Hi! I've only been playing around with Pulumi for about 2 weeks, and I've converted a bunch of CloudFormation templates into Pulumi code. However, I've had a lot of issues with resources getting "lost" (ie. existing but not tracked by Pulumi). I assumed this was due to me writing bad code and learning to use the tool. However now I've come at the point where I see behaviour that is worrying me and I can't explain. The scenario: 1. I create a stack with quite a few resources. The creation is succesful. 2. I execute a pulumi down command to destroy the stack (excluding some protected resources) 3. The down operation fails due to a timeout 4. I do pulumi refresh and it tells me there are only a few resources left in the stack 5. Another pulumi down operation tells me there are only protected resources left However on inspection of my AWS account, there is a whole bunch of resources left over (not protected ones). I now have to check all my resources manually and clean them up, which is a major PITA, not to mention a financial liability. It seems that an error during the pulumi down operation just causes pulumi to assume everything is probably gone and remove it from the state? I do not understand that behaviour? That's really annoying? Can anyone shed some light on what is going on here?

It seems that an error during the pulumi down operation just causes pulumi to assume everything is probably gone and remove it from the state?

I do not understand that behaviour? That's really annoying?

It should not! We save each delete operation to state before doing it and only clear the resource from state when the operation is successful. The only thing I can think of is maybe a bug with

--exclude-protected

, can you raise an issue about this with what resources got lost? Might help to see exactly what went missing.

I hope it is a bug, because this could be a showstopper for me! I'll create a ticket!

It's definitely not intended behaviour. The state system does a load of extra work compared to most IAC state systems to not loose track of resources.

Happy to hear that shouldn't happen. Created a bug: https://github.com/pulumi/pulumi/issues/14416

pulumi's ability to cleanup resources in aws is really terrible right now. it is basically broken for eks.

Haven't had any issues with EKS actually. It's more all the EC2 networking stuff that has been a pain.

yeah I am blocked by this now. the timing is annoying.