diff --git a/azurerm/internal/services/authorization/role_assignment_resource.go b/azurerm/internal/services/authorization/role_assignment_resource.go index c3ffb6b93ba3..d4e39e113382 100644 --- a/azurerm/internal/services/authorization/role_assignment_resource.go +++ b/azurerm/internal/services/authorization/role_assignment_resource.go @@ -1,6 +1,7 @@ package authorization import ( + "context" "fmt" "log" "strings" @@ -156,7 +157,6 @@ func resourceArmRoleAssignmentCreate(d *schema.ResourceData, meta interface{}) e if err := resource.Retry(300*time.Second, retryRoleAssignmentsClient(d, scope, name, properties, meta)); err != nil { return err } - read, err := roleAssignmentsClient.Get(ctx, scope, name) if err != nil { return err @@ -165,6 +165,23 @@ func resourceArmRoleAssignmentCreate(d *schema.ResourceData, meta interface{}) e return fmt.Errorf("Cannot read Role Assignment ID for %q (Scope %q)", name, scope) } + stateConf := &resource.StateChangeConf{ + Pending: []string{ + "pending", + }, + Target: []string{ + "ready", + }, + Refresh: roleAssignmentCreateStateRefreshFunc(ctx, roleAssignmentsClient, *read.ID), + MinTimeout: 5 * time.Second, + ContinuousTargetOccurence: 5, + Timeout: d.Timeout(schema.TimeoutCreate), + } + + if _, err := stateConf.WaitForState(); err != nil { + return fmt.Errorf("failed waiting for Role Assignment %q to finish replicating: %+v", name, err) + } + d.SetId(*read.ID) return resourceArmRoleAssignmentRead(d, meta) } @@ -282,3 +299,16 @@ func parseRoleAssignmentId(input string) (*roleAssignmentId, error) { } return &id, nil } + +func roleAssignmentCreateStateRefreshFunc(ctx context.Context, client *authorization.RoleAssignmentsClient, roleID string) resource.StateRefreshFunc { + return func() (interface{}, string, error) { + resp, err := client.GetByID(ctx, roleID) + if err != nil { + if utils.ResponseWasNotFound(resp.Response) { + return resp, "pending", nil + } + return resp, "failed", err + } + return resp, "ready", nil + } +}