-
Notifications
You must be signed in to change notification settings - Fork 9.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aws_emr_cluster and aws_emr_security_configuration destroy issues #6279
Comments
It doesn't look like the situation has changed, quickly looking at: https://github.com/terraform-providers/terraform-provider-aws/blob/master/aws/resource_aws_emr_security_configuration.go#L103 To fix, we can probably just add a input := &emr.DeleteSecurityConfigurationInput{
Name: aws.String(d.Id()),
}
err := resource.Retry(1*time.Minute, func() *resource.RetryError {
_, err := conn.DeleteSecurityConfiguration(input)
if isAWSErr(err, "InvalidRequestException", "does not exist") {
return nil
}
if isAWSErr(err, "InvalidRequestException", "cannot be deleted because it is in use by active clusters") {
return resource.RetryableError(err)
}
if err != nil {
return resource.NonRetryableError(err)
}
return nil
})
if err != nil {
return fmt.Errorf("error deleting EMR Security Configuration (%s): %s", d.Id(), err)
} Then to acceptance test, just create a test configuration that creates a security configuration and a cluster that utilizes that security configuration. 👍 I'm wondering if the problem is pretty inconsistent though, because |
Hmm, I can try to reduce my situation then for a proper regression test. I assumed it had nothing to do with the rest of my cluster configuration but maybe it does, if you don't get the issue. Definitely happening 100% of the time here. Given how long EMR clusters take to spin up and down, it'll probably take me a bit to find what's going wrong, but I'll try to post back with some actual terraform. |
We notice the same behaviour, the versions we are using:
We ended up using a |
Would love to see this get fixed. Here is a non-sleep workaround for anyone who is interested. Requires
|
I don't know if this is related or not, but we're observing "terraform destroy" jobs involving EMR clusters returning as "completed" while the cluster is still in the "Terminating" (as opposed to "Terminated") state. |
Poking into this some more, I wonder if this isn't because the EMR cluster delete method only waits for there to be zero running instances in the cluster, not for AWS to report the cluster as being terminated, which I think was introduced in f7405d0. This likely causes Terraform to think the cluster has been terminated, and the security configuration can be deleted, when from the AWS side, the cluster still exists and the security configuration cannot be deleted. Any thoughts on changing the cluster deletion wait to wait for EMR to report the state as terminated, rather than for it to have zero running instances? |
Sounds like a great idea. 👍 |
FYI, we've been using a provider patched with the code in #12578 and it seems like it has fixed this issue for us. |
We actually had to get around this issue by adding lifecycle policy of create_before_destroy to the
|
@ashkan3 this didn't seem to work for me? Still getting the dependency error when destroying.... |
Any progress on this by any chance? I'm still having issues by this and the workaround with the create_before_destroy isn't working for me. |
Hi all 👋 Just letting you know that this is issue is featured on this quarters roadmap. If a PR exists to close the issue a maintainer will review and either make changes directly, or work with the original author to get the contribution merged. If you have written a PR to resolve the issue please ensure the "Allow edits from maintainers" box is checked. Thanks for your patience and we are looking forward to getting this merged soon! |
This functionality has been released in v3.70.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Community Note
Terraform Version
0.11.8 with AWS provider 1.30
I realize these aren't the latest versions but I don't think this module has changed recently and I haven't had a chance to test yet.
Affected Resource(s)
aws_emr_cluster
aws_emr_security_configuration
What I did
If I have terraform manage my
aws_emr_cluster
and pass a terraform-managedaws_emr_security_configuration
into that cluster,terraform destroy
fails consistently to destroy the security configuration.Expected Behavior
terraform destroy
successfully cleans up all the resources it createdActual Behavior
Steps to Reproduce
aws_emr_cluster
and give it anaws_emr_security_configuration
.terraform apply
terraform destroy
Important Factoids
I think it's just not waiting long enough before attempting to destroy the security configuration. If I try again a minute or two later, the destroy works fine.
The text was updated successfully, but these errors were encountered: