### Terraform Version ``` Terraform v0.12.19 + provider.google v3.5.0 + provider.google-beta v3.5.0 + provider.null v2.1.2 + provider.random v2.2.1 ``` ### Terraform Configuration Files ```hcl none ``` ### Debug Output No ### Crash Output No crash ### Description Given a GCP project with nuff authz to provision networks, perform these steps to trigger the problem. 1. First create a cloud-nat using the tried and true built-ins by using: ```hcl resource "google_compute_network" "vpc" { name = "${var.env}-vpc" routing_mode = "GLOBAL" auto_create_subnetworks = false } resource "google_compute_subnetwork" "compute_subnet" { name = "${var.region}-${var.env}-compute" region = var.region ip_cidr_range = var.cidr_compute network = google_compute_network.vpc.self_link private_ip_google_access = true enable_flow_logs = true } resource "google_compute_router" "vpc_router" { name = "vpc-router" region = var.region network = google_compute_network.vpc.self_link } // PREVIOUS NAT: resource "google_compute_router_nat" "vpc_nat" { name = "vpc-nat" router = google_compute_router.vpc_router.name region = var.region nat_ip_allocate_option = "AUTO_ONLY" source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES" log_config { enable = true filter = "ERRORS_ONLY" } } ``` 2. `yes | terraform apply`; creates VPC and NAT 3. Add another NAT through a different provider and do a `terraform init` afterwards ```hcl // THIS IS WHAT MATTERS: module "cloud-nat" { source = "terraform-google-modules/cloud-nat/google" name = "cloud-nat" router = google_compute_router.vpc_router.name project_id = var.project_id region = var.region } ``` This crashes since we got two NATs sucking up traffic from the inside and expelling it to the public internets (aka: `ALL_SUBNETWORKS_ALL_IP_RANGES`) 4. Now we're in a bad state (terraform wise), and you as as the ops person you are discovered as the fraud you are, creating two NATs like you have no idea what you're doing. 5. Quickly try to hide your mistake, by removing the latter, GKE-github module, so that you only have the original "vpc-nat" declared. 6. `terraform apply` 7. Crash with: > Error: leftover module module.cloud-nat in state that should have been removed; this is a bug in Terraform and should be reported ### Expected Behavior Not crash. ### Actual Behavior You asked me to report this bug. ### Steps to Reproduce See above ### Additional Context It's run from Windows (oh my!) ### References Not that I've searched for.