Hi all, When I try "pulumi down" on an EKS cluster, I get this error: awsec2SecurityGroup (eks-cluster-nodeSecurityGroup): error: deleting urnpulumidev:docker ekseksindex:Cluster$awsec2/securityGroupSecurityGroup:eks cluster nodeSecurityGroup 1 error occurred: * deleting Security Group (sg-072070a581a755ec1): DependencyViolation: resource sg-072070a581a755ec1 has a dependent object status code: 400, request id: 08a68b50-ddfa-4462-a189-5445ec9bedfc What is the best course of action here? Go down the dependency tree and try to delete manually? Is there a way to force delete from pulumi itself?

First, I'd check dependencies between security group and other resources Then I'd check which resource option could be used in this situation https://www.pulumi.com/docs/concepts/options/dependson/ https://www.pulumi.com/docs/concepts/options/deletedwith/ https://www.pulumi.com/docs/concepts/options/retainondelete/ Another idea is to scale down number of nodes to 0 and retry deleting.

Thanks for the tips @great-zebra-31498. I will try them now and see how it goes. The problem using the resource options you mention is I might not create all the resources needed. For example I will just ask Pulumi to create a EKS cluster and it knows the dependency graph of all the resources, so it should be in a better position to delete the resources in the order it created. For example I never mentioned to create a SecurityGroup. In fact its hard for a user to find the dependency graph. The problem started out of the blue, pulumi up and down were working fine and suddenly this happened.

Make sure no rules have been added to the security group outside of pulumi (in the console)- if they are not part of pulumi state, it will cause the deletion of the security group to fail. This is usually the case for me when i encounter this error, at least.

Thanks for tip James. I am learning Pulumi, so I am starting with clean slate on AWS with fresh accounts and only interacting with it through pulumi up and down.

@chilly-thailand-69363 have you run

pulumi down

successfully? Do you use pulumi-eks package? If so, have you tried to set

min_size

to

0

and

desired_capacity

to

0

?

Yes did try that but did not work. Had to manually hunt down resources.