terraform-provider-google icon indicating copy to clipboard operation
terraform-provider-google copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

Can't destroy VPC (google_compute_network) created by terraform

Open tek08 opened this issue 2 years ago • 16 comments

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
  • Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment.
  • If an issue is assigned to the modular-magician user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to hashibot, a community member has claimed the issue already.

Terraform Version

Terraform v1.0.4 on darwin_arm64

  • provider registry.terraform.io/hashicorp/archive v2.2.0
  • provider registry.terraform.io/hashicorp/aws v3.54.0
  • provider registry.terraform.io/hashicorp/google v3.78.0
  • provider registry.terraform.io/hashicorp/google-beta v3.78.0

Affected Resource(s)

  • google_compute_network

Terraform Configuration Files


resource "google_compute_network" "egress-network" {
  name                    = "egress-network"
  auto_create_subnetworks = "false"
}

resource "google_compute_subnetwork" "egress-subnetwork" {
  name          = "egress-subnetwork"
  ip_cidr_range = "10.2.0.0/28"
  network       = google_compute_network.egress-network.id
  region        = var.region
}

resource "google_vpc_access_connector" "access-connector" {
  provider = google-beta
  name     = "vpc-connector"
  project  = var.project

  subnet {
    name = google_compute_subnetwork.egress-subnetwork.name
  }

  region = var.region
}

resource "google_compute_router" "router" {
  name    = "egress-compute-router"
  network = google_compute_network.egress-network.name
  region  = var.region
}

resource "google_compute_address" "static-ip-for-egress" {
  name   = "egress-static-ip"
  region = var.region
}

resource "google_compute_router_nat" "nat" {
  name   = "egress-router-nat"
  router = google_compute_router.router.name
  region = google_compute_router.router.region

  nat_ip_allocate_option = "MANUAL_ONLY"
  nat_ips                = google_compute_address.static-ip-for-egress.*.self_link

  source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS"
  subnetwork {
    name                    = google_compute_subnetwork.egress-subnetwork.id
    source_ip_ranges_to_nat = ["ALL_IP_RANGES"]
  }
}

Debug Output

`Error: Error waiting for Deleting Network: The network resource 'projects//global/networks/egress-network' is already being used by 'projects/global/networkInstances/v1460259370-47320b4b-55e7-49c0-a22a-43ec4c643d5c'

Expected Behavior

VPC network should be cleanly deleted

Actual Behavior

VPC networks fails to delete, citing it being in use by a "global/networkInstances" obj.

Steps to Reproduce

  1. terraform apply with above code
  2. Comment out above code
  3. terraform apply

References

Am having the same issue as This ServerFault User, but I created the vpc using terraform. Am having trouble getting it to delete cleanly.

  • #0000

b/321386426

tek08 avatar Aug 14 '21 03:08 tek08