Terraform destroy to get error response from AWS API?

0
votes

AWS wont let you delete a VPC if there are instances in it.

If I create a non tf managed instance in a vpc (that I did create with terraform) and then do a terraform destroy tf hangs waiting.

I can then go to aws console and manually delete the vpc and get a useful response from aws as to why it cant be deleted and a list of the offending resources i can manually delete.

Is there a verbose switch where terraform would spit out these messages from the AWS API? I assume the AWS API returns this info, but perhaps it only does that when deleting via the console?

I havent found any info on how to make the tf destroy command return this info so assuming it probably not possible but wanted to confirm.

1
amazon-web-servicesterraformterraform-provider-aws

1 Answers

1
votes

You can get more information from terraform by setting the TF_LOG variable before executing terraform. There are a few levels of logging, which should look familiar if you are familiar with syslog severity levels (i.e. INFO, WARN, ERROR ,etc..). Setting this variable is a very useful debugging strategy.

Setting TF_LOG=DEBUG should at least let you determine which AWS api calls are being called. In my experience with terraform, it's not uncommon for an api call to fail; and terraform sometimes won't report an error, hangs, or does report an error but the information is archaic at best. This is something the terraform community is working on. And there are current github issues open to similar behavior

If after setting the TF_LOG environment variable, the api call is indeed failing, I suggest that you open a github issue with terraform; and please format it using the issues contributing guidelines