Skip to content

Commit

Permalink
Merge pull request #34717 from hashicorp/b-aws_eks_pod_identity_assoc…
Browse files Browse the repository at this point in the history 
…iation-iam.eventual-consistency

r/aws_eks_pod_identity_association: Fix IAM eventual consistency errors on Update and Create
  • Loading branch information
@ewbankkit
ewbankkit authored Dec 4, 2023
2 parents a089440 + 99e8cd0 commit 78bcba5
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 2 deletions.
3 changes: 3 additions & 0 deletions .changelog/34717.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_eks_pod_identity_association: Retry IAM eventual consistency errors on create and update
```
9 changes: 7 additions & 2 deletions internal/service/eks/pod_identity_association.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,7 +128,9 @@ func (r *podIdentityAssociationResource) Create(ctx context.Context, req resourc
input.ClientRequestToken = aws.String(sdkid.UniqueId())
input.Tags = getTagsIn(ctx)

output, err := conn.CreatePodIdentityAssociation(ctx, input)
outputRaw, err := tfresource.RetryWhenIsAErrorMessageContains[*awstypes.InvalidParameterException](ctx, propagationTimeout, func() (interface{}, error) {
return conn.CreatePodIdentityAssociation(ctx, input)
}, "Role provided in the request does not exist")

if err != nil {
resp.Diagnostics.AddError(
Expand All @@ -139,6 +141,7 @@ func (r *podIdentityAssociationResource) Create(ctx context.Context, req resourc
}

// Set values for unknowns.
output := outputRaw.(*eks.CreatePodIdentityAssociationOutput)
plan.AssociationARN = fwflex.StringToFramework(ctx, output.Association.AssociationArn)
plan.AssociationID = fwflex.StringToFramework(ctx, output.Association.AssociationId)
plan.setID()
Expand Down Expand Up @@ -207,7 +210,9 @@ func (r *podIdentityAssociationResource) Update(ctx context.Context, req resourc

input.ClientRequestToken = aws.String(sdkid.UniqueId())

_, err := conn.UpdatePodIdentityAssociation(ctx, input)
_, err := tfresource.RetryWhenIsAErrorMessageContains[*awstypes.InvalidParameterException](ctx, propagationTimeout, func() (interface{}, error) {
return conn.UpdatePodIdentityAssociation(ctx, input)
}, "Role provided in the request does not exist")

if err != nil {
resp.Diagnostics.AddError(
Expand Down

0 comments on commit 78bcba5

Please sign in to comment.