Have you been in the situation where cleaning up your Infrastructure as Code (powered by HashiCorp Terraform) to delete deprecated resources resulted in the Terraform apply taking longer than expected? Maybe this is what you are seeing:
azurerm_backup_protected_vm.rs_name: Still destroying... [id=/subscriptions/***/***], 1h19m50s elapsed]
Once the deployment timed out I found that the resource was already deleted via the Azure portal. The Terraform state file still believes it exists and it will continue to fail the deployment, how do I resolve the issue?
What you need
Based on a Windows client, you will need:
You will also need a Azure account that has permissions to access the Azure Storage Container which stores the Terraform state file.
Steps to resolve the problem
First you should clone your repository so you can locally validate the actions you take have worked (you can complete these steps without cloning but you won't be able to follow steps to validate if the actions worked without running the pipeline again).
Create a override.tf in the location where you stored your Terraform configuration files. Within the file set the resource group name, the storage account and container name and key where the remote state file is stored.
terraform {
backend "azurerm" {
resource_group_name = "resource_group_name"
storage_account_name = "storage_account_name"
container_name = "container_name"
key = "stafe_file_location/terraform.tfstate"
}
}
Once you've done this and saved the file, run az login (in a terminal of your choice) to authenticate with an account that has access to the Storage Account Container you specified above.
πβ― az login
Now you need to set the subscription you are working with. This should be the subscription that your state file manages.
πβ― az account set --subscription "SUBSCRIPTION NAME"
The Azure CLI has now been utilised to complete authentication. You will now need to change the local directory your terminal is using to the location where you have cloned your respoistory. On Windows, changing a directory usually is:
πβ― cd "C:\Users\CloudJames\***\***"
Once you are in the correct directory, run the terraform init to initialise the configuration so it downloads providers, modules, etc...
πβ― terraform init
Once completed, you can run terraform state list to list the resources that are in your remote state file.
πβ― terraform state list
The results should appear like this:
π¦β― terraform state list
***
***
***
***
azurerm_backup_protected_vm.rs_name
***
***
Find the resource that no longer exists in the Azure environment and take note of the name in full (format is resourcetype.resourcename).
We are now ready to remove the resource from the state file. We will use terraform state rm to achieve this. Here is an example:
πβ― terraform state rm azurerm_backup_protected_vm.rs_name
When ran, you should get an output like the below:
π¦β― terraform state rm azurerm_backup_protected_vm.rs_name
Removed azurerm_backup_protected_vm.rs_name
Successfully removed 1 resource instance(s).
To validate this has worked (if you cloned the repo as described at the beginning), you just need to run a terraform plan.
πβ― terraform plan
You should not see the resource listed at all for destruction. This will mean you can run your pipeline again for it to continue as normal.
Top comments (0)