Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

sweeper/aws_directory_service_directory: Failing with "ClientException: Cannot delete the directory because it still has authorized applications" #20556

Closed
ewbankkit opened this issue Aug 13, 2021 · 4 comments
Labels
sweeper Pertains to changes to or issues with the sweeper.

Comments

@ewbankkit
Copy link
Contributor

We see the aws_directory_service_directory sweeper failing with

ClientException: Cannot delete the directory because it still has authorized applications.

Investigate whether we have dependencies correctly defined.

@github-actions github-actions bot added the sweeper Pertains to changes to or issues with the sweeper. label Aug 13, 2021
@ewbankkit
Copy link
Contributor Author

ewbankkit commented Aug 13, 2021

From the AWS Console, these are the AWS apps & services that can depend on a directory:

Screen Shot 2021-08-13 at 9 45 39 AM

Currently we specify these sweeper dependencies:

resource.AddTestSweepers("aws_directory_service_directory", &resource.Sweeper{
Name: "aws_directory_service_directory",
F: testSweepDirectoryServiceDirectories,
Dependencies: []string{
"aws_db_instance",
"aws_ec2_client_vpn_endpoint",
"aws_fsx_windows_file_system",
"aws_workspaces_directory",
},
})

@gdavison
Copy link
Contributor

There's also a potential eventual consistency error that sometimes shows up in acceptance tests when an application is deleted right before the directory is deleted. We should add a Retry loop to the delete operation.

@zhelding
Copy link
Contributor

zhelding commented Apr 8, 2022

#22027 appears to have fully resolved this issue. Running on the latest main (b0924ce), sweeper is passing:

$ SWEEPARGS=-sweep-run=aws_directory_service_directory make sweep
WARNING: This will destroy infrastructure. Use only in development accounts.
go test ./internal/sweep -v -tags=sweep -sweep=us-west-2,us-east-1,us-east-2 -sweep-run=aws_directory_service_directory -timeout 60m
2022/04/08 13:06:51 [DEBUG] Running Sweepers for region (us-west-2):
2022/04/08 13:06:51 [DEBUG] Running Sweeper (aws_ec2_client_vpn_network_association) in region (us-west-2)
2022/04/08 13:01:23 Completed Sweepers for region (us-east-2) in 8.319516773s
2022/04/08 13:01:23 Sweeper Tests for region (us-east-2) ran successfully:
        - aws_opsworks_rds_db_instance
        - aws_db_instance
        - aws_fsx_ontap_storage_virtual_machine
        - aws_ec2_client_vpn_network_association
        - aws_directory_service_directory
        - aws_appstream_directory_config
        - aws_fsx_ontap_volume
        - aws_workspaces_workspace
        - aws_workspaces_ip_group
        - aws_connect_instance
        - aws_transfer_server
        - aws_workspaces_directory
        - aws_fsx_windows_file_system
        - aws_ec2_client_vpn_endpoint
ok      github.com/hashicorp/terraform-provider-aws/internal/sweep      383.282s

@zhelding zhelding closed this as completed Apr 8, 2022
@github-actions
Copy link

github-actions bot commented May 9, 2022

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 9, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
sweeper Pertains to changes to or issues with the sweeper.
Projects
None yet
Development

No branches or pull requests

3 participants