This message was deleted.
s
This message was deleted.
b
usually this is because of a security group or an EC2 instance created in the VPC manually that isn't in the dependency graph. If you try delete it from the console, it'll tell you what is blocking
it would be great if the aws API told you what it is 😞
b
hi jaxx, yeah it can't be anything manually created, it's all from within my script here, I created a bastion in this vpc, when i terminate that instance then i can manually detach the IG from the vpc and delete it
question is, how to i ensure pulumi kills the bastion first
it's the dependency chain right
do i make the ig depend on the bastion ?
b
yeah i think that'll do it
w
I think it would be the opposite - bastion depend on ig.
That way bastion is deleted before ig (and created after ig)
b
i tried that earlier and it didn't work, i'll try it again
Right you were Mitch, I had placed the dep on the elastic ip for the bastion and not the bastion itself, doing so fixed it !
put the IG as dep on both fixed it
w
So you ended up with
dependsOn bastion
property added to IG declaration? And not vice versa?
b
yep
Copy code
inst, err := ec2.NewInstance(ctx, fmt.Sprintf("axiom-bastion-%s", w.identifier), &ec2.InstanceArgs{
		Ami:          pulumi.String(bastion.Id),
		InstanceType: pulumi.String("t3.micro"),
		Tags: pulumi.StringMap{
			"Name": pulumi.String(fmt.Sprintf("axiom-bastion-%s", w.identifier)),
		},
		SubnetId:            pulumi.StringInput(w.publicSN[0].ID()),
		VpcSecurityGroupIds: pulumi.StringArray{pulumi.StringInput(w.bastionSecurityGroup.ID())},
		KeyName:             w.keyPair.KeyName,
	}, pulumi.DependsOn([]pulumi.Resource{w.keyPair, w.bastionSecurityGroup, w.iGateway}))
	if err != nil {
		return err
	}

	eip, err := ec2.NewEip(ctx, fmt.Sprintf("axiom-bastion-eip-%s", w.identifier), &ec2.EipArgs{
		Vpc:      pulumi.Bool(true),
		Instance: inst.ID(),
	}, pulumi.DependsOn([]pulumi.Resource{inst, w.iGateway}))
iGW on both EIP and EC2 instance