From 4b0b24711680eb49f9bcc457df17cbe606560672 Mon Sep 17 00:00:00 2001 From: "sivan.hajbi" Date: Wed, 20 Aug 2025 22:12:50 +0300 Subject: [PATCH 1/2] add force_destroy true to ec2 instance to fix disable_api_termination issue on terraform destroy --- modules/aws/ciphertrust-manager/main.tf | 3 ++- modules/aws/dam-base-instance/main.tf | 1 + modules/aws/dra-admin/main.tf | 1 + modules/aws/dra-analytics/main.tf | 1 + modules/aws/sonar-base-instance/main.tf | 1 + modules/null/poc-db-onboarder/main.tf | 2 +- 6 files changed, 7 insertions(+), 2 deletions(-) diff --git a/modules/aws/ciphertrust-manager/main.tf b/modules/aws/ciphertrust-manager/main.tf index 9299062a1..c14d3dd9c 100644 --- a/modules/aws/ciphertrust-manager/main.tf +++ b/modules/aws/ciphertrust-manager/main.tf @@ -43,7 +43,8 @@ resource "aws_instance" "cipthertrust_manager_instance" { network_interface_id = aws_network_interface.eni.id device_index = 0 } - disable_api_termination = true + disable_api_termination = true + force_destroy = true metadata_options { http_endpoint = "enabled" http_tokens = "required" diff --git a/modules/aws/dam-base-instance/main.tf b/modules/aws/dam-base-instance/main.tf index ddce261c0..6ed7c8b86 100644 --- a/modules/aws/dam-base-instance/main.tf +++ b/modules/aws/dam-base-instance/main.tf @@ -53,6 +53,7 @@ resource "aws_instance" "dsf_base_instance" { device_index = 0 } disable_api_termination = true + force_destroy = true user_data_replace_on_change = false # metadata_options { # DAM still doesn't support IMDSv2 # http_endpoint = "enabled" diff --git a/modules/aws/dra-admin/main.tf b/modules/aws/dra-admin/main.tf index e7b1ba4c3..09e6a1e03 100644 --- a/modules/aws/dra-admin/main.tf +++ b/modules/aws/dra-admin/main.tf @@ -46,6 +46,7 @@ resource "aws_instance" "dsf_base_instance" { device_index = 0 } disable_api_termination = true + force_destroy = true user_data_replace_on_change = false metadata_options { http_endpoint = "enabled" diff --git a/modules/aws/dra-analytics/main.tf b/modules/aws/dra-analytics/main.tf index 3008a4654..4ca215d99 100644 --- a/modules/aws/dra-analytics/main.tf +++ b/modules/aws/dra-analytics/main.tf @@ -40,6 +40,7 @@ resource "aws_instance" "dsf_base_instance" { device_index = 0 } disable_api_termination = true + force_destroy = true user_data_replace_on_change = false metadata_options { http_endpoint = "enabled" diff --git a/modules/aws/sonar-base-instance/main.tf b/modules/aws/sonar-base-instance/main.tf index cebec04a6..5d19382fe 100644 --- a/modules/aws/sonar-base-instance/main.tf +++ b/modules/aws/sonar-base-instance/main.tf @@ -50,6 +50,7 @@ resource "aws_instance" "dsf_base_instance" { device_index = 0 } disable_api_termination = true + force_destroy = true user_data_replace_on_change = false metadata_options { http_endpoint = "enabled" diff --git a/modules/null/poc-db-onboarder/main.tf b/modules/null/poc-db-onboarder/main.tf index 7dacc1c1f..eb0f76307 100644 --- a/modules/null/poc-db-onboarder/main.tf +++ b/modules/null/poc-db-onboarder/main.tf @@ -72,7 +72,7 @@ resource "null_resource" "onboard_db_to_dsf" { database_asset_data = jsonencode(local.database_data) database_id = urlencode(local.database_data.data.id) usc_access_token = nonsensitive(var.usc_access_token) - enable_audit = nonsensitive(var.enable_audit) + enable_audit = var.enable_audit }) ] } From d767bcad740965e6eaa5400acd5d66b172f9ffbf Mon Sep 17 00:00:00 2001 From: "sivan.hajbi" Date: Thu, 21 Aug 2025 09:24:06 +0300 Subject: [PATCH 2/2] add disable_api_termination to cte ddc agent --- modules/aws/cte-ddc-agent/main.tf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/aws/cte-ddc-agent/main.tf b/modules/aws/cte-ddc-agent/main.tf index d3d9e458c..12e121d6e 100644 --- a/modules/aws/cte-ddc-agent/main.tf +++ b/modules/aws/cte-ddc-agent/main.tf @@ -62,6 +62,8 @@ resource "aws_instance" "cte_ddc_agent" { network_interface_id = aws_network_interface.eni.id device_index = 0 } + disable_api_termination = true + force_destroy = true metadata_options { http_endpoint = "enabled" http_tokens = "required"