Terraform-provider-aws: Error deleting S3 Bucket with Versioning Enabled: BucketNotEmpty
_This issue was originally opened by @osterman as hashicorp/terraform#7854. It was migrated here as part of the provider split. The original body of the issue is below._
Terraform Version
Terraform v0.6.16
Affected Resource(s)
aws_s3_bucket
Terraform Configuration Files
resource "aws_s3_bucket" "storage" {
bucket = "storage.${var.dns_zone}"
acl = "private"
force_destroy = true
versioning {
enabled = true
}
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect":"Allow",
"Action":["s3:GetObject"],
"Resource":["arn:aws:s3:::storage.${var.dns_zone}", "arn:aws:s3:::storage.${var.dns_zone}/*"],
"Principal": "*",
"Condition": {
"StringEquals": {
"aws:sourceVpce": "${aws_vpc_endpoint.s3.id}"
}
}
}
]
}
EOF
tags {
Name = "${var.namespace}-storage"
Namespace = "${var.namespace}"
Role = "storage"
Stage = "${var.stage}"
}
lifecycle {
create_before_destroy = true
}
}
Expected Behavior
Because force_destroy = true is enabled, it should also delete the versions of the objects.
Actual Behavior
Error applying plan:
1 error(s) occurred:
* aws_s3_bucket.storage: Error deleting S3 Bucket: BucketNotEmpty: The bucket you tried to delete is not empty. You must delete all versions in the bucket.
status code: 409, request id: 9AE6E70339A97B62
Steps to Reproduce
- Define a bucket resource
terraform apply- Upload some other assets to the bucket
terraform destroy
Important Factoids
- Running on AWS.
Bucket was created using
aws clibecause we also use it to store terraform remote state.References
The ability to force delete a bucket was requested here: https://github.com/hashicorp/terraform/issues/1977
- The ability to force delete a bucket was implemented here: https://github.com/hashicorp/terraform/pull/2007 (no mention of versioning support)
hashibot
All 10 comments
Seeing this on v0.9.11 too.
sarjuymd
on 27 Jul 2017
Can confirm the workaround that helped me with this issue (0.10.5) was:
- Changed force_destroy to true
- Run plan & apply
- Changed bucket name
- Run plan & apply
- Change force_destroy back to false
xocasdashdash
on 15 Sep 2017
FWIW this is still the case with 0.11.1
pmoust
on 18 Dec 2017
Yes the issue still exists with latest version of terraform.
scraly
on 3 Jan 2018
+1 Any idea when this issue might be resolved ?
Ycallaer
on 17 Jan 2019
It works in Terraform v0.12.0.
I created some resources
resource "aws_s3_bucket" "terraform-state-storage-s3" {
# Remember that this name should be globally unique
bucket = "terraform-remote-state-storage-s3-example"
versioning {
enabled = true
}
lifecycle {
prevent_destroy = false
}
force_destroy = true
}
I added some files to the bucket and then run terraform destroy it worked well
jasonlll88
on 25 May 2019
i can confirm this also works in v0.11.14 as well
bostrowski13
on 31 May 2019
There have been various fixes, such as https://github.com/terraform-providers/terraform-provider-aws/pull/7268, which mean that this problem should be resolved now.
ewbankkit
on 23 Nov 2019
Hi folks 👋 As mentioned above, it is likely that various scenarios have been fixed with various updates to the Terraform AWS Provider since this bug report was submitted. If you are still running into trouble running recent versions of the Terraform CLI and the Terraform AWS Provider, please open a new bug report following the issue template and we will take a further look. Thanks.
bflad
on 25 Nov 2019
I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.
If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!
![hashibot[bot] picture](https://avatars2.githubusercontent.com/in/8332?v=4&s=40)
hashibot[bot]
on 29 Mar 2020
Related issues
hashibot
·
3Comments
hashibot
·
3Comments
EmmN
·
3Comments
hashibot
·
3Comments
gothrek22
·
3Comments
Most helpful comment
Yes the issue still exists with latest version of terraform.