Making a resource execute after destruction of another resource with create_before_destroy = true

joaopsys · July 4, 2023, 12:19pm

I’m having some challenges with terraform. I’m not even sure if this is doable, but I’m hoping someone could help me out

Take the following code as an example. You can run it and test the behavior I’m about to explain.

resource "terraform_data" "nothing_one" {
  lifecycle {
      create_before_destroy = true
  }
}

resource "terraform_data" "nothing_two" {
  lifecycle {
      create_before_destroy = true
  }
  depends_on = [
    resource.terraform_data.nothing_one
  ]
}

resource "terraform_data" "nothing_three" {
  depends_on = [
    resource.terraform_data.nothing_one,
    resource.terraform_data.nothing_two
  ]

  triggers_replace = {
    always_run = timestamp()
  }
}

I would like nothing_three to always execute. It’s a certain resource that always needs to be created (it’s local-exec it my actual code). However it needs to run AFTER all the creations and deletions of both nothing_one and nothing_two.

Problem: Right now if I delete nothing_two, the deletion will always occur after nothing_three.

The main reason for this behavior is due to nothing_one and nothing_two having create_before_destroy = true, but that is a limitation from the provider we are using and we need to keep that lifecycle on both resources.

So my question is: Is there ANY way I can make nothing_three always execute only once and as the absolute LAST task (after creations, updates, destroys)?

Thank you for your help in advance, really appreciate it!

maxb · July 4, 2023, 6:50pm

I’m no expert, but I have made a few attempts to understand what https://github.com/hashicorp/terraform/blob/main/docs/destroying.md tries to teach about create_before_destroy.

I’m pretty sure that the very act of configuring nothing_two as create_before_destroy will ensure that nothing_two’s destroy will be after the create/update of anything that depends on it, such as nothing_three.

To the best of my knowledge, Terraform doesn’t offer a way to achieve all your requirements.

jbardin · July 5, 2023, 12:16pm

Hi @joaopsys,

That ordering is not possible in Terraform, and not generally possible without introducing cycles into the order of operations.

What you are describing here by “run AFTER all the creations and deletions” is a procedural idea that doesn’t fit in with the declarative nature of Terraform. Another clue that this is not going to fit well within Terraform is the fact that you are creating a resource which will never converge to an empty plan, and a plan with no changes is basically how you can be assured that the configuration represents the reality of the infrastructure you are managing.

Executing something after the completion of all the changes in Terraform is better done in the workflow outside of Terraform by an external script.

joaopsys · July 5, 2023, 1:20pm

Thank you very much for your replies. At least now I have a confirmation that I’m not missing anything and this is indeed not possible to achieve

I will solve this one externally to Terraform. I appreciate your help!

Topic		Replies	Views
Create_before_destroy icw depends_on resource list Terraform	0	51	July 1, 2024
Terraform destroys a resource before updating depending resources Terraform	4	6968	September 22, 2022
How to automatically destroy a resource while destroying other? Terraform	1	294	January 15, 2020
Creating a custom resource Terraform	1	989	August 21, 2020
How to first update dependency and then delete an old object Terraform	2	1252	February 24, 2020

Making a resource execute after destruction of another resource with create_before_destroy = true

Related topics