provider/aws: Fix dependency violation with subnets and security groups

Though not directly connected, trying to delete a subnet and security group in parallel can cause a dependency violation from the subnet, claiming there are dependencies. This commit fixes that by allowing subnet deletion to tolerate failure with a retry / refresh function. Fixes hashicorp#934
bitglue · Mar 19, 2015 · 3d80057 · 3d80057
1 parent 21fa3d1
commit 3d80057
Showing 1 changed file with 29 additions and 8 deletions.
diff --git a/builtin/providers/aws/resource_aws_subnet.go b/builtin/providers/aws/resource_aws_subnet.go
@@ -157,17 +157,38 @@ func resourceAwsSubnetDelete(d *schema.ResourceData, meta interface{}) error {
 	ec2conn := meta.(*AWSClient).ec2conn
 
 	log.Printf("[INFO] Deleting subnet: %s", d.Id())
-
-	err := ec2conn.DeleteSubnet(&ec2.DeleteSubnetRequest{
+	req := &ec2.DeleteSubnetRequest{
 		SubnetID: aws.String(d.Id()),
-	})
+	}
 
-	if err != nil {
-		ec2err, ok := err.(aws.APIError)
-		if ok && ec2err.Code == "InvalidSubnetID.NotFound" {
-			return nil
-		}
+	wait := resource.StateChangeConf{
+		Pending:    []string{"pending"},
+		Target:     "destroyed",
+		Timeout:    5 * time.Minute,
+		MinTimeout: 1 * time.Second,
+		Refresh: func() (interface{}, string, error) {
+			err := ec2conn.DeleteSubnet(req)
+			if err != nil {
+				if apiErr, ok := err.(aws.APIError); ok {
+					if apiErr.Code == "DependencyViolation" {
+						// There is some pending operation, so just retry
+						// in a bit.
+						return 42, "pending", nil
+					}
+
+					if apiErr.Code == "InvalidSubnetID.NotFound" {
+						return 42, "destroyed", nil
+					}
+				}
+
+				return 42, "failure", err
+			}
+
+			return 42, "destroyed", nil
+		},
+	}
 
+	if _, err := wait.WaitForState(); err != nil {
 		return fmt.Errorf("Error deleting subnet: %s", err)
 	}