After spending more time with this, it seems it is still an intermittent issue with the latest versions of providers. Sometimes it works, sometimes it doesn’t.
My current best guess is having expired kubernetes auth tokens. So, after I get the first Unauthorized error, doing a terraform refresh before the next terraform destroy seems to get things working. No need to force removing from state.
I hope this can get fixed but until then I’ll build a habit of doing a refresh before a destroy.
I have the exact same error. It seems related with the auth-map.
It is the same terraform template that for 1 year and this error has started to appear only from few months. I don’t know if it is due to the upgrade of providers version or the terraform new version.
I just ran in to this. Performing a refresh before a destroy did not solve my problem. I had to remove the module.eks.kubernetes_config_map.aws_auth from my state in order to proceed with the destroy.
I hit the same as you guys and when tried deleting it from the state terraform state rm module.eks.kubernetes_config_map.aws_auth
However, it was complaining unable to find that even terraform state list shows it. I was only successful when put in commas terraform state rm 'module.eks.kubernetes_config_map.aws_auth'