provider/aws: Wait for NACL rule to be visible
Fixes #4721. It seems there may be some eventual consistency in the API for network ACLs. This fix doesn't use resource.WaitForState() as there the NACL is not something that can be looked up by ID and has a property which determines if it is present. Instead we reuse the findNetworkAclRule function which the Read function exhibiting the problem uses, and retry over a 3 minute period, returning an error message informing the user that running `terraform apply` again will likely allow them to continue.
This commit is contained in:
parent
0a2966d26d
commit
7620381a4f
|
@ -5,10 +5,12 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"log"
|
"log"
|
||||||
"strconv"
|
"strconv"
|
||||||
|
"time"
|
||||||
|
|
||||||
"github.com/aws/aws-sdk-go/aws"
|
"github.com/aws/aws-sdk-go/aws"
|
||||||
"github.com/aws/aws-sdk-go/service/ec2"
|
"github.com/aws/aws-sdk-go/service/ec2"
|
||||||
"github.com/hashicorp/terraform/helper/hashcode"
|
"github.com/hashicorp/terraform/helper/hashcode"
|
||||||
|
"github.com/hashicorp/terraform/helper/resource"
|
||||||
"github.com/hashicorp/terraform/helper/schema"
|
"github.com/hashicorp/terraform/helper/schema"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -118,6 +120,22 @@ func resourceAwsNetworkAclRuleCreate(d *schema.ResourceData, meta interface{}) e
|
||||||
return fmt.Errorf("Error Creating Network Acl Rule: %s", err.Error())
|
return fmt.Errorf("Error Creating Network Acl Rule: %s", err.Error())
|
||||||
}
|
}
|
||||||
d.SetId(networkAclIdRuleNumberEgressHash(d.Get("network_acl_id").(string), d.Get("rule_number").(int), d.Get("egress").(bool), d.Get("protocol").(string)))
|
d.SetId(networkAclIdRuleNumberEgressHash(d.Get("network_acl_id").(string), d.Get("rule_number").(int), d.Get("egress").(bool), d.Get("protocol").(string)))
|
||||||
|
|
||||||
|
// It appears it might be a while until the newly created rule is visible via the
|
||||||
|
// API (see issue GH-4721). Retry the `findNetworkAclRule` function until it is
|
||||||
|
// visible (which in most cases is likely immediately).
|
||||||
|
err = resource.Retry(3*time.Minute, func() error {
|
||||||
|
_, findErr := findNetworkAclRule(d, meta)
|
||||||
|
if findErr != nil {
|
||||||
|
return findErr
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
})
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("Created Network ACL Rule was not visible in API within 3 minute period. Running 'terraform apply' again will resume infrastructure creation.")
|
||||||
|
}
|
||||||
|
|
||||||
return resourceAwsNetworkAclRuleRead(d, meta)
|
return resourceAwsNetworkAclRuleRead(d, meta)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue