diff --git a/.changelog/38332.txt b/.changelog/38332.txt new file mode 100644 index 000000000000..182f58142f72 --- /dev/null +++ b/.changelog/38332.txt @@ -0,0 +1,3 @@ +```release-note:bug +resource/aws_lb_trust_store: Wait until trust store is `ACTIVE` on resource Create +``` \ No newline at end of file diff --git a/internal/service/elbv2/trust_store.go b/internal/service/elbv2/trust_store.go index 58e18e999468..fa038a0ca9df 100644 --- a/internal/service/elbv2/trust_store.go +++ b/internal/service/elbv2/trust_store.go @@ -19,6 +19,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/hashicorp/terraform-provider-aws/internal/conns" "github.com/hashicorp/terraform-provider-aws/internal/create" + "github.com/hashicorp/terraform-provider-aws/internal/enum" "github.com/hashicorp/terraform-provider-aws/internal/errs" "github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag" tftags "github.com/hashicorp/terraform-provider-aws/internal/tags" @@ -149,6 +150,10 @@ func resourceTrustStoreCreate(ctx context.Context, d *schema.ResourceData, meta return sdkdiag.AppendErrorf(diags, "waiting for ELBv2 Trust Store (%s) create: %s", d.Id(), err) } + if _, err := waitTrustStoreActive(ctx, conn, d.Id(), d.Timeout(schema.TimeoutCreate)); err != nil { + return sdkdiag.AppendErrorf(diags, "waiting for ELBv2 Trust Store (%s) create: %s", d.Id(), err) + } + // For partitions not supporting tag-on-create, attempt tag after create. if tags := getTagsIn(ctx); input.Tags == nil && len(tags) > 0 { err := createTags(ctx, conn, d.Id(), tags) @@ -294,6 +299,41 @@ func findTrustStores(ctx context.Context, conn *elasticloadbalancingv2.Client, i return output, nil } +func statusTrustStore(ctx context.Context, conn *elasticloadbalancingv2.Client, arn string) retry.StateRefreshFunc { + return func() (interface{}, string, error) { + output, err := findTrustStoreByARN(ctx, conn, arn) + + if tfresource.NotFound(err) { + return nil, "", nil + } + + if err != nil { + return nil, "", err + } + + return output, string(output.Status), nil + } +} + +func waitTrustStoreActive(ctx context.Context, conn *elasticloadbalancingv2.Client, arn string, timeout time.Duration) (*awstypes.TrustStore, error) { + stateConf := &retry.StateChangeConf{ + Pending: enum.Slice(awstypes.TrustStoreStatusCreating), + Target: enum.Slice(awstypes.TrustStoreStatusActive), + Refresh: statusTrustStore(ctx, conn, arn), + Timeout: timeout, + MinTimeout: 10 * time.Second, + Delay: 30 * time.Second, + } + + outputRaw, err := stateConf.WaitForStateContext(ctx) + + if output, ok := outputRaw.(*awstypes.TrustStore); ok { + return output, err + } + + return nil, err +} + func findTrustStoreAssociations(ctx context.Context, conn *elasticloadbalancingv2.Client, input *elasticloadbalancingv2.DescribeTrustStoreAssociationsInput) ([]awstypes.TrustStoreAssociation, error) { var output []awstypes.TrustStoreAssociation