Reputation: 23
Terraform deletes Azure resources in subsequent 'apply' without any config change
I was trying to test the scenario of handling external changes to existing resources and then syncing my HCL config to the current state in the next apply. I could achieve that using 'taint' for the modified resource, but TF deleted other resources which were deployed during the first 'apply'. Here is the module code for a VNet with 3 subnets(prod,dmz and app) and 3 NSGs associated. And I tested with modifying one of the NSGs but TF deleted all of the subnets-
VNET-
resource "azurerm_virtual_network" "BP-VNet" {
name = var.Vnetname
location = var.location
resource_group_name = var.rgname
address_space = var.vnetaddress
subnet {
name = "GatewaySubnet"
address_prefix = "10.0.10.0/27"
}
}
Subnet -
resource "azurerm_subnet" "subnets" {
count = var.subnetcount
name = "snet-prod-${lookup(var.snettype, count.index, "default")}-001"
address_prefixes = ["10.0.${count.index+1}.0/24"]
resource_group_name = var.rgname
virtual_network_name = azurerm_virtual_network.BP-VNet.name
}
NSGs-
resource "azurerm_network_security_group" "nsgs" {
count = var.subnetcount
name = "nsg-prod-${lookup(var.snettype, count.index, "default")}"
resource_group_name = var.rgname
location = var.location
--------
}
BastionSubnet-
resource "azurerm_subnet" "bastionsubnet" {
name = "AzureBastionSubnet"
virtual_network_name = azurerm_virtual_network.BP-VNet.name
resource_group_name = var.rgname
address_prefixes = [ "10.0.5.0/27" ]
}
The end result of second apply is -
With just Gateway subnet. It should not have deleted rest of the 4 subnets. Why is this happening?
Upvotes: 1
Views: 484
Answers (1)
Reputation: 31452
The solution may confuse you. You can separate the GatewaySubnet from the azurerm_virtual_network block into an azurerm_subnet block. The code looks like this:
resource "azurerm_subnet" "gateway" {
name = "GatewaySubnet"
resource_group_name = var.rgname
virtual_network_name = azurerm_virtual_network.BP-VNet.name
address_prefixes = ["10.0.10.0/27"]
}
I don't know the certain reason, but it solves your issue.
Upvotes: 1
Related Questions
- azurerm - Terraform not behaving as expected
- Terraform lifecycle - how to prevent terraform from destroying existing resources on terraform apply
- Terraform complains parent resource does not exist even though exist
- Terraform keeps destroying existing resource
- What could cause Terraform to "forget" that it's already managing a resource it created?
- TerraForm Plan on Azure Resource Groups Destroy/Create instead of Update
- Objects have changed outside of Terraform and subsequent "terraform apply" deletes resources without any changes in the scripts
- Create resource via terraform but do not recreate if manually deleted?
- How do I prevent resources from being destroyed during the Azure DevOps Terraform Plan Step?
- Terraform Removes Configurations/Resources Created by the Application Gateway Ingress Controller (AGIC)