at        = "2024-04-25T21:05:18.556Z" -> null
 2024/04/30 17:27:27 Terraform destroy |       - crn               = "crn:v1:bluemix:public:resource-controller::a/37cb83958369439db2ef3d6156f82b9d::resource-group:bd6abdd1802d49e6b31c8d9960ee37cc" -> null
 2024/04/30 17:27:27 Terraform destroy |       - default           = false -> null
 2024/04/30 17:27:27 Terraform destroy |       - id                = "bd6abdd1802d49e6b31c8d9960ee37cc" -> null
 2024/04/30 17:27:27 Terraform destroy |       - name              = "core-security-services" -> null
 2024/04/30 17:27:27 Terraform destroy |       - quota_id          = "a3d7b8d01e261c24677937c29ab33f3c" -> null
 2024/04/30 17:27:27 Terraform destroy |       - quota_url         = "/v2/quota_definitions/a3d7b8d01e261c24677937c29ab33f3c" -> null
 2024/04/30 17:27:27 Terraform destroy |       - resource_linkages = [] -> null
 2024/04/30 17:27:27 Terraform destroy |       - state             = "ACTIVE" -> null
 2024/04/30 17:27:27 Terraform destroy |       - updated_at        = "2024-04-25T21:05:18.556Z" -> null
 2024/04/30 17:27:27 Terraform destroy |     }
 2024/04/30 17:27:27 Terraform destroy | 
 2024/04/30 17:27:27 Terraform destroy |   # module.kms.module.key_protect[0].ibm_kms_instance_policies.key_protect_instance_policies will be destroyed
 2024/04/30 17:27:27 Terraform destroy |   - resource "ibm_kms_instance_policies" "key_protect_instance_policies" {
 2024/04/30 17:27:27 Terraform destroy |       - endpoint_type = "private" -> null
 2024/04/30 17:27:27 Terraform destroy |       - id            = "crn:v1:bluemix:public:kms:us-south:a/37cb83958369439db2ef3d6156f82b9d:225a321c-37b3-4ef3-9204-acbd30361d50::" -> null
 2024/04/30 17:27:27 Terraform destroy |       - instance_id   = "225a321c-37b3-4ef3-9204-acbd30361d50" -> null
 2024/04/30 17:27:27 Terraform destroy |     }
 2024/04/30 17:27:27 Terraform destroy | 
 2024/04/30 17:27:27 Terraform destroy |   # module.kms.module.key_protect[0].ibm_resource_instance.key_protect_instance will be destroyed
 2024/04/30 17:27:27 Terraform destroy |   - resource "ibm_resource_instance" "key_protect_instance" {
 2024/04/30 17:27:27 Terraform destroy |       - account_id              = "37cb83958369439db2ef3d6156f82b9d" -> null
 2024/04/30 17:27:27 Terraform destroy |       - allow_cleanup           = false -> null
 2024/04/30 17:27:27 Terraform destroy |       - created_at              = "2024-04-25T21:05:21.254Z" -> null
 2024/04/30 17:27:27 Terraform destroy |       - created_by              = "IBMid-550003PATQ" -> null
 2024/04/30 17:27:27 Terraform destroy |       - crn                     = "crn:v1:bluemix:public:kms:us-south:a/37cb83958369439db2ef3d6156f82b9d:225a321c-37b3-4ef3-9204-acbd30361d50::" -> null
 2024/04/30 17:27:27 Terraform destroy |       - dashboard_url           = "/keyprotect/crn%!A(MISSING)v1%!A(MISSING)bluemix%!A(MISSING)public%!A(MISSING)kms%!A(MISSING)us-south%!A(MISSING)a%!F(MISSING)37cb83958369439db2ef3d6156f82b9d%!A(MISSING)225a321c-37b3-4ef3-9204-acbd30361d50%!A(MISSING)%!A(MISSING)" -> null
 2024/04/30 17:27:27 Terraform destroy |       - extensions              = {
 2024/04/30 17:27:27 Terraform destroy |           - "endpoints.private" = "https://private.us-south.kms.cloud.ibm.com"
 2024/04/30 17:27:27 Terraform destroy |           - "endpoints.public"  = "https://us-south.kms.cloud.ibm.com"
 2024/04/30 17:27:27 Terraform destroy |         } -> null
 2024/04/30 17:27:27 Terraform destroy |       - guid                    = "225a321c-37b3-4ef3-9204-acbd30361d50" -> null
 2024/04/30 17:27:27 Terraform destroy |       - id                      = "crn:v1:bluemix:public:kms:us-south:a/37cb83958369439db2ef3d6156f82b9d:225a321c-37b3-4ef3-9204-acbd30361d50::" -> null
 2024/04/30 17:27:27 Terraform destroy |       - last_operation          = {
 2024/04/30 17:27:27 Terraform destroy |           - "async"       = "false"
 2024/04/30 17:27:27 Terraform destroy |           - "cancelable"  = "false"
 2024/04/30 17:27:27 Terraform destroy |           - "description" = "Completed create instance operation"
 2024/04/30 17:27:27 Terraform destroy |           - "poll"        = "false"
 2024/04/30 17:27:27 Terraform destroy |           - "state"       = "succeeded"
 2024/04/30 17:27:27 Terraform destroy |           - "type"        = "create"
 2024/04/30 17:27:27 Terraform destroy |         } -> null
 2024/04/30 17:27:27 Terraform destroy |       - location                = "us-south" -> null
 2024/04/30 17:27:27 Terraform destroy |       - locked                  = false -> null
 2024/04/30 17:27:27 Terraform destroy |       - name                    = "base-security-services-kms" -> null
 2024/04/30 17:27:27 Terraform destroy |       - parameters              = {
 2024/04/30 17:27:27 Terraform destroy |           - "allowed_network" = "private-only"
 2024/04/30 17:27:27 Terraform destroy |         } -> null
 2024/04/30 17:27:27 Terraform destroy |       - plan                    = "tiered-pricing" -> null
 2024/04/30 17:27:27 Terraform destroy |       - plan_history            = [
 2024/04/30 17:27:27 Terraform destroy |           - {
 2024/04/30 17:27:27 Terraform destroy |               - resource_plan_id = "eedd3585-90c6-4c8f-be3d-062069e99fc3"
 2024/04/30 17:27:27 Terraform destroy |               - start_date       = "2024-04-25T21:05:21.254Z"
 2024/04/30 17:27:27 Terraform destroy |             },
 2024/04/30 17:27:27 Terraform destroy |         ] -> null
 2024/04/30 17:27:27 Terraform destroy |       - resource_aliases_url    = "/v2/resource_instances/225a321c-37b3-4ef3-9204-acbd30361d50/resource_aliases" -> null
 2024/04/30 17:27:27 Terraform destroy |       - resource_bindings_url   = "/v2/resource_instances/225a321c-37b3-4ef3-9204-acbd30361d50/resource_bindings" -> null
 2024/04/30 17:27:27 Terraform destroy |       - resource_controller_url = "https://cloud.ibm.com/services/" -> null
 2024/04/30 17:27:27 Terraform destroy |       - resource_crn            = "crn:v1:bluemix:public:kms:us-south:a/37cb83958369439db2ef3d6156f82b9d:225a321c-37b3-4ef3-9204-acbd30361d50::" -> null
 2024/04/30 17:27:27 Terraform destroy |       - resource_group_crn      = "crn:v1:bluemix:public:resource-controller::a/37cb83958369439db2ef3d6156f82b9d::resource-group:bd6abdd1802d49e6b31c8d9960ee37cc" -> null
 2024/04/30 17:27:27 Terraform destroy |       - resource_group_id       = "bd6abdd1802d49e6b31c8d9960ee37cc" -> null
 2024/04/30 17:27:27 Terraform destroy |       - resource_group_name     = "crn:v1:bluemix:public:resource-controller::a/37cb83958369439db2ef3d6156f82b9d::resource-group:bd6abdd1802d49e6b31c8d9960ee37cc" -> null
 2024/04/30 17:27:27 Terraform destroy |       - resource_id             = "ee41347f-b18e-4ca6-bf80-b5467c63f9a6" -> null
 2024/04/30 17:27:27 Terraform destroy |       - resource_keys_url       = "/v2/resource_instances/225a321c-37b3-4ef3-9204-acbd30361d50/resource_keys" -> null
 2024/04/30 17:27:27 Terraform destroy |       - resource_name           = "base-security-services-kms" -> null
 2024/04/30 17:27:27 Terraform destroy |       - resource_plan_id        = "eedd3585-90c6-4c8f-be3d-062069e99fc3" -> null
 2024/04/30 17:27:27 Terraform destroy |       - resource_status         = "active" -> null
 2024/04/30 17:27:27 Terraform destroy |       - service                 = "kms" -> null
 2024/04/30 17:27:27 Terraform destroy |       - state                   = "active" -> null
 2024/04/30 17:27:27 Terraform destroy |       - status                  = "active" -> null
 2024/04/30 17:27:27 Terraform destroy |       - sub_type                = "kms" -> null
 2024/04/30 17:27:27 Terraform destroy |       - tags                    = [
 2024/04/30 17:27:27 Terraform destroy |           - "schematics:us-south.workspace.projects-service.01e91bd3",
 2024/04/30 17:27:27 Terraform destroy |         ] -> null
 2024/04/30 17:27:27 Terraform destroy |       - target_crn              = "crn:v1:bluemix:public:globalcatalog::::deployment:eedd3585-90c6-4c8f-be3d-062069e99fc3%!A(MISSING)us-south" -> null
 2024/04/30 17:27:27 Terraform destroy |       - type                    = "service_instance" -> null
 2024/04/30 17:27:27 Terraform destroy |       - update_at               = "2024-04-25T21:05:21.643Z" -> null
 2024/04/30 17:27:27 Terraform destroy |     }
 2024/04/30 17:27:27 Terraform destroy | 
 2024/04/30 17:27:27 Terraform destroy | Plan: 0 to add, 0 to change, 3 to destroy.
 2024/04/30 17:27:27 Terraform destroy | 
 2024/04/30 17:27:27 Terraform destroy | Changes to Outputs:
 2024/04/30 17:27:27 Terraform destroy |   - key_protect_crn               = "crn:v1:bluemix:public:kms:us-south:a/37cb83958369439db2ef3d6156f82b9d:225a321c-37b3-4ef3-9204-acbd30361d50::" -> null
 2024/04/30 17:27:27 Terraform destroy |   - key_protect_id                = "crn:v1:bluemix:public:kms:us-south:a/37cb83958369439db2ef3d6156f82b9d:225a321c-37b3-4ef3-9204-acbd30361d50::" -> null
 2024/04/30 17:27:27 Terraform destroy |   - key_protect_instance_policies = {
 2024/04/30 17:27:27 Terraform destroy |       - dual_auth_delete         = [
 2024/04/30 17:27:27 Terraform destroy |           - {
 2024/04/30 17:27:27 Terraform destroy |               - created_by    = null
 2024/04/30 17:27:27 Terraform destroy |               - creation_date = null
 2024/04/30 17:27:27 Terraform destroy |               - enabled       = false
 2024/04/30 17:27:27 Terraform destroy |               - last_updated  = null
 2024/04/30 17:27:27 Terraform destroy |               - updated_by    = null
 2024/04/30 17:27:27 Terraform destroy |             },
 2024/04/30 17:27:27 Terraform destroy |         ]
 2024/04/30 17:27:27 Terraform destroy |       - id                       = "crn:v1:bluemix:public:kms:us-south:a/37cb83958369439db2ef3d6156f82b9d:225a321c-37b3-4ef3-9204-acbd30361d50::"
 2024/04/30 17:27:27 Terraform destroy |       - instance_id              = "225a321c-37b3-4ef3-9204-acbd30361d50"
 2024/04/30 17:27:27 Terraform destroy |       - key_create_import_access = [
 2024/04/30 17:27:27 Terraform destroy |           - {
 2024/04/30 17:27:27 Terraform destroy |               - create_root_key     = true
 2024/04/30 17:27:27 Terraform destroy |               - create_standard_key = true
 2024/04/30 17:27:27 Terraform destroy |               - created_by          = null
 2024/04/30 17:27:27 Terraform destroy |               - creation_date       = null
 2024/04/30 17:27:27 Terraform destroy |               - enabled             = false
 2024/04/30 17:27:27 Terraform destroy |               - enforce_token       = false
 2024/04/30 17:27:27 Terraform destroy |               - import_root_key     = true
 2024/04/30 17:27:27 Terraform destroy |               - import_standard_key = true
 2024/04/30 17:27:27 Terraform destroy |               - last_updated        = null
 2024/04/30 17:27:27 Terraform destroy |               - updated_by          = null
 2024/04/30 17:27:27 Terraform destroy |             },
 2024/04/30 17:27:27 Terraform destroy |         ]
 2024/04/30 17:27:27 Terraform destroy |       - metrics                  = [
 2024/04/30 17:27:27 Terraform destroy |           - {
 2024/04/30 17:27:27 Terraform destroy |               - created_by    = null
 2024/04/30 17:27:27 Terraform destroy |               - creation_date = null
 2024/04/30 17:27:27 Terraform destroy |               - enabled       = true
 2024/04/30 17:27:27 Terraform destroy |               - last_updated  = null
 2024/04/30 17:27:27 Terraform destroy |               - updated_by    = null
 2024/04/30 17:27:27 Terraform destroy |             },
 2024/04/30 17:27:27 Terraform destroy |         ]
 2024/04/30 17:27:27 Terraform destroy |       - rotation                 = [
 2024/04/30 17:27:27 Terraform destroy |           - {
 2024/04/30 17:27:27 Terraform destroy |               - created_by     = null
 2024/04/30 17:27:27 Terraform destroy |               - creation_date  = null
 2024/04/30 17:27:27 Terraform destroy |               - enabled        = true
 2024/04/30 17:27:27 Terraform destroy |               - interval_month = 3
 2024/04/30 17:27:27 Terraform destroy |               - last_updated   = null
 2024/04/30 17:27:27 Terraform destroy |               - updated_by     = null
 2024/04/30 17:27:27 Terraform destroy |             },
 2024/04/30 17:27:27 Terraform destroy |         ]
 2024/04/30 17:27:27 Terraform destroy |     } -> null
 2024/04/30 17:27:27 Terraform destroy |   - key_protect_name              = "base-security-services-kms" -> null
 2024/04/30 17:27:27 Terraform destroy |   - key_rings                     = {} -> null
 2024/04/30 17:27:27 Terraform destroy |   - keys                          = {} -> null
 2024/04/30 17:27:27 Terraform destroy |   - kms_guid                      = "225a321c-37b3-4ef3-9204-acbd30361d50" -> null
 2024/04/30 17:27:27 Terraform destroy |   - kp_private_endpoint           = "https://private.us-south.kms.cloud.ibm.com" -> null
 2024/04/30 17:27:27 Terraform destroy |   - kp_public_endpoint            = "https://us-south.kms.cloud.ibm.com" -> null
 2024/04/30 17:27:27 Terraform destroy |   - resource_group_id             = "bd6abdd1802d49e6b31c8d9960ee37cc" -> null
 2024/04/30 17:27:27 Terraform destroy |   - resource_group_name           = "core-security-services" -> null
----------------------
 2024/04/30 17:27:31 Terraform destroy | module.kms.module.key_protect[0].ibm_kms_instance_policies.key_protect_instance_policies: Destroying... [id=crn:v1:bluemix:public:kms:us-south:a/37cb83958369439db2ef3d6156f82b9d:225a321c-37b3-4ef3-9204-acbd30361d50::]
 2024/04/30 17:27:31 Terraform destroy | module.kms.module.key_protect[0].ibm_kms_instance_policies.key_protect_instance_policies: Destruction complete after 0s
 2024/04/30 17:27:31 Terraform destroy | module.kms.module.key_protect[0].ibm_resource_instance.key_protect_instance: Destroying... [id=crn:v1:bluemix:public:kms:us-south:a/37cb83958369439db2ef3d6156f82b9d:225a321c-37b3-4ef3-9204-acbd30361d50::]
 2024/04/30 17:27:32 Terraform destroy | 
 2024/04/30 17:27:32 Terraform destroy | Error: [ERROR] Error deleting resource instance: Please contact the Service Provider for this error. [409, Conflict] CONTAINS_ACTIVE_KEYS: Remove all keys before de-provisioning: Instance contains 4 active keys with resp code: {
 2024/04/30 17:27:32 Terraform destroy |     "StatusCode": 422,
 2024/04/30 17:27:32 Terraform destroy |     "Headers": {
 2024/04/30 17:27:32 Terraform destroy |         "Cache-Control": [
 2024/04/30 17:27:32 Terraform destroy |             "max-age=0, no-cache, no-store"
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "Content-Length": [
 2024/04/30 17:27:32 Terraform destroy |             "649"
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "Content-Type": [
 2024/04/30 17:27:32 Terraform destroy |             "application/json; charset=utf-8"
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "Date": [
 2024/04/30 17:27:32 Terraform destroy |             "Tue, 30 Apr 2024 17:27:32 GMT"
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "Expires": [
 2024/04/30 17:27:32 Terraform destroy |             "Tue, 30 Apr 2024 17:27:32 GMT"
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "Pragma": [
 2024/04/30 17:27:32 Terraform destroy |             "no-cache"
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "Request-Id": [
 2024/04/30 17:27:32 Terraform destroy |             "bss-c3289fab336d39db"
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "Retry-After": [
 2024/04/30 17:27:32 Terraform destroy |             "0"
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "Server": [
 2024/04/30 17:27:32 Terraform destroy |             "istio-envoy"
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "Strict-Transport-Security": [
 2024/04/30 17:27:32 Terraform destroy |             "max-age=31536000;includeSubDomains"
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "Transaction-Id": [
 2024/04/30 17:27:32 Terraform destroy |             "bss-bc223e693444d810"
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "X-Content-Type-Options": [
 2024/04/30 17:27:32 Terraform destroy |             "nosniff"
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "X-Correlation-Id": [
 2024/04/30 17:27:32 Terraform destroy |             "bss-bc223e693444d810"
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "X-Envoy-Upstream-Service-Time": [
 2024/04/30 17:27:32 Terraform destroy |             "332"
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "X-Op-Completion-Time": [
 2024/04/30 17:27:32 Terraform destroy |             ""
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "X-Ratelimit-Limit": [
 2024/04/30 17:27:32 Terraform destroy |             "100"
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "X-Ratelimit-Remaining": [
 2024/04/30 17:27:32 Terraform destroy |             "99"
 2024/04/30 17:27:32 Terraform destroy |         ],
 2024/04/30 17:27:32 Terraform destroy |         "X-Ratelimit-Reset": [
 2024/04/30 17:27:32 Terraform destroy |             "0"
 2024/04/30 17:27:32 Terraform destroy |         ]
 2024/04/30 17:27:32 Terraform destroy |     },
 2024/04/30 17:27:32 Terraform destroy |     "Result": {
 2024/04/30 17:27:32 Terraform destroy |         "details": "{\"status_code\":409,\"name\":\"ConflictError\",\"message\":{\"message\":\"CONTAINS_ACTIVE_KEYS: Remove all keys before de-provisioning: Instance contains 4 active keys\",\"name\":\"ConflictError\",\"status_code\":409,\"transaction_id\":\"\"},\"description\":\"CONTAINS_ACTIVE_KEYS: Remove all keys before de-provisioning: Instance contains 4 active keys\"}",
 2024/04/30 17:27:32 Terraform destroy |         "error_code": "RC-ServiceBrokerErrorResponse",
 2024/04/30 17:27:32 Terraform destroy |         "message": "Please contact the Service Provider for this error. [409, Conflict] CONTAINS_ACTIVE_KEYS: Remove all keys before de-provisioning: Instance contains 4 active keys",
 2024/04/30 17:27:32 Terraform destroy |         "status_code": 422,
 2024/04/30 17:27:32 Terraform destroy |         "transaction_id": "bss-bc223e693444d810"
 2024/04/30 17:27:32 Terraform destroy |     },
 2024/04/30 17:27:32 Terraform destroy |     "RawResult": null
 2024/04/30 17:27:32 Terraform destroy | }
 2024/04/30 17:27:32 Terraform destroy | 
 2024/04/30 17:27:32 Terraform destroy | 
 2024/04/30 17:27:32 �[1m�[31mTerraform DESTROY error: Terraform DESTROY errorexit status 1�[39m�[0m
 2024/04/30 17:27:32 �[1m�[31mCould not execute job: Error : Terraform DESTROY errorexit status 1�[39m�[0m

logs from the KMS team:

    Apr 30 17:27:34 kube-dal12-cr7267d9dafe6440b9874b0090652acea5-w26 kms_at.log Key Protect: delete secret base-security-services-kms
    Apr 30 17:27:45 kube-dal12-cr7267d9dafe6440b9874b0090652acea5-w26 kms_at.log Key Protect: delete secret base-security-services-kms
    Apr 30 17:29:23 kube-dal10-crb1c781bd91bc45208d015398edf0124c-w26 kms_at.log Key Protect: delete secret base-security-services-kms
    Apr 30 17:33:29 kube-dal10-crb1c781bd91bc45208d015398edf0124c-w25 kms_at.log Key Protect: delete secret base-security-services-kms

Affected modules

  • module "key_protect"
  • module "kms_key_rings"

Terraform CLI and Terraform provider versions

  • Terraform version:
  • Provider version:

Terraform output

Debug output

Expected behavior

Actual behavior

Steps to reproduce (including links and screen captures)

  1. Run terraform apply

Anything else

By submitting this issue, you agree to follow our Code of Conduct
@tyao117 tyao117 added the bug 🐞 Something isn't working label Apr 30, 2024
@tyao117 tyao117 changed the title KMS keys being after the instance KMS keys being after the KMS instance Apr 30, 2024
@tyao117 tyao117 changed the title KMS keys being after the KMS instance KMS keys being deleting after the KMS instance Apr 30, 2024
@tyao117 tyao117 changed the title KMS keys being deleting after the KMS instance KMS keys being deleting after the KMS instance was deleting Apr 30, 2024
@tyao117 tyao117 changed the title KMS keys being deleting after the KMS instance was deleting KMS instance being deleted before deleting KMS keys Apr 30, 2024
@ocofaigh
Copy link
Member

@tyao117 Did you create the keys using the DA (with the keys input variable), or did you create the keys in the other DAs (like SM, SCC etc) and then try to delete the KMS DA before the other DAs?

@ocofaigh ocofaigh self-assigned this May 17, 2024
@ocofaigh
Copy link
Member

For GA we document for user to retry (TODO: create doc issue)

@ocofaigh ocofaigh mentioned this issue May 31, 2024
Closed
@ocofaigh
Copy link
Member

ocofaigh commented Jun 6, 2024

Doc issue: terraform-ibm-modules/stack-ibm-core-security-services#23

@ocofaigh ocofaigh closed this as completed Jun 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ocofaigh ocofaigh

Labels
bug 🐞 Something isn't working internal-synced
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tyao117 @ocofaigh @terraform-ibm-modules-ops