Reputation: 479
Terraform: Destroying/Disabling azurerm_network_ddos_protection_plan
I manage a Azure environment via Terraform and each one of them has DDOS Protection Plan enabled. I was instructed to disable and delete DDOS on all non-prod environment. The code is ready and the plan shows that the azurerm_network_ddos_protection_plan will be destroyed and every virtual network with ddos will be updated in-place and disabled. The ddos_protection_plan section will become null.
The error I am receiving is
network.DdosProtectionPlansClient#Delete: Failure sending request: StatusCode=400 -- Original Error: Code="InUseDdosProtectionPlanCannotBeDeleted".
Problem: Terraform is trying to delete the azurerm_network_ddos_protection_plan first.
Question: How do I force it to disable the ddosplan in each virtual network before destroying the resource. I've tested the depend_on but this causes cycle error. Also looked into the lifecycle block and did not seem to apply.
Any suggestion would be greatly appreciated.
Additional info:
- the dynamic block for ddos plan in virtual network looks very similar to this https://github.com/hashicorp/terraform-provider-azurerm/issues/9113
Updates:
Terraform Version 0.13.7 AzureRM Provider Version: 3.13.0
Upvotes: 1
Views: 307
Answers (0)
Related Questions
- azurerm - Terraform not behaving as expected
- Destroying specific terraform infrastructure
- terraform plan returns the Error: Unsupported argument
- terraform Error: host for provisioner cannot be empty azurerm
- Terraform plan throws Provider Plugin Error
- azurerm_virtual_machine_extension Fails on Linux When Destroying
- terraform azurerm - cannot destroy public ip
- Terraform Plan stuck at Terraform:Plan task in ADO pipeline
- Terraform state rm command
- How to deal with Terraform destroy operation when azure policy requires NSG on all subnets?