Help! A resource was deleted in the Cloud but it's still in Turbot!

In very rare circumstances, a resource can be deleted but the delete event will not propagate to Turbot. If this happens, controls can go into an error state because the underlying resource no longer exists.

 

Luckily, depending on the resource type, this can be trivial to fix. The resource type MUST have a resource name that can be defined. For example, a missing S3 bucket can be created as the ARN for any bucket simply includes the bucket name, which is unique.

 

1. Start by verifying that the resource does not exist and that controls still do. This can be done via the Turbot UI, navigating to the controls tab, then searching for the resource.

2. Select a control and attempt to run a check. A 404 resource not found response is expected.

3. Log into the target account with sufficient rights. Recreate the resource.

4. Turbot will detect existence of the resource shortly. To verify, the same control that was ran in step 2 can now be ran again. The 404 resource not found error will not display.

5. Delete the cloud resource.

6. Turbot will pick up the delete event shortly after the actual delete and will remove relevant controls as well as the resource from CMDB. If the issue persists after these steps, please reach out to help@turbot.com

Was this article helpful?
0 out of 0 found this helpful