CODEWITHSUNDEEP
azure-functionsterraformterraform-provider-azure
Srinivas Bandaru
Srinivas Bandaru

Reputation: 321

Azure Terraform Network security group getting deleted

I have a azure Terraform code trying to create azure resources includes Vnet,subnet, NSG's. My target azure configuration already having the VNET, subnet and NSG's created. bbut after making some of the changes terraform build fails as it tries to delelte "network security group" I am wondering the reason why it tries to delete ":Network Security Group". Please suggest what could be the root cause it tries to delete Network Security Group?

Error: Error deleting Network Security Group "xxxxxxx685558856875" (Resource Group "common-8856875"): network.SecurityGroupsClient#Delete: Failure sending request: StatusCode=400 -- Original Error: Code="InUseNetworkSecurityGroupCannotBeDeleted" Message="Network security group.

Below is my code for NSG.

resource "azurerm_virtual_network" "virtual_network" {
  name                = "has-virtual-network-${var.location_namespace}"
  resource_group_name = var.common_rg_name
  address_space       = ["xx.x.x.x/x1"]
  location            = var.location
}

resource "azurerm_subnet" "subnet" {
  name                      = var.location_namespace
  resource_group_name       = var.common_rg_name
  virtual_network_name      = azurerm_virtual_network.virtual_network.name
  address_prefix            = "xx.x.x.x/x2"
  network_security_group_id = azurerm_network_security_group.network_security_group.id
  service_endpoints = [
    "Microsoft.KeyVault",
    "Microsoft.AzureCosmosDB",
    "Microsoft.Sql",
    "Microsoft.Storage"
  ]
}

resource "azurerm_network_security_group" "network_security_group" {
  name                = var.location_namespace
  location            = var.location
  resource_group_name = var.common_rg_name
}

resource "azurerm_subnet_network_security_group_association" "subnet_network_security_group_association" {
  subnet_id                 = azurerm_subnet.subnet.id
  network_security_group_id = azurerm_network_security_group.network_security_group.id
}

Upvotes: 0

Views: 1160

Answers (1)

Srinivas Bandaru
Srinivas Bandaru

Reputation: 321

Able to fix the issue. the root cause was for some reason two resources have a different address but the same id=. Just ran terraform state rm on those two entries. terraform state rm module.central_network.azurerm_network_security_group.network_security_group_appgwsubnet terraform state rm module.east_network.azurerm_network_security_group.network_security_group_appgwsubnet. This fixed the issue. Surprised with this, somehow the azure terraform provider allowed this to happen.

Upvotes: 0

Related Questions