Deleting a Versioned Bucket

This message is extracted from a ticket originally received at support at Gruntwork dot io. Names and URLs have been removed where appropriate.

We are receiving the following error when trying to delete a bucket

module.cloudfront.aws_cloudfront_distribution.public_website_s3_bucket: Still destroying… (ID: XXXXXXXXXXXXXX, 3m50s elapsed)
Releasing state lock. This may take a few moments…

Error: Error applying plan:

1 error(s) occurred:

  • module.alb_access_logs_bucket.aws_s3_bucket.access_logs_with_logs_archived_and_deleted (destroy): 1 error(s) occurred:

  • aws_s3_bucket.access_logs_with_logs_archived_and_deleted: Error deleting S3 Bucket: BucketNotEmpty: The bucket you tried to delete is not empty. You must delete all versions in the bucket.
    status code: 409, request id: XXXXXXXXXXXXXX, host id: XXXXX/XXXXX= “xxxxx-prod-alb-internal-access-logs”

Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.

You can force the destruction of a non-empty bucket by setting the force_destroy property on the bucket. Please see the following documentation for additional information:

Since this is the cloudfront module, it actually exposes a force_destroy_access_logs_bucket variable specifically for this purpose: Set it to true and the error will go away. It’s false by default so you don’t accidentally delete important data.

That doesn’t seem to be the case if versioning is enabled. I’m surprised this isn’t a bigger issue for users.