Terraform: providers/google: Cannot destroy network used by Container Engine
When configuring a google_compute_network and using it to set up google_container_cluster, it becomes impossible to destroy the resources.
This is the error message I get:
google_compute_network.my_network: The network resource
'projects/my_project/global/networks/my_network' is already being used by
'projects/my_project/global/firewalls/k8s-fw-adf57fd8b2b5a11e7a07842010af002a'
Per this page:
Container Engine also adds a firewall rule to your Compute Engine network allowing SSH access from the master's IP address to each node in the cluster.
It seems to me that this firewall rule needs to be destroyed with the google_container_cluster resource, otherwise it's not possible to destroy the google_compute_network resource once the cluster has been set up. Currently, destroying the container cluster still leaves the firewall rules in place.
dasch
All 2 comments
Meanwhile you can destroy the network with: gcloud compute networks delete my_network_to_destroy
qgadrian
on 29 May 2017
I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
![hashibot[bot] picture](https://avatars2.githubusercontent.com/in/8332?v=4&s=40)
hashibot[bot]
on 9 Apr 2020
Related issues
pawelsawicz
ยท
3Comments
thebenwaters
ยท
3Comments
darron
ยท
3Comments
rjinski
ยท
3Comments
zeninfinity
ยท
3Comments
Most helpful comment
Meanwhile you can destroy the network with:
gcloud compute networks delete my_network_to_destroy