From e56cd54019bdf9dfc6e4e08a91ab0a375c223b3a Mon Sep 17 00:00:00 2001 From: Mildred Ki'Lya Date: Mon, 26 Mar 2018 08:42:38 +0100 Subject: [PATCH] Allow configurable timeout when reading security group rule When being throttled on AWS requests, read requests are the first ones to be throttled, and reading security group rules can take longer than 5m to complete. Transform the hard timeout of 5m with a configurable timeout to avoid this problem. Fixes part of #3128 --- aws/resource_aws_security_group_rule.go | 6 +++++- website/docs/r/security_group_rule.html.markdown | 7 +++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_security_group_rule.go b/aws/resource_aws_security_group_rule.go index 2a285bd289b2..36dd27a22ae4 100644 --- a/aws/resource_aws_security_group_rule.go +++ b/aws/resource_aws_security_group_rule.go @@ -40,6 +40,10 @@ func resourceAwsSecurityGroupRule() *schema.Resource { SchemaVersion: 2, MigrateState: resourceAwsSecurityGroupRuleMigrateState, + Timeouts: &schema.ResourceTimeout{ + Read: schema.DefaultTimeout(5 * time.Minute), + }, + Schema: map[string]*schema.Schema{ "type": { Type: schema.TypeString, @@ -208,7 +212,7 @@ information and instructions for recovery. Error message: %s`, sg_id, awsErr.Mes id := ipPermissionIDHash(sg_id, ruleType, perm) log.Printf("[DEBUG] Computed group rule ID %s", id) - retErr := resource.Retry(5*time.Minute, func() *resource.RetryError { + retErr := resource.Retry(d.Timeout(schema.TimeoutRead), func() *resource.RetryError { sg, err := findResourceSecurityGroup(conn, sg_id) if err != nil { diff --git a/website/docs/r/security_group_rule.html.markdown b/website/docs/r/security_group_rule.html.markdown index d636a69d93b6..f88eec5ea7cb 100644 --- a/website/docs/r/security_group_rule.html.markdown +++ b/website/docs/r/security_group_rule.html.markdown @@ -131,3 +131,10 @@ Import a rule that has itself and an IPv6 CIDR block as sources: ```console $ example: sg-656c65616e6f72_ingress_tcp_80_80_self_2001:db8::/48 ``` + +## Timeouts + +`aws_security_group_rule` provides the following [Timeouts](/docs/configuration/resources.html#timeouts) +configuration options: + +- `read` - (Default `5 minutes`) How long to wait for reading a rsecurity group rule.