diff --git a/internal/service/ds/directory.go b/internal/service/ds/directory.go
index 054f315119b..29ab8f94872 100644
--- a/internal/service/ds/directory.go
+++ b/internal/service/ds/directory.go
@@ -3,10 +3,12 @@ package ds
 import (
 	"fmt"
 	"log"
+	"time"
 
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/service/directoryservice"
 	"github.com/hashicorp/aws-sdk-go-base/tfawserr"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
 	"github.com/hashicorp/terraform-provider-aws/internal/conns"
@@ -16,6 +18,10 @@ import (
 	"github.com/hashicorp/terraform-provider-aws/internal/verify"
 )
 
+const (
+	directoryApplicationDeauthorizedPropagationTimeout = 2 * time.Minute
+)
+
 func ResourceDirectory() *schema.Resource {
 	return &schema.Resource{
 		Create: resourceDirectoryCreate,
@@ -517,10 +523,23 @@ func resourceDirectoryDelete(d *schema.ResourceData, meta interface{}) error {
 		DirectoryId: aws.String(d.Id()),
 	}
 
-	_, err := conn.DeleteDirectory(input)
+	err := resource.Retry(directoryApplicationDeauthorizedPropagationTimeout, func() *resource.RetryError {
+		_, err := conn.DeleteDirectory(input)
+
+		if tfawserr.ErrCodeEquals(err, directoryservice.ErrCodeEntityDoesNotExistException) {
+			return nil
+		}
+		if tfawserr.ErrMessageContains(err, directoryservice.ErrCodeClientException, "authorized applications") {
+			return resource.RetryableError(err)
+		}
+		if err != nil {
+			return resource.NonRetryableError(err)
+		}
 
-	if tfawserr.ErrCodeEquals(err, directoryservice.ErrCodeEntityDoesNotExistException) {
 		return nil
+	})
+	if tfresource.TimedOut(err) {
+		_, err = conn.DeleteDirectory(input)
 	}
 
 	if err != nil {