pulumi-aws
pulumi-aws copied to clipboard
pulumi
Target Pulumi Destroy on Multiple Targets Results in Orphaned Physical Resource
Hello!
- Vote on this issue by adding a 👍 reaction
- To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already)
Issue details
When using a targeted destroy of two related resources, such as listener and a target group, both resources are removed from Pulumi's state but only one resources is physically destroyed resulting in an orphaned resource.
Steps to reproduce
- Create a load balancer, listener, and target group
- Attach the target group tot he listener and listener to the load balancer
- Use a targeted destroy for both listener and target group
Expected: Listener and target group should be physically destroyed and removed from the stack's statefile. Actual: Both are removed from the stack's statefile but only the listener is physically destroyed, resulting in an orphaned target group
Command: pulumi destroy -t {target_group_urn} -t {listener_group_urn}
Code:
import * as aws from "@pulumi/aws";
import * as pulumi from "@pulumi/pulumi";
export = async () => {
const nlb = new aws.lb.LoadBalancer("network-load-balancer", {
internal: true,
loadBalancerType: "network",
subnets: ["subnet-id],
enableDeletionProtection: false,
ipAddressType: "ipv4"
});
const protocol = "TCP";
const tg = new aws.lb.TargetGroup("target-group", {
name: "tg-1",
port: 80,
protocol: protocol,
targetType: "ip",
vpcId: "vpc-id",
healthCheck: {
protocol: protocol,
port: "80",
matcher: undefined
}
}, {
deleteBeforeReplace: true
});
const listener = new aws.lb.Listener("listener", {
protocol: protocol,
port: 80,
loadBalancerArn: nlb.arn,
defaultActions: [{
type: "forward",
targetGroupArn: tg.arn
}]
}, {
deleteBeforeReplace: true
});
return {
url: alb.dnsName
}
}
Using a targeted destroy on the listener also removes the target group from the statefile and orphans the target group.
pulumi destroy -t {listener_urn}