1

I wanted to destroy the DEV environment from my Kubernetes hosted on AWS EKS. There are two parts to the resources; the infrastructure part and the application part. I use Terraform/Terragrunt to deploy/destroy the infra and helm to deploy/destroy the applications. There are multiple pods running and I could destroy the releases by running helm uninstall <release-name>. However, when it came to destroying the infra, I ran into error. Here is what I did:

To destroy the infra, I ran: ENV=DEV make destroy. To this command, it returns this:

cd infra/DEV && terragrunt destroy

Remote state S3 bucket aib-iac-tf-state does not exist or you don't have permissions to access it. Would you like Terragrunt to create it? (y/n)

To this, I tried with both y and n but it returns this error:

make: *** [Makefile:30: destroy] Error 1

Assuming that my access was altered by the root user to create/delete resources inside S3 Bucket, I found it was not. The S3 Bucket aib-iac-tf-state does exist in the storage.

Then I went to check inside *Makefile*, line 30 as per the error. This is what is in line 29 and 30:

destroy:
    cd ${INFRA_DIR}/${ENV} && terragrunt destroy ${TF_VARS}

I am still not able to destroy the resources. Any help would be appreciated.

Improve this question

1 Answer 1

Reset to default
0

The error from Terraform is telling you that it's remote state bucket does not exist, and therefore it can't read the remote state to understand what to destroy. This sounds like a misconfiguration in the wrapper that you're using via Make.

If you can, check the .tf files for a block like this:

terraform {
  backend "s3" {
    bucket = "mybucket"
    key    = "path/to/my/key"
    region = "us-east-1"
  }
}

And make sure that the bucket has the correct name. You may need to compare with your AWS account to find a bucket that holds the right data.

If you can't find anything like that - check in your local workspace for a .tfstate file, and then remove the backend block so it's using your local state file not a remote backend. YMMV - you may want to find a colleague with Terraform skills and get them to take a look!

TL;DR - sounds a bit like a bug in the wrapper to me, or something has got deleted out of order.

Improve this answer
2
  • Thank you for the heads up. I could locate a file with .hcl extension called remote.hcl. remote_state { backend = "s3" generate = { path = "backend.tf" if_exists = "overwrite_terragrunt" } config = { profile = "${yamldecode(file("${get_terragrunt_dir()}/vars.yml")).inputs.profile}" bucket = "aib-iac-tf-state" key = "${path_relative_to_include()}/terraform.tfstate" region = "us-east-1" encrypt = true dynamodb_table = "aib-iac-tf-state-lock" } } Any guidance would be thankful.
    – Summerborn Storm
    Commented Jan 23 at 5:42
  • 1
    Thank you for the heads up. I could not upvote your answer due to insufficient reputation but I could solve it following your guidance.
    – Summerborn Storm
    Commented Jan 23 at 6:45

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .