From 4cfeabf3498bc96282c7d7d3128fc93c1a8b90ad Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 10 Apr 2018 08:44:16 -0400 Subject: [PATCH 1/2] resource/aws_iam_user: Retry on EntityTemporarilyUnmodifiable --- aws/resource_aws_iam_user.go | 23 +++++++++++++++---- ...esource_aws_iam_user_login_profile_test.go | 6 ++++- 2 files changed, 23 insertions(+), 6 deletions(-) diff --git a/aws/resource_aws_iam_user.go b/aws/resource_aws_iam_user.go index 082e9d4dd9d..74bb711f7ca 100644 --- a/aws/resource_aws_iam_user.go +++ b/aws/resource_aws_iam_user.go @@ -4,11 +4,13 @@ import ( "fmt" "log" "regexp" + "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/iam" + "github.com/hashicorp/terraform/helper/resource" "github.com/hashicorp/terraform/helper/schema" ) @@ -218,13 +220,24 @@ func resourceAwsIamUserDelete(d *schema.ResourceData, meta interface{}) error { } } - _, err = iamconn.DeleteLoginProfile(&iam.DeleteLoginProfileInput{ - UserName: aws.String(d.Id()), + err = resource.Retry(1*time.Minute, func() *resource.RetryError { + _, err = iamconn.DeleteLoginProfile(&iam.DeleteLoginProfileInput{ + UserName: aws.String(d.Id()), + }) + if err != nil { + if isAWSErr(err, iam.ErrCodeNoSuchEntityException, "") { + return nil + } + // EntityTemporarilyUnmodifiable: Login Profile for User XXX cannot be modified while login profile is being created. + if isAWSErr(err, iam.ErrCodeEntityTemporarilyUnmodifiableException, "") { + return resource.RetryableError(err) + } + } + return nil }) + if err != nil { - if iamerr, ok := err.(awserr.Error); !ok || iamerr.Code() != "NoSuchEntity" { - return fmt.Errorf("Error deleting Account Login Profile: %s", err) - } + return fmt.Errorf("Error deleting Account Login Profile: %s", err) } } diff --git a/aws/resource_aws_iam_user_login_profile_test.go b/aws/resource_aws_iam_user_login_profile_test.go index 2ba68774841..1518da0ba29 100644 --- a/aws/resource_aws_iam_user_login_profile_test.go +++ b/aws/resource_aws_iam_user_login_profile_test.go @@ -228,7 +228,11 @@ func testDecryptPasswordAndTest(nProfile, nAccessKey, key string) resource.TestC NewPassword: aws.String(generateIAMPassword(20)), }) if err != nil { - if awserr, ok := err.(awserr.Error); ok && awserr.Code() == "InvalidClientTokenId" { + // EntityTemporarilyUnmodifiable: Login Profile for User XXX cannot be modified while login profile is being created. + if isAWSErr(err, iam.ErrCodeEntityTemporarilyUnmodifiableException, "") { + return resource.RetryableError(err) + } + if isAWSErr(err, "InvalidClientTokenId", "") { return resource.RetryableError(err) } From a77e8284654ffa0b7718208aa745a89961acaf3a Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Wed, 11 Apr 2018 12:45:08 -0400 Subject: [PATCH 2/2] resource/aws_iam_user: Add missing return resource.NonRetryableError(err) from DeleteLoginProfile --- aws/resource_aws_iam_user.go | 1 + 1 file changed, 1 insertion(+) diff --git a/aws/resource_aws_iam_user.go b/aws/resource_aws_iam_user.go index 74bb711f7ca..b7930f1d0e1 100644 --- a/aws/resource_aws_iam_user.go +++ b/aws/resource_aws_iam_user.go @@ -232,6 +232,7 @@ func resourceAwsIamUserDelete(d *schema.ResourceData, meta interface{}) error { if isAWSErr(err, iam.ErrCodeEntityTemporarilyUnmodifiableException, "") { return resource.RetryableError(err) } + return resource.NonRetryableError(err) } return nil })