Introduction
While a rare scenario, something like the following can appear in the Terraform plan output:
# aws_lb_target_group.main (deposed object f48a8468) will be destroyed
- resource "aws_lb_target_group" "main" {The word "deposed" always indicates that the resource was configured with the lifecycle meta-argument create_before_destroy, e.g.:
resource "aws_lb_target_group" "main" {
# ...
lifecycle {
create_before_destroy = true
}
}
By default, Terraform will first destroy a resource prior to recreating it when the resource plan shows it will be replaced. This results in the original resource data first being removed from the state and then replaced with the newly created resource data.
However, when create_before_destroy is used Terraform must continue to store the to-be-deleted resource in the state while the desired resource is being created, so it marks the to-be-deleted resource with a "deposed" status. When both the create and destroy operations are successful, the deposed resource is removed from the state and "deposed" does not appear in later plans.
Potential Issues
When "deposed" appears in the plan output, it means there was a prior error creating or destroying this resource. Either there was an error while the creating new resource or there was an error in deleting the old resource, leaving only a partial state in the state.
This can result in a number of issues, including:
- subsequent failures to destroy the deposed resource, e.g.:
Error: error deleting Target Group: ResourceInUse: Target group
'arn:aws:elasticloadbalancing:us-east-1:1234567:targetgroup/abc/xyz'
is currently in use by a listener or a rule
- Error: Cycle: errors containing the deposed resource
- contains unknown values during apply errors for dependent resources
Steps to Resolve
1. Decide which actual infrastructure represented by the deposed resource you want to keep. When "deposed" appears in the plan, it typically implies there is an existing instance of infrastructure that represents the desired state of the resource, and one that represents the old state that should be deleted.
2. Once you have decided, run the state rm command to remove the resource data from Terraform's state tracking. Please note that this command will remove both deposed and non-deposed instances of the resource from the state.
3. Use the import command to bring the existing desired resource back under Terraform's management. For a more detailed guide, please see How to Import Resources into a Remote State Managed by Terraform Cloud
4. Clean up the unwanted infrastructure either manually or by importing to new resource configuration and managing with Terraform.
External resources:
- https://www.reddit.com/r/Terraform/comments/myo3xv/how_to_ignore_destroy_and_recreate_operation_on/gvyef6c/?utm_source=share&utm_medium=web2x&context=3
- https://stackoverflow.com/questions/41856270/how-should-i-handle-deposed-resources-in-terraform