Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
resource/aws_kms_key: Prevent eventual consistency related errors on …
…creation Reference: hashicorp#9953 Reference: hashicorp#11781 Reference: hashicorp#12427 (comment) This refactors the resource logic to prevent `Update` after `Create` type logic errors with duplicate API calls (potential error points for eventual consistency): - Setting `description` on creation previously was done once during the `CreateKey` call and again via a separate `UpdateKeyDescription` call - Setting `policy` on creation previously was done once during the `CreateKey` call and again via a separate `PutKeyPolicy` call - Setting `tags` on creation previously was done once during the `CreateKey` call and again via a separate `TagResource` call This also adds eventual consistency retries for reading tags on resource creation and removes the resource `Exists` function, which can be another source of issues and required for the upcoming Terraform Plugin SDK v2. Previously from operator error reports: ``` Error: error listing tags for KMS Key (***): NotFoundException: Key 'arn:aws:kms:***:key/***' does not exist Error: error updating KMS Key (key-123) tags: error tagging resource (key-123): NotFoundException: Key 'arn:aws:kms:us-east-1:1234567890:key/key-123' does not exist ``` Output from acceptance testing: ``` --- PASS: TestAccAWSKmsKey_disappears (14.50s) --- PASS: TestAccAWSKmsKey_asymmetricKey (40.34s) --- PASS: TestAccAWSKmsKey_basic (43.60s) --- PASS: TestAccAWSKmsKey_policy (58.38s) --- PASS: TestAccAWSKmsKey_tags (59.07s) --- PASS: TestAccAWSKmsKey_isEnabled (324.81s) ```
- Loading branch information