From f17c81ebe264ea314afbffb25ba1e9770f82134f Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Fri, 26 Mar 2021 11:29:11 -0400 Subject: [PATCH] provider: Migrate to iamwaiter.PropagationTimeout constant and begin enabling go-mnd linter (#17811) Reference: https://github.com/hashicorp/terraform-provider-aws/issues/13199 Reference: https://github.com/hashicorp/terraform-provider-aws/issues/16752 Reference: https://github.com/hashicorp/terraform-provider-aws/issues/16753 IAM eventual consistency handling has long been the source of needing retries in resource logic. Due to the lack of a consistent implementation (e.g. static constant) for how long to retry for these types of errors, there have been varying retry durations. The `iamwaiter.PropagationTimeout` constant was introduced for this purpose. This change begins by introducing the `go-mnd` linter to enforce the usage of constants in function arguments. Example reports below. The rest of the changes are the minimum required to ensure `iamwaiter.PropagationTimeout` with its 2 minute duration is applied. You will note that this is fixing the duration in some cases to slightly increase it to the standard value. Any higher durations are ignored to reduce changes for now. As such, this can be reviewed by validating that a lower duration was not introduced and skipping acceptance testing since no logic changes should be introduced. One caveat to `go-mnd` is that it currently ignores `1` as a magic number, which is possible in usage such as `1*time.Minute`, and that ignored number cannot be overriden. An upstream issue will be created to ask the `ignore-number` configuration to overwrite instead of append. Example previous report: ``` aws/resource_aws_api_gateway_account.go:99:23: mnd: Magic number: 2, in detected (gomnd) err = resource.Retry(2*time.Minute, func() *resource.RetryError { ^ ``` --- .golangci.yml | 127 ++++++++++++++++++ aws/resource_aws_api_gateway_account.go | 4 +- aws/resource_aws_appautoscaling_policy.go | 7 +- aws/resource_aws_appautoscaling_target.go | 3 +- aws/resource_aws_autoscaling_group.go | 3 +- aws/resource_aws_backup_selection.go | 4 +- aws/resource_aws_cloud9_environment_ec2.go | 3 +- aws/resource_aws_cloudtrail.go | 6 +- aws/resource_aws_codebuild_project.go | 3 +- aws/resource_aws_cognito_user_pool.go | 9 +- aws/resource_aws_config_config_rule.go | 3 +- aws/resource_aws_config_delivery_channel.go | 3 +- aws/resource_aws_datasync_location_s3.go | 4 +- aws/resource_aws_dax_cluster.go | 3 +- aws/resource_aws_db_instance.go | 5 +- aws/resource_aws_db_option_group.go | 3 +- aws/resource_aws_docdb_cluster.go | 5 +- aws/resource_aws_docdb_cluster_instance.go | 5 +- aws/resource_aws_ecr_repository_policy.go | 6 +- aws/resource_aws_eks_cluster.go | 3 +- aws/resource_aws_elasticsearch_domain.go | 3 +- aws/resource_aws_emr_cluster.go | 3 +- aws/resource_aws_iam_instance_profile.go | 3 +- aws/resource_aws_iam_policy.go | 6 +- aws/resource_aws_iam_role.go | 2 +- aws/resource_aws_iam_user.go | 4 +- aws/resource_aws_iam_user_login_profile.go | 4 +- aws/resource_aws_instance.go | 7 +- ...ce_aws_lakeformation_data_lake_settings.go | 4 +- aws/resource_aws_lakeformation_permissions.go | 5 +- aws/resource_aws_launch_configuration.go | 3 +- aws/resource_aws_neptune_cluster.go | 3 +- aws/resource_aws_neptune_cluster_instance.go | 5 +- aws/resource_aws_opsworks_permission.go | 4 +- aws/resource_aws_rds_cluster.go | 5 +- aws/resource_aws_rds_cluster_instance.go | 5 +- aws/resource_aws_sns_platform_application.go | 4 +- aws/resource_aws_spot_instance_request.go | 3 +- 38 files changed, 217 insertions(+), 65 deletions(-) diff --git a/.golangci.yml b/.golangci.yml index 8a6b2d0e9fd7..49c3405dbe26 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -18,6 +18,7 @@ linters: - deadcode - errcheck - gofmt + - gomnd - gosimple - ineffassign - makezero @@ -34,6 +35,132 @@ linters: linters-settings: errcheck: ignore: github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema:ForceNew|Set,fmt:.*,io:Close + gomnd: + settings: + mnd: + checks: + - argument + ignored-files: + # Needing constants, comment ignores, switching to customizable timeouts, or retries moved to aws/config.go + - awserr.go + - data_source_aws_cognito_user_pools.go + - data_source_aws_lakeformation_permissions.go + - resource_aws_api_gateway_base_path_mapping.go + - resource_aws_appautoscaling_policy.go + - resource_aws_appautoscaling_scheduled_action.go + - resource_aws_appautoscaling_target.go + - resource_aws_autoscaling_lifecycle_hook.go + - resource_aws_backup_plan.go + - resource_aws_cloud9_environment_ec2.go + - resource_aws_cloudfront_distribution.go + - resource_aws_cloudhsm2_cluster.go + - resource_aws_cloudhsm2_hsm.go + - resource_aws_cloudwatch_event_target.go + - resource_aws_cloudwatch_log_destination.go + - resource_aws_cloudwatch_log_stream.go + - resource_aws_cloudwatch_log_subscription_filter.go + - resource_aws_codebuild_project.go + - resource_aws_codedeploy_deployment_group.go + - resource_aws_codepipeline_webhook.go + - resource_aws_config_config_rule.go + - resource_aws_config_delivery_channel.go + - resource_aws_customer_gateway.ogresource_aws_elasticsearch_domain + - resource_aws_datapipeline_pipeline.go + - resource_aws_db_instance.go + - resource_aws_db_parameter_group.go + - resource_aws_dms_endpoint.go + - resource_aws_docdb_cluster.go + - resource_aws_docdb_cluster_parameter_group.go + - resource_aws_docdb_subnet_group.go + - resource_aws_dynamodb_table.go + - resource_aws_ebs_snapshot_copy.go + - resource_aws_ebs_volume.go + - resource_aws_ec2_transit_gateway.go + - resource_aws_ecs_cluster.go + - resource_aws_ecs_service.go + - resource_aws_efs_file_system.go + - resource_aws_efs_mount_target.go + - resource_aws_elastic_beanstalk_application.go + - resource_aws_elasticache_cluster.go + - resource_aws_elasticache_parameter_group.go + - resource_aws_elasticache_replication_group.go + - resource_aws_elasticache_security_group.go + - resource_aws_elasticache_subnet_group.go + - resource_aws_elasticsearch_domain.go + - resource_aws_elasticsearch_domain_policy.go + - resource_aws_elb.go + - resource_aws_elb_attachment.go + - resource_aws_gamelift_build.go + - resource_aws_gamelift_fleet.go + - resource_aws_glue_dev_endpoint.go + - resource_aws_iam_access_key.go + - resource_aws_iam_server_certificate.go + - resource_aws_inspector_assessment_target.go + - resource_aws_instance.go + - resource_aws_internet_gateway.go + - resource_aws_iot_thing_type.go + - resource_aws_kms_external_key.go + - resource_aws_kms_grant.go + - resource_aws_kms_key.go + - resource_aws_lakeformation_data_lake_settings.go + - resource_aws_lakeformation_permissions.go + - resource_aws_lambda_event_source_mapping.go + - resource_aws_lambda_function_event_invoke_config.go + - resource_aws_lambda_permission.go + - resource_aws_lb_listener.go + - resource_aws_lb_listener_rule.go + - resource_aws_lb_target_group_attachment.go + - resource_aws_media_package_channel.go + - resource_aws_media_store_container.go + - resource_aws_msk_cluster.go + - resource_aws_neptune_cluster.go + - resource_aws_neptune_parameter_group.go + - resource_aws_network_acl.go + - resource_aws_network_acl_rule.go + - resource_aws_opsworks_stack.go + - resource_aws_organizations_account.go + - resource_aws_organizations_organizational_unit.go + - resource_aws_organizations_policy.go + - resource_aws_organizations_policy_attachment.go + - resource_aws_qldb_ledger.go + - resource_aws_ram_resource_share_accepter.go + - resource_aws_rds_cluster.go + - resource_aws_rds_cluster_parameter_group.go + - resource_aws_redshift_cluster.go + - resource_aws_redshift_snapshot_copy_grant.go + - resource_aws_redshift_snapshot_schedule.go + - resource_aws_redshift_snapshot_schedule_association.go + - resource_aws_route_table.go + - resource_aws_route_table_association.go + - resource_aws_s3_bucket.go + - resource_aws_sagemaker_model.go + - resource_aws_sagemaker_notebook_instance.go + - resource_aws_security_group_rule.go + - resource_aws_sfn_state_machine.go + - resource_aws_sqs_queue.go + - resource_aws_storagegateway_cached_iscsi_volume.go + - resource_aws_storagegateway_stored_iscsi_volume.go + - resource_aws_transfer_server.go + - resource_aws_vpc.go + - resource_aws_vpc_dhcp_options.go + - resource_aws_vpc_peering_connection_options.go + - resource_aws_vpn_gateway.go + - resource_aws_wafregional_web_acl_association.go + - resource_aws_wafv2_ip_set.go + - resource_aws_wafv2_regex_pattern_set.go + - resource_aws_wafv2_rule_group.go + - resource_aws_wafv2_web_acl.go + - tls.go + - waf_token_handlers.go + - wafregional_token_handlers.go + ignored-functions: + # AWS Go SDK + - aws.Int64 + - request.ConstantWaiterDelay + - request.WithWaiterMaxAttempts + # Terraform Plugin SDK + - schema.DefaultTimeout + - validation.* run: timeout: 10m diff --git a/aws/resource_aws_api_gateway_account.go b/aws/resource_aws_api_gateway_account.go index d37b831bf938..ffa32fb3a460 100644 --- a/aws/resource_aws_api_gateway_account.go +++ b/aws/resource_aws_api_gateway_account.go @@ -3,12 +3,12 @@ package aws import ( "fmt" "log" - "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/apigateway" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsApiGatewayAccount() *schema.Resource { @@ -96,7 +96,7 @@ func resourceAwsApiGatewayAccountUpdate(d *schema.ResourceData, meta interface{} otherErrMsg := "API Gateway could not successfully write to CloudWatch Logs using the ARN specified" var out *apigateway.Account var err error - err = resource.Retry(2*time.Minute, func() *resource.RetryError { + err = resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { out, err = conn.UpdateAccount(&input) if err != nil { diff --git a/aws/resource_aws_appautoscaling_policy.go b/aws/resource_aws_appautoscaling_policy.go index 351ef2239e36..4142fcd6e578 100644 --- a/aws/resource_aws_appautoscaling_policy.go +++ b/aws/resource_aws_appautoscaling_policy.go @@ -12,6 +12,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsAppautoscalingPolicy() *schema.Resource { @@ -209,7 +210,7 @@ func resourceAwsAppautoscalingPolicyCreate(d *schema.ResourceData, meta interfac log.Printf("[DEBUG] ApplicationAutoScaling PutScalingPolicy: %#v", params) var resp *applicationautoscaling.PutScalingPolicyOutput - err = resource.Retry(2*time.Minute, func() *resource.RetryError { + err = resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error resp, err = conn.PutScalingPolicy(¶ms) if err != nil { @@ -301,7 +302,7 @@ func resourceAwsAppautoscalingPolicyUpdate(d *schema.ResourceData, meta interfac } log.Printf("[DEBUG] Application Autoscaling Update Scaling Policy: %#v", params) - err := resource.Retry(2*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := conn.PutScalingPolicy(¶ms) if err != nil { if isAWSErr(err, applicationautoscaling.ErrCodeFailedResourceAccessException, "") { @@ -341,7 +342,7 @@ func resourceAwsAppautoscalingPolicyDelete(d *schema.ResourceData, meta interfac ServiceNamespace: aws.String(d.Get("service_namespace").(string)), } log.Printf("[DEBUG] Deleting Application AutoScaling Policy opts: %#v", params) - err = resource.Retry(2*time.Minute, func() *resource.RetryError { + err = resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err = conn.DeleteScalingPolicy(¶ms) if isAWSErr(err, applicationautoscaling.ErrCodeFailedResourceAccessException, "") { diff --git a/aws/resource_aws_appautoscaling_target.go b/aws/resource_aws_appautoscaling_target.go index edda7e57d1a7..b82bbfca54ea 100644 --- a/aws/resource_aws_appautoscaling_target.go +++ b/aws/resource_aws_appautoscaling_target.go @@ -10,6 +10,7 @@ import ( "github.com/aws/aws-sdk-go/service/applicationautoscaling" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsAppautoscalingTarget() *schema.Resource { @@ -72,7 +73,7 @@ func resourceAwsAppautoscalingTargetPut(d *schema.ResourceData, meta interface{} log.Printf("[DEBUG] Application autoscaling target create configuration %s", targetOpts) var err error - err = resource.Retry(1*time.Minute, func() *resource.RetryError { + err = resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err = conn.RegisterScalableTarget(&targetOpts) if err != nil { diff --git a/aws/resource_aws_autoscaling_group.go b/aws/resource_aws_autoscaling_group.go index 7e8f76d5a9dd..2bc6b442d98d 100644 --- a/aws/resource_aws_autoscaling_group.go +++ b/aws/resource_aws_autoscaling_group.go @@ -26,6 +26,7 @@ import ( "github.com/terraform-providers/terraform-provider-aws/aws/internal/hashcode" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/autoscaling/waiter" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) const ( @@ -735,7 +736,7 @@ func resourceAwsAutoscalingGroupCreate(d *schema.ResourceData, meta interface{}) log.Printf("[DEBUG] Auto Scaling Group create configuration: %#v", createOpts) // Retry for IAM eventual consistency - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := conn.CreateAutoScalingGroup(&createOpts) // ValidationError: You must use a valid fully-formed launch template. Value (tf-acc-test-6643732652421074386) for parameter iamInstanceProfile.name is invalid. Invalid IAM Instance Profile name diff --git a/aws/resource_aws_backup_selection.go b/aws/resource_aws_backup_selection.go index 483ddf0d8bd6..3aa4358e6451 100644 --- a/aws/resource_aws_backup_selection.go +++ b/aws/resource_aws_backup_selection.go @@ -5,13 +5,13 @@ import ( "log" "regexp" "strings" - "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/backup" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsBackupSelection() *schema.Resource { @@ -98,7 +98,7 @@ func resourceAwsBackupSelectionCreate(d *schema.ResourceData, meta interface{}) // Retry for IAM eventual consistency var output *backup.CreateBackupSelectionOutput - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error output, err = conn.CreateBackupSelection(input) diff --git a/aws/resource_aws_cloud9_environment_ec2.go b/aws/resource_aws_cloud9_environment_ec2.go index 7913cd014037..f6c0be29615c 100644 --- a/aws/resource_aws_cloud9_environment_ec2.go +++ b/aws/resource_aws_cloud9_environment_ec2.go @@ -10,6 +10,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsCloud9EnvironmentEc2() *schema.Resource { @@ -91,7 +92,7 @@ func resourceAwsCloud9EnvironmentEc2Create(d *schema.ResourceData, meta interfac } var out *cloud9.CreateEnvironmentEC2Output - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error out, err = conn.CreateEnvironmentEC2(params) if err != nil { diff --git a/aws/resource_aws_cloudtrail.go b/aws/resource_aws_cloudtrail.go index 7f06c7786ab1..c7ead9cd092a 100644 --- a/aws/resource_aws_cloudtrail.go +++ b/aws/resource_aws_cloudtrail.go @@ -3,7 +3,6 @@ package aws import ( "fmt" "log" - "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/cloudtrail" @@ -11,6 +10,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsCloudTrail() *schema.Resource { @@ -192,7 +192,7 @@ func resourceAwsCloudTrailCreate(d *schema.ResourceData, meta interface{}) error } var t *cloudtrail.CreateTrailOutput - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error t, err = conn.CreateTrail(&input) if err != nil { @@ -377,7 +377,7 @@ func resourceAwsCloudTrailUpdate(d *schema.ResourceData, meta interface{}) error log.Printf("[DEBUG] Updating CloudTrail: %s", input) var t *cloudtrail.UpdateTrailOutput - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error t, err = conn.UpdateTrail(&input) if err != nil { diff --git a/aws/resource_aws_codebuild_project.go b/aws/resource_aws_codebuild_project.go index e082891d3a98..ea7bdb8d66c0 100644 --- a/aws/resource_aws_codebuild_project.go +++ b/aws/resource_aws_codebuild_project.go @@ -16,6 +16,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/hashcode" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsCodeBuildProject() *schema.Resource { @@ -1232,7 +1233,7 @@ func resourceAwsCodeBuildProjectUpdate(d *schema.ResourceData, meta interface{}) params.Tags = keyvaluetags.New(d.Get("tags").(map[string]interface{})).IgnoreAws().CodebuildTags() // Handle IAM eventual consistency - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error _, err = conn.UpdateProject(params) diff --git a/aws/resource_aws_cognito_user_pool.go b/aws/resource_aws_cognito_user_pool.go index d4c62a7f92ff..87a63e637f5d 100644 --- a/aws/resource_aws_cognito_user_pool.go +++ b/aws/resource_aws_cognito_user_pool.go @@ -12,6 +12,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsCognitoUserPool() *schema.Resource { @@ -692,7 +693,7 @@ func resourceAwsCognitoUserPoolCreate(d *schema.ResourceData, meta interface{}) // IAM roles & policies can take some time to propagate and be attached // to the User Pool var resp *cognitoidentityprovider.CreateUserPoolOutput - err := resource.Retry(2*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error resp, err = conn.CreateUserPool(params) if isAWSErr(err, cognitoidentityprovider.ErrCodeInvalidSmsRoleTrustRelationshipException, "Role does not have a trust relationship allowing Cognito to assume the role") { @@ -735,7 +736,7 @@ func resourceAwsCognitoUserPoolCreate(d *schema.ResourceData, meta interface{}) } // IAM Roles and Policies can take some time to propagate - err := resource.Retry(2*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := conn.SetUserPoolMfaConfig(input) if isAWSErr(err, cognitoidentityprovider.ErrCodeInvalidSmsRoleTrustRelationshipException, "Role does not have a trust relationship allowing Cognito to assume the role") { @@ -923,7 +924,7 @@ func resourceAwsCognitoUserPoolUpdate(d *schema.ResourceData, meta interface{}) } // IAM Roles and Policies can take some time to propagate - err := resource.Retry(2*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := conn.SetUserPoolMfaConfig(input) if isAWSErr(err, cognitoidentityprovider.ErrCodeInvalidSmsRoleTrustRelationshipException, "Role does not have a trust relationship allowing Cognito to assume the role") { @@ -1124,7 +1125,7 @@ func resourceAwsCognitoUserPoolUpdate(d *schema.ResourceData, meta interface{}) // IAM roles & policies can take some time to propagate and be attached // to the User Pool. - err := resource.Retry(2*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error _, err = conn.UpdateUserPool(params) if isAWSErr(err, cognitoidentityprovider.ErrCodeInvalidSmsRoleTrustRelationshipException, "Role does not have a trust relationship allowing Cognito to assume the role") { diff --git a/aws/resource_aws_config_config_rule.go b/aws/resource_aws_config_config_rule.go index bb0e37e1df7c..603dcc3ce340 100644 --- a/aws/resource_aws_config_config_rule.go +++ b/aws/resource_aws_config_config_rule.go @@ -14,6 +14,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/hashcode" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsConfigConfigRule() *schema.Resource { @@ -166,7 +167,7 @@ func resourceAwsConfigConfigRulePut(d *schema.ResourceData, meta interface{}) er Tags: keyvaluetags.New(d.Get("tags").(map[string]interface{})).IgnoreAws().ConfigserviceTags(), } log.Printf("[DEBUG] Creating AWSConfig config rule: %s", input) - err := resource.Retry(2*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := conn.PutConfigRule(&input) if err != nil { if awsErr, ok := err.(awserr.Error); ok { diff --git a/aws/resource_aws_config_delivery_channel.go b/aws/resource_aws_config_delivery_channel.go index 3aa759362a95..de55d601472a 100644 --- a/aws/resource_aws_config_delivery_channel.go +++ b/aws/resource_aws_config_delivery_channel.go @@ -11,6 +11,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsConfigDeliveryChannel() *schema.Resource { @@ -92,7 +93,7 @@ func resourceAwsConfigDeliveryChannelPut(d *schema.ResourceData, meta interface{ input := configservice.PutDeliveryChannelInput{DeliveryChannel: &channel} - err := resource.Retry(2*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := conn.PutDeliveryChannel(&input) if err == nil { return nil diff --git a/aws/resource_aws_datasync_location_s3.go b/aws/resource_aws_datasync_location_s3.go index 68a348abf6ce..472fdc34d8e6 100644 --- a/aws/resource_aws_datasync_location_s3.go +++ b/aws/resource_aws_datasync_location_s3.go @@ -4,7 +4,6 @@ import ( "fmt" "log" "strings" - "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/datasync" @@ -12,6 +11,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsDataSyncLocationS3() *schema.Resource { @@ -88,7 +88,7 @@ func resourceAwsDataSyncLocationS3Create(d *schema.ResourceData, meta interface{ log.Printf("[DEBUG] Creating DataSync Location S3: %s", input) var output *datasync.CreateLocationS3Output - err := resource.Retry(2*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error output, err = conn.CreateLocationS3(input) diff --git a/aws/resource_aws_dax_cluster.go b/aws/resource_aws_dax_cluster.go index dc9cded4b39e..7382a03c3b21 100644 --- a/aws/resource_aws_dax_cluster.go +++ b/aws/resource_aws_dax_cluster.go @@ -14,6 +14,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsDaxCluster() *schema.Resource { @@ -224,7 +225,7 @@ func resourceAwsDaxClusterCreate(d *schema.ResourceData, meta interface{}) error // IAM roles take some time to propagate var resp *dax.CreateClusterOutput - err := resource.Retry(30*time.Second, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error resp, err = conn.CreateCluster(req) if err != nil { diff --git a/aws/resource_aws_db_instance.go b/aws/resource_aws_db_instance.go index 47cb831d8c0b..58a62640689e 100644 --- a/aws/resource_aws_db_instance.go +++ b/aws/resource_aws_db_instance.go @@ -15,6 +15,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsDbInstance() *schema.Resource { @@ -832,7 +833,7 @@ func resourceAwsDbInstanceCreate(d *schema.ResourceData, meta interface{}) error log.Printf("[DEBUG] DB Instance S3 Restore configuration: %#v", opts) var err error // Retry for IAM eventual consistency - err = resource.Retry(2*time.Minute, func() *resource.RetryError { + err = resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err = conn.RestoreDBInstanceFromS3(&opts) if err != nil { if isAWSErr(err, "InvalidParameterValue", "ENHANCED_MONITORING") { @@ -1758,7 +1759,7 @@ func resourceAwsDbInstanceUpdate(d *schema.ResourceData, meta interface{}) error if requestUpdate { log.Printf("[DEBUG] DB Instance Modification request: %s", req) - err := resource.Retry(2*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := conn.ModifyDBInstance(req) // Retry for IAM eventual consistency diff --git a/aws/resource_aws_db_option_group.go b/aws/resource_aws_db_option_group.go index 8be2e0e2cc9e..067cbd8a54c2 100644 --- a/aws/resource_aws_db_option_group.go +++ b/aws/resource_aws_db_option_group.go @@ -13,6 +13,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/terraform-providers/terraform-provider-aws/aws/internal/hashcode" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsDbOptionGroup() *schema.Resource { @@ -268,7 +269,7 @@ func resourceAwsDbOptionGroupUpdate(d *schema.ResourceData, meta interface{}) er log.Printf("[DEBUG] Modify DB Option Group: %s", modifyOpts) - err := resource.Retry(2*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error _, err = rdsconn.ModifyOptionGroup(modifyOpts) diff --git a/aws/resource_aws_docdb_cluster.go b/aws/resource_aws_docdb_cluster.go index 9170efd0acf2..0fc7936aa541 100644 --- a/aws/resource_aws_docdb_cluster.go +++ b/aws/resource_aws_docdb_cluster.go @@ -13,6 +13,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsDocDBCluster() *schema.Resource { @@ -336,7 +337,7 @@ func resourceAwsDocDBClusterCreate(d *schema.ResourceData, meta interface{}) err } log.Printf("[DEBUG] DocDB Cluster restore from snapshot configuration: %s", opts) - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := conn.RestoreDBClusterFromSnapshot(&opts) if err != nil { if isAWSErr(err, "InvalidParameterValue", "IAM role ARN value is invalid or does not include the required permissions") { @@ -420,7 +421,7 @@ func resourceAwsDocDBClusterCreate(d *schema.ResourceData, meta interface{}) err log.Printf("[DEBUG] DocDB Cluster create options: %s", createOpts) var resp *docdb.CreateDBClusterOutput - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error resp, err = conn.CreateDBCluster(createOpts) if err != nil { diff --git a/aws/resource_aws_docdb_cluster_instance.go b/aws/resource_aws_docdb_cluster_instance.go index ba2fff4205de..0aeb939cab32 100644 --- a/aws/resource_aws_docdb_cluster_instance.go +++ b/aws/resource_aws_docdb_cluster_instance.go @@ -12,6 +12,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsDocDBClusterInstance() *schema.Resource { @@ -208,7 +209,7 @@ func resourceAwsDocDBClusterInstanceCreate(d *schema.ResourceData, meta interfac log.Printf("[DEBUG] Creating DocDB Instance opts: %s", createOpts) var resp *docdb.CreateDBInstanceOutput - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error resp, err = conn.CreateDBInstance(createOpts) if err != nil { @@ -366,7 +367,7 @@ func resourceAwsDocDBClusterInstanceUpdate(d *schema.ResourceData, meta interfac log.Printf("[DEBUG] Send DB Instance Modification request: %#v", requestUpdate) if requestUpdate { log.Printf("[DEBUG] DB Instance Modification request: %#v", req) - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := conn.ModifyDBInstance(req) if err != nil { if isAWSErr(err, "InvalidParameterValue", "IAM role ARN value is invalid or does not include the required permissions") { diff --git a/aws/resource_aws_ecr_repository_policy.go b/aws/resource_aws_ecr_repository_policy.go index 53d0c2e98597..f5d9e92eef8e 100644 --- a/aws/resource_aws_ecr_repository_policy.go +++ b/aws/resource_aws_ecr_repository_policy.go @@ -3,13 +3,13 @@ package aws import ( "fmt" "log" - "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/ecr" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsEcrRepositoryPolicy() *schema.Resource { @@ -55,7 +55,7 @@ func resourceAwsEcrRepositoryPolicyPut(d *schema.ResourceData, meta interface{}) // Retry due to IAM eventual consistency var err error var out *ecr.SetRepositoryPolicyOutput - err = resource.Retry(2*time.Minute, func() *resource.RetryError { + err = resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { out, err = conn.SetRepositoryPolicy(&input) if isAWSErr(err, ecr.ErrCodeInvalidParameterException, "Invalid repository policy provided") { @@ -97,7 +97,7 @@ func resourceAwsEcrRepositoryPolicyRead(d *schema.ResourceData, meta interface{} return err } - log.Printf("[DEBUG] Received repository policy %#v", out) + log.Printf("[DEBUG] Received repository policy %s", out) d.Set("repository", out.RepositoryName) d.Set("registry_id", out.RegistryId) diff --git a/aws/resource_aws_eks_cluster.go b/aws/resource_aws_eks_cluster.go index 845a95646f08..6bacbd44ded4 100644 --- a/aws/resource_aws_eks_cluster.go +++ b/aws/resource_aws_eks_cluster.go @@ -13,6 +13,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsEksCluster() *schema.Resource { @@ -250,7 +251,7 @@ func resourceAwsEksClusterCreate(d *schema.ResourceData, meta interface{}) error } log.Printf("[DEBUG] Creating EKS Cluster: %s", input) - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := conn.CreateCluster(input) if err != nil { // InvalidParameterException: roleArn, arn:aws:iam::123456789012:role/XXX, does not exist diff --git a/aws/resource_aws_elasticsearch_domain.go b/aws/resource_aws_elasticsearch_domain.go index 83c38f2bde50..2918414b37dc 100644 --- a/aws/resource_aws_elasticsearch_domain.go +++ b/aws/resource_aws_elasticsearch_domain.go @@ -17,6 +17,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/structure" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsElasticSearchDomain() *schema.Resource { @@ -551,7 +552,7 @@ func resourceAwsElasticSearchDomainCreate(d *schema.ResourceData, meta interface // IAM Roles can take some time to propagate if set in AccessPolicies and created in the same terraform var out *elasticsearch.CreateElasticsearchDomainOutput - err = resource.Retry(30*time.Second, func() *resource.RetryError { + err = resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error out, err = conn.CreateElasticsearchDomain(&input) if err != nil { diff --git a/aws/resource_aws_emr_cluster.go b/aws/resource_aws_emr_cluster.go index 0d171a2d31c0..0b028fa250c9 100644 --- a/aws/resource_aws_emr_cluster.go +++ b/aws/resource_aws_emr_cluster.go @@ -20,6 +20,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/hashcode" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsEMRCluster() *schema.Resource { @@ -901,7 +902,7 @@ func resourceAwsEMRClusterCreate(d *schema.ResourceData, meta interface{}) error log.Printf("[DEBUG] EMR Cluster create options: %s", params) var resp *emr.RunJobFlowOutput - err := resource.Retry(30*time.Second, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error resp, err = conn.RunJobFlow(params) if err != nil { diff --git a/aws/resource_aws_iam_instance_profile.go b/aws/resource_aws_iam_instance_profile.go index 4a0f5217a0c8..0dc6969d9532 100644 --- a/aws/resource_aws_iam_instance_profile.go +++ b/aws/resource_aws_iam_instance_profile.go @@ -12,6 +12,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsIamInstanceProfile() *schema.Resource { @@ -120,7 +121,7 @@ func instanceProfileAddRole(conn *iam.IAM, profileName, roleName string) error { RoleName: aws.String(roleName), } - err := resource.Retry(30*time.Second, func() *resource.RetryError { + err := resource.Retry(waiter.PropagationTimeout, func() *resource.RetryError { var err error _, err = conn.AddRoleToInstanceProfile(request) // IAM unfortunately does not provide a better error code or message for eventual consistency diff --git a/aws/resource_aws_iam_policy.go b/aws/resource_aws_iam_policy.go index 0a44f36cabcd..6feee9a8cbe1 100644 --- a/aws/resource_aws_iam_policy.go +++ b/aws/resource_aws_iam_policy.go @@ -5,13 +5,13 @@ import ( "log" "net/url" "regexp" - "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/iam" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsIamPolicy() *schema.Resource { @@ -110,7 +110,7 @@ func resourceAwsIamPolicyRead(d *schema.ResourceData, meta interface{}) error { // Handle IAM eventual consistency var getPolicyResponse *iam.GetPolicyOutput - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(waiter.PropagationTimeout, func() *resource.RetryError { var err error getPolicyResponse, err = iamconn.GetPolicy(getPolicyRequest) @@ -158,7 +158,7 @@ func resourceAwsIamPolicyRead(d *schema.ResourceData, meta interface{}) error { // Handle IAM eventual consistency var getPolicyVersionResponse *iam.GetPolicyVersionOutput - err = resource.Retry(1*time.Minute, func() *resource.RetryError { + err = resource.Retry(waiter.PropagationTimeout, func() *resource.RetryError { var err error getPolicyVersionResponse, err = iamconn.GetPolicyVersion(getPolicyVersionRequest) diff --git a/aws/resource_aws_iam_role.go b/aws/resource_aws_iam_role.go index b2451459085a..7283032dd8ed 100644 --- a/aws/resource_aws_iam_role.go +++ b/aws/resource_aws_iam_role.go @@ -187,7 +187,7 @@ func resourceAwsIamRoleCreate(d *schema.ResourceData, meta interface{}) error { } var createResp *iam.CreateRoleOutput - err := resource.Retry(30*time.Second, func() *resource.RetryError { + err := resource.Retry(waiter.PropagationTimeout, func() *resource.RetryError { var err error createResp, err = iamconn.CreateRole(request) // IAM users (referenced in Principal field of assume policy) diff --git a/aws/resource_aws_iam_user.go b/aws/resource_aws_iam_user.go index d5b3fa4d5b90..e0797d0685ce 100644 --- a/aws/resource_aws_iam_user.go +++ b/aws/resource_aws_iam_user.go @@ -4,7 +4,6 @@ import ( "fmt" "log" "regexp" - "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/iam" @@ -12,6 +11,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsIamUser() *schema.Resource { @@ -381,7 +381,7 @@ func deleteAwsIamUserLoginProfile(svc *iam.IAM, username string) error { input := &iam.DeleteLoginProfileInput{ UserName: aws.String(username), } - err = resource.Retry(1*time.Minute, func() *resource.RetryError { + err = resource.Retry(waiter.PropagationTimeout, func() *resource.RetryError { _, err = svc.DeleteLoginProfile(input) if err != nil { if isAWSErr(err, iam.ErrCodeNoSuchEntityException, "") { diff --git a/aws/resource_aws_iam_user_login_profile.go b/aws/resource_aws_iam_user_login_profile.go index 45373c739854..da557e85d360 100644 --- a/aws/resource_aws_iam_user_login_profile.go +++ b/aws/resource_aws_iam_user_login_profile.go @@ -8,7 +8,6 @@ import ( "log" "math/big" "strings" - "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/iam" @@ -16,6 +15,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/encryption" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/ec2/waiter" ) func resourceAwsIamUserLoginProfile() *schema.Resource { @@ -199,7 +199,7 @@ func resourceAwsIamUserLoginProfileDelete(d *schema.ResourceData, meta interface log.Printf("[DEBUG] Deleting IAM User Login Profile (%s): %s", d.Id(), input) // Handle IAM eventual consistency - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(waiter.PropagationTimeout, func() *resource.RetryError { _, err := conn.DeleteLoginProfile(input) if isAWSErr(err, iam.ErrCodeNoSuchEntityException, "") { diff --git a/aws/resource_aws_instance.go b/aws/resource_aws_instance.go index 9e4678df182d..712e905e27d8 100644 --- a/aws/resource_aws_instance.go +++ b/aws/resource_aws_instance.go @@ -24,6 +24,7 @@ import ( tfec2 "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/ec2" "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/ec2/waiter" tfiam "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" "github.com/terraform-providers/terraform-provider-aws/aws/internal/tfresource" ) @@ -628,7 +629,7 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error { log.Printf("[DEBUG] Run configuration: %s", runOpts) var runResp *ec2.Reservation - err = resource.Retry(30*time.Second, func() *resource.RetryError { + err = resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error runResp, err = conn.RunInstances(runOpts) // IAM instance profiles can take ~10 seconds to propagate in AWS: @@ -1092,7 +1093,7 @@ func resourceAwsInstanceUpdate(d *schema.ResourceData, meta interface{}) error { return err } } else { - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := conn.ReplaceIamInstanceProfileAssociation(input) if err != nil { if isAWSErr(err, "InvalidParameterValue", "Invalid IAM Instance Profile") { @@ -1716,7 +1717,7 @@ func associateInstanceProfile(d *schema.ResourceData, conn *ec2.EC2) error { Name: aws.String(d.Get("iam_instance_profile").(string)), }, } - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := conn.AssociateIamInstanceProfile(input) if err != nil { if isAWSErr(err, "InvalidParameterValue", "Invalid IAM Instance Profile") { diff --git a/aws/resource_aws_lakeformation_data_lake_settings.go b/aws/resource_aws_lakeformation_data_lake_settings.go index 9ba788718477..6ea8926796ed 100644 --- a/aws/resource_aws_lakeformation_data_lake_settings.go +++ b/aws/resource_aws_lakeformation_data_lake_settings.go @@ -3,7 +3,6 @@ package aws import ( "fmt" "log" - "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/lakeformation" @@ -12,6 +11,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/hashcode" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsLakeFormationDataLakeSettings() *schema.Resource { @@ -132,7 +132,7 @@ func resourceAwsLakeFormationDataLakeSettingsCreate(d *schema.ResourceData, meta input.DataLakeSettings = settings var output *lakeformation.PutDataLakeSettingsOutput - err := resource.Retry(2*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error output, err = conn.PutDataLakeSettings(input) if err != nil { diff --git a/aws/resource_aws_lakeformation_permissions.go b/aws/resource_aws_lakeformation_permissions.go index d350782e6a3f..1a4ed699153b 100644 --- a/aws/resource_aws_lakeformation_permissions.go +++ b/aws/resource_aws_lakeformation_permissions.go @@ -13,6 +13,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/hashcode" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsLakeFormationPermissions() *schema.Resource { @@ -200,7 +201,7 @@ func resourceAwsLakeFormationPermissionsCreate(d *schema.ResourceData, meta inte input.Resource = expandLakeFormationResource(d, false) var output *lakeformation.GrantPermissionsOutput - err := resource.Retry(2*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error output, err = conn.GrantPermissions(input) if err != nil { @@ -263,7 +264,7 @@ func resourceAwsLakeFormationPermissionsRead(d *schema.ResourceData, meta interf log.Printf("[DEBUG] Reading Lake Formation permissions: %v", input) var principalResourcePermissions []*lakeformation.PrincipalResourcePermissions - err := resource.Retry(2*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { err := conn.ListPermissionsPages(input, func(resp *lakeformation.ListPermissionsOutput, lastPage bool) bool { for _, permission := range resp.PrincipalResourcePermissions { if permission == nil { diff --git a/aws/resource_aws_launch_configuration.go b/aws/resource_aws_launch_configuration.go index d01e25da7ec8..c4d7bc8c5251 100644 --- a/aws/resource_aws_launch_configuration.go +++ b/aws/resource_aws_launch_configuration.go @@ -13,6 +13,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/hashcode" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsLaunchConfiguration() *schema.Resource { @@ -515,7 +516,7 @@ func resourceAwsLaunchConfigurationCreate(d *schema.ResourceData, meta interface // IAM profiles can take ~10 seconds to propagate in AWS: // http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#launch-instance-with-role-console - err = resource.Retry(90*time.Second, func() *resource.RetryError { + err = resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := autoscalingconn.CreateLaunchConfiguration(&createLaunchConfigurationOpts) if err != nil { if isAWSErr(err, "ValidationError", "Invalid IamInstanceProfile") { diff --git a/aws/resource_aws_neptune_cluster.go b/aws/resource_aws_neptune_cluster.go index 3272ff27702b..dae385de1e90 100644 --- a/aws/resource_aws_neptune_cluster.go +++ b/aws/resource_aws_neptune_cluster.go @@ -13,6 +13,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) const ( @@ -372,7 +373,7 @@ func resourceAwsNeptuneClusterCreate(d *schema.ResourceData, meta interface{}) e log.Printf("[DEBUG] Neptune Cluster create options: %s", createDbClusterInput) } - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error if restoreDBClusterFromSnapshot { _, err = conn.RestoreDBClusterFromSnapshot(restoreDBClusterFromSnapshotInput) diff --git a/aws/resource_aws_neptune_cluster_instance.go b/aws/resource_aws_neptune_cluster_instance.go index e1ea9f1ce66a..29364e813096 100644 --- a/aws/resource_aws_neptune_cluster_instance.go +++ b/aws/resource_aws_neptune_cluster_instance.go @@ -11,6 +11,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsNeptuneClusterInstance() *schema.Resource { @@ -237,7 +238,7 @@ func resourceAwsNeptuneClusterInstanceCreate(d *schema.ResourceData, meta interf log.Printf("[DEBUG] Creating Neptune Instance: %s", createOpts) var resp *neptune.CreateDBInstanceOutput - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error resp, err = conn.CreateDBInstance(createOpts) if err != nil { @@ -405,7 +406,7 @@ func resourceAwsNeptuneClusterInstanceUpdate(d *schema.ResourceData, meta interf log.Printf("[DEBUG] Send Neptune Instance Modification request: %#v", requestUpdate) if requestUpdate { log.Printf("[DEBUG] Neptune Instance Modification request: %#v", req) - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := conn.ModifyDBInstance(req) if err != nil { if isAWSErr(err, "InvalidParameterValue", "IAM role ARN value is invalid or does not include the required permissions") { diff --git a/aws/resource_aws_opsworks_permission.go b/aws/resource_aws_opsworks_permission.go index 03b0700717fe..3a9a73ae1f5a 100644 --- a/aws/resource_aws_opsworks_permission.go +++ b/aws/resource_aws_opsworks_permission.go @@ -2,7 +2,6 @@ package aws import ( "log" - "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" @@ -10,6 +9,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsOpsworksPermission() *schema.Resource { @@ -120,7 +120,7 @@ func resourceAwsOpsworksSetPermission(d *schema.ResourceData, meta interface{}) req.Level = aws.String(d.Get("level").(string)) } - err := resource.Retry(2*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := client.SetPermission(req) if err != nil { diff --git a/aws/resource_aws_rds_cluster.go b/aws/resource_aws_rds_cluster.go index 0c31295da326..db0ea10ffb43 100644 --- a/aws/resource_aws_rds_cluster.go +++ b/aws/resource_aws_rds_cluster.go @@ -15,6 +15,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) const ( @@ -569,7 +570,7 @@ func resourceAwsRDSClusterCreate(d *schema.ResourceData, meta interface{}) error } log.Printf("[DEBUG] RDS Cluster restore from snapshot configuration: %s", opts) - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := conn.RestoreDBClusterFromSnapshot(&opts) if err != nil { if isAWSErr(err, "InvalidParameterValue", "IAM role ARN value is invalid or does not include the required permissions") { @@ -899,7 +900,7 @@ func resourceAwsRDSClusterCreate(d *schema.ResourceData, meta interface{}) error log.Printf("[DEBUG] RDS Cluster create options: %s", createOpts) var resp *rds.CreateDBClusterOutput - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error resp, err = conn.CreateDBCluster(createOpts) if err != nil { diff --git a/aws/resource_aws_rds_cluster_instance.go b/aws/resource_aws_rds_cluster_instance.go index da8ba953b0c2..7db2fa2759cd 100644 --- a/aws/resource_aws_rds_cluster_instance.go +++ b/aws/resource_aws_rds_cluster_instance.go @@ -11,6 +11,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsRDSClusterInstance() *schema.Resource { @@ -282,7 +283,7 @@ func resourceAwsRDSClusterInstanceCreate(d *schema.ResourceData, meta interface{ log.Printf("[DEBUG] Creating RDS DB Instance opts: %s", createOpts) var resp *rds.CreateDBInstanceOutput - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { var err error resp, err = conn.CreateDBInstance(createOpts) if err != nil { @@ -548,7 +549,7 @@ func resourceAwsRDSClusterInstanceUpdate(d *schema.ResourceData, meta interface{ log.Printf("[DEBUG] Send DB Instance Modification request: %#v", requestUpdate) if requestUpdate { log.Printf("[DEBUG] DB Instance Modification request: %#v", req) - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := conn.ModifyDBInstance(req) if err != nil { if isAWSErr(err, "InvalidParameterValue", "IAM role ARN value is invalid or does not include the required permissions") { diff --git a/aws/resource_aws_sns_platform_application.go b/aws/resource_aws_sns_platform_application.go index ce5628222ffd..a017c3df893f 100644 --- a/aws/resource_aws_sns_platform_application.go +++ b/aws/resource_aws_sns_platform_application.go @@ -6,13 +6,13 @@ import ( "fmt" "log" "strings" - "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/arn" "github.com/aws/aws-sdk-go/service/sns" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) var snsPlatformRequiresPlatformPrincipal = map[string]bool{ @@ -180,7 +180,7 @@ func resourceAwsSnsPlatformApplicationUpdate(d *schema.ResourceData, meta interf Attributes: attributes, } - err := resource.Retry(1*time.Minute, func() *resource.RetryError { + err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { _, err := snsconn.SetPlatformApplicationAttributes(req) if err != nil { if isAWSErr(err, sns.ErrCodeInvalidParameterException, "is not a valid role to allow SNS to write to Cloudwatch Logs") { diff --git a/aws/resource_aws_spot_instance_request.go b/aws/resource_aws_spot_instance_request.go index 9a140e94acb3..dbd94290211d 100644 --- a/aws/resource_aws_spot_instance_request.go +++ b/aws/resource_aws_spot_instance_request.go @@ -13,6 +13,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter" ) func resourceAwsSpotInstanceRequest() *schema.Resource { @@ -188,7 +189,7 @@ func resourceAwsSpotInstanceRequestCreate(d *schema.ResourceData, meta interface log.Printf("[DEBUG] Requesting spot bid opts: %s", spotOpts) var resp *ec2.RequestSpotInstancesOutput - err = resource.Retry(1*time.Minute, func() *resource.RetryError { + err = resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError { resp, err = conn.RequestSpotInstances(spotOpts) // IAM instance profiles can take ~10 seconds to propagate in AWS: // http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#launch-instance-with-role-console