Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Actual routes deleted by importing aws_route_table followed by apply #5631

Closed
YakDriver opened this issue Aug 21, 2018 · 6 comments · Fixed by #5657
Closed

Actual routes deleted by importing aws_route_table followed by apply #5631

YakDriver opened this issue Aug 21, 2018 · 6 comments · Fixed by #5657
Labels
bug Addresses a defect in current functionality. documentation Introduces or discusses updates to documentation. service/ec2 Issues and PRs that pertain to the ec2 service.
Milestone
v2.0.0

Comments

@YakDriver
Copy link
Member

YakDriver commented Aug 21, 2018
edited
Loading

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Importing an existing route table and then applying causes all routes to be deleted.

I'm interested in working on the solution and am preparing a PR. PR #5657 fixes this issue.

The same thing happens with rules in security groups and possibly other resources. To keep this bug report focused, I'm only including the resource I'm currently attempting to fix.

Terraform Version

Terraform v0.11.8
provider.aws v1.32.0 provider.aws v1.33.0 (verified the issue remains)

Affected Resource(s)

  • aws_route_table

Terraform Configuration Files

This bug affects routes whether they are created in-line in the route table or separately.

resource "aws_route_table" "route_table1" {
  vpc_id = "${var.vpc_id}"

  route {
    cidr_block = "${var.destination_cidr_ipv4}"
    vpc_peering_connection_id = "${var.vpc_peering_conn_1}"
  }
}

resource "aws_route_table" "route_table2" {
  vpc_id = "${var.vpc_id}"
}

resource "aws_route" "route1" {
  route_table_id = "${aws_route_table.route_table2.id}"
  destination_cidr_block = "${var.destination_cidr_ipv4}"
  vpc_peering_connection_id = "${var.vpc_peering_conn_2}"
}

Debug Output

Debug.

Expected Behavior

The route tables should be left without changes.

Actual Behavior

Both actual routes in the existing route tables are deleted.

Steps to Reproduce

Assuming that aws_route_table.route_table1, aws_route_table.route_table2, and aws_route.route1 already exist, both route tables will be left without routes.

$ terraform import -input=false aws_route_table.route_table1 "r-rtb-07ef0b555fc5af8243887186672"
$ terraform import -input=false aws_route_table.route_table2 "r-rtb-0f27bb31b59b926bf3887186672"
$ terraform plan -input=false -out=newplan
$ terraform apply -input=false newplan

References
@YakDriver YakDriver mentioned this issue Aug 23, 2018
Merged
@YakDriver
Copy link
Member Author

I have submitted pull request #5657 to fix this issue.

@YakDriver
Copy link
Member Author

@bflad any chance of getting some labels on this? 👍

@bflad bflad added bug Addresses a defect in current functionality. service/ec2 Issues and PRs that pertain to the ec2 service. labels Aug 23, 2018
@bflad
Copy link
Contributor

bflad commented Aug 23, 2018

When importing aws_route_table resources, it automatically creates aws_route resources in the Terraform state. I personally do not know the historical context about this decision, but my guess why its setup this way is because there is currently no support importing aws_route resources. Theoretically you would never be able to setup a Terraform configuration from existing AWS infrastructure that uses the separate aws_route resources without manually creating them in the Terraform state unless the import for aws_route_table performed it for you as it does today.

The plan output after import should be showing two aws_route resources for deletion given the above. This is alluded to in the debug logs:

aws_route.rt (destroy) - *terraform.NodeDestroyResource
aws_route.rt-1 (destroy) - *terraform.NodeDestroyResource

Maybe the best option for now is documenting the behavior of automatically creating separate aws_route resources (which either must be configured or have terraform state rm run against them) until support for importing aws_route resources is implemented. Once that is available, then we can change the behavior of aws_route_table import to not create aws_route resources in state.

@bflad bflad added the documentation Introduces or discusses updates to documentation. label Aug 23, 2018
This was referenced Aug 27, 2018
Closed
Closed
@YakDriver YakDriver mentioned this issue Aug 28, 2018
Merged
@YakDriver YakDriver changed the title Importing deletes all routes in a route table Import aws_route_table then apply deletes all routes Aug 29, 2018
@YakDriver YakDriver changed the title Import aws_route_table then apply deletes all routes Actual routes deleted by importing aws_route_table followed by apply Aug 29, 2018
YakDriver added a commit to YakDriver/terraform-provider-aws that referenced this issue Aug 29, 2018
@YakDriver
resource/aws_route: Add support for import
a810037 
Enable use of standard import mechanism to import aws_route
resources. The enhancement was complicated by AWS not assigning
route table routes (aws_route) an ID. However, a route can be
uniquely identified with a route table ID and CIDR destination.
Thus, creating a pseudo ID defined by
r-ROUTETABLEID_CIDRDESTINATION allows routes to be identified and
imported.

Related hashicorp#5631, #704, hashicorp/terraform#13779
YakDriver added a commit to YakDriver/terraform-provider-aws that referenced this issue Aug 30, 2018
@YakDriver
resource/aws_route_table: Add documentation/warnings for import behavior
4a3e1a6 
This adds warnings and work around information related to the bug
detailed in hashicorp#5631.
@bflad bflad mentioned this issue Sep 4, 2018
Closed
@YakDriver YakDriver mentioned this issue Oct 1, 2018
Closed
@marceloboeira
Copy link
Contributor

marceloboeira commented Dec 12, 2018
edited
Loading

Any updates here? I'm facing the same issue...

Thanks @YakDriver for the PR!

YakDriver added a commit to YakDriver/terraform-provider-aws that referenced this issue Dec 26, 2018
@YakDriver
Fix route table importing to avoid route deletion
3f472eb 
Import route tables using inline routes in the resource data. This
is the same way resource data is structured when routes tables are
read (and created) which enables imports to line up properly with
existing resources.

Previously, if you applied a state that included the import of a
route table, all routes in the route table would be deleted. This
bug occurred because the import function
(resourceAwsRouteTableImportState()) would return a target state
including both a route table resource and separate route resources
for each route. The route table read function
(resourceAwsRouteTableRead()) returns a state with a route table
resource having inline routes. Despite being equivalent, since the
states did not match, Terraform would delete all routes in the
route table when applying the change plan.

Fixes hashicorp#5631

Update functions names to comply with convention

This commit is planned to occur after PR hashicorp#5687 which changes the
names of these functions. In order to avoid merge conflicts at that
time, this pre-emptively renames the functions.
snakeb1t pushed a commit to snakeb1t/terraform-provider-aws that referenced this issue Feb 4, 2019
@YakDriver
Fix route table importing to avoid route deletion
00a2132 
Import route tables using inline routes in the resource data. This
is the same way resource data is structured when routes tables are
read (and created) which enables imports to line up properly with
existing resources.

Previously, if you applied a state that included the import of a
route table, all routes in the route table would be deleted. This
bug occurred because the import function
(resourceAwsRouteTableImportState()) would return a target state
including both a route table resource and separate route resources
for each route. The route table read function
(resourceAwsRouteTableRead()) returns a state with a route table
resource having inline routes. Despite being equivalent, since the
states did not match, Terraform would delete all routes in the
route table when applying the change plan.

Fixes hashicorp#5631

Update functions names to comply with convention

This commit is planned to occur after PR hashicorp#5687 which changes the
names of these functions. In order to avoid merge conflicts at that
time, this pre-emptively renames the functions.
@bflad
Copy link
Contributor

bflad commented Feb 23, 2019

The resource import behavior change in the aws_route_table resource to no longer import the following resources has been merged:

  • aws_route
  • aws_route_table_association
  • aws_main_route_table_association

This will release with version 2.0.0 of the Terraform AWS Provider, likely in the next week or two.

@bflad bflad added this to the v2.0.0 milestone Feb 23, 2019
@ghost
Copy link

ghost commented Mar 31, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Mar 31, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Addresses a defect in current functionality. documentation Introduces or discusses updates to documentation. service/ec2 Issues and PRs that pertain to the ec2 service.
Projects
None yet
Milestone
v2.0.0
3 participants
@bflad @marceloboeira @YakDriver