Hello,
I have configure a cluster role template binding using the Rancher2 Terraform provider like so:
resource "rancher2_cluster_role_template_binding" "user_cluster_role_binding" {
for_each = var.rbac.users
name = replace(lower("${var.rancher_cluster_name}-${split("@", each.key)[0]}-${each.value}"), local.chars_to_remove_role_binding, "")
cluster_id = rancher2_cluster.new-imported-cluster.id
role_template_id = data.rancher2_role_template.user_cluster_roles[each.key].id
user_id = "azuread_user://${data.azuread_user.sso_users[each.key].object_id}"
depends_on = [data.rancher2_role_template.user_cluster_roles]
}
Whenever I try to destroy such resource it times out
The same for a group works fine
resource "rancher2_cluster_role_template_binding" "group_cluster_role_binding" {
for_each = var.rbac.groups
name = replace(lower("${var.rancher_cluster_name}-${each.key}-${each.value}"), local.chars_to_remove_role_binding, "")
cluster_id = rancher2_cluster.new-imported-cluster.id
role_template_id = data.rancher2_role_template.group_cluster_roles[each.key].id
group_id = "azuread_group://${data.azuread_group.sso_groups[each.key].object_id}"
depends_on = [data.rancher2_role_template.group_cluster_roles]
}
This is the error that I am getting whenever the destruction times out:
╷
│ Error: [ERROR] waiting for cluster role template binding (c-n2jk7:pi-dev-usiad-l1-2023-1106-163946-igada-clusterowner) to be removed: timeout while waiting for state to become 'removed' (last state: 'active', timeout: 10m0s)
│
│
╵
╷
│ Error: [ERROR] waiting for cluster role template binding (c-2qpxb:pi-dev-uswst-l1-2023-1106-163946-igada-clusterowner) to be removed: timeout while waiting for state to become 'removed' (last state: 'active', timeout: 10m0s)
│
│
╵