Terraform dependency management not advanced enough to catch some cases

[gtmtech]

I first discovered this on #2376 on terraform 0.7.5.

To reproduce, take 2 aws_subnet resources with CIDR blocks, A= 10.1.1.0/24 and B= 10.1.2.0/24. Spin them up.

Now - oops, I got them the wrong way around, and A should have been 10.1.2.0/24 and B should have been 10.1.1.0/24 - so I reset them and terraform apply.

Terraform is unable to resolve this situation. What it should do is identify that the resources conflict, and it needs to destroy BOTH before recreating BOTH.

If other resources are based off of these resources, e.g. security group rules, then terraform will report other errors such as #2376 . and the whole thing cascades down.

It would be possible for terraform to successfully detect and resolve these problems, but currently its dependency management tree is not sophisticated enough to handle it.

[mitchellh]

There are other issues discussing smarter destroy logic, and there is a lot of discussion/thought around those. It is a complicated issue and I'll delegate to those. Sorry no specific issue number but the title it usually around destroy ordering, I remember being involved in those convos and its something we definitely want to think about.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.