diff --git a/aws/resource_aws_acm_certificate_validation.go b/aws/resource_aws_acm_certificate_validation.go
index 4dadcaef81c..a185d4c5586 100644
--- a/aws/resource_aws_acm_certificate_validation.go
+++ b/aws/resource_aws_acm_certificate_validation.go
@@ -78,7 +78,10 @@ func resourceAwsAcmCertificateValidationCreate(d *schema.ResourceData, meta inte
 		}
 
 		log.Printf("[INFO] ACM Certificate validation for %s done, certificate was issued", certificate_arn)
-		return resource.NonRetryableError(resourceAwsAcmCertificateValidationRead(d, meta))
+		if err := resourceAwsAcmCertificateValidationRead(d, meta); err != nil {
+			return resource.NonRetryableError(err)
+		}
+		return nil
 	})
 	if isResourceTimeoutError(err) {
 		resp, err = acmconn.DescribeCertificate(params)
diff --git a/aws/resource_aws_cloudwatch_event_permission.go b/aws/resource_aws_cloudwatch_event_permission.go
index a2bd90192ed..2eb2fc35d46 100644
--- a/aws/resource_aws_cloudwatch_event_permission.go
+++ b/aws/resource_aws_cloudwatch_event_permission.go
@@ -111,7 +111,10 @@ func resourceAwsCloudWatchEventPermissionRead(d *schema.ResourceData, meta inter
 		}
 
 		policyStatement, err = getPolicyStatement(output, d.Id())
-		return resource.RetryableError(err)
+		if err != nil {
+			return resource.RetryableError(err)
+		}
+		return nil
 	})
 
 	if isResourceTimeoutError(err) {
diff --git a/aws/resource_aws_codepipeline.go b/aws/resource_aws_codepipeline.go
index a00ea8aaddc..501eb5709e4 100644
--- a/aws/resource_aws_codepipeline.go
+++ b/aws/resource_aws_codepipeline.go
@@ -198,8 +198,7 @@ func resourceAwsCodePipelineCreate(d *schema.ResourceData, meta interface{}) err
 		if err != nil {
 			return resource.RetryableError(err)
 		}
-
-		return resource.NonRetryableError(err)
+		return nil
 	})
 	if isResourceTimeoutError(err) {
 		resp, err = conn.CreatePipeline(params)
diff --git a/aws/resource_aws_codestarnotifications_notification_rule.go b/aws/resource_aws_codestarnotifications_notification_rule.go
index f114798d8f7..927a473c0f3 100644
--- a/aws/resource_aws_codestarnotifications_notification_rule.go
+++ b/aws/resource_aws_codestarnotifications_notification_rule.go
@@ -221,7 +221,10 @@ func cleanupCodeStarNotificationsNotificationRuleTargets(conn *codestarnotificat
 		}
 		targets = targets[:i]
 
-		return resource.RetryableError(reterr)
+		if reterr != nil {
+			return resource.RetryableError(reterr)
+		}
+		return nil
 	})
 
 	if isAWSErr(err, codestarnotifications.ErrCodeValidationException, awsCodeStartNotificationsNotificationRuleErrorSubscribed) {
diff --git a/aws/resource_aws_cognito_user_pool.go b/aws/resource_aws_cognito_user_pool.go
index 9d5e77851e2..f512a7cc48e 100644
--- a/aws/resource_aws_cognito_user_pool.go
+++ b/aws/resource_aws_cognito_user_pool.go
@@ -722,8 +722,10 @@ func resourceAwsCognitoUserPoolCreate(d *schema.ResourceData, meta interface{})
 			log.Printf("[DEBUG] Received %s, retrying CreateUserPool", err)
 			return resource.RetryableError(err)
 		}
-
-		return resource.NonRetryableError(err)
+		if err != nil {
+			return resource.NonRetryableError(err)
+		}
+		return nil
 	})
 	if isResourceTimeoutError(err) {
 		resp, err = conn.CreateUserPool(params)
@@ -1145,8 +1147,10 @@ func resourceAwsCognitoUserPoolUpdate(d *schema.ResourceData, meta interface{})
 				params.AdminCreateUserConfig.UnusedAccountValidityDays = nil
 				return resource.RetryableError(err)
 			}
-
-			return resource.NonRetryableError(err)
+			if err != nil {
+				return resource.NonRetryableError(err)
+			}
+			return nil
 		})
 		if isResourceTimeoutError(err) {
 			_, err = conn.UpdateUserPool(params)
diff --git a/aws/resource_aws_ecr_repository_policy.go b/aws/resource_aws_ecr_repository_policy.go
index f0756774acd..0eebe94e1a4 100644
--- a/aws/resource_aws_ecr_repository_policy.go
+++ b/aws/resource_aws_ecr_repository_policy.go
@@ -59,9 +59,11 @@ func resourceAwsEcrRepositoryPolicyCreate(d *schema.ResourceData, meta interface
 
 		if isAWSErr(err, "InvalidParameterException", "Invalid repository policy provided") {
 			return resource.RetryableError(err)
-
 		}
-		return resource.NonRetryableError(err)
+		if err != nil {
+			return resource.NonRetryableError(err)
+		}
+		return nil
 	})
 	if isResourceTimeoutError(err) {
 		out, err = conn.SetRepositoryPolicy(&input)
@@ -135,9 +137,11 @@ func resourceAwsEcrRepositoryPolicyUpdate(d *schema.ResourceData, meta interface
 
 		if isAWSErr(err, "InvalidParameterException", "Invalid repository policy provided") {
 			return resource.RetryableError(err)
-
 		}
-		return resource.NonRetryableError(err)
+		if err != nil {
+			return resource.NonRetryableError(err)
+		}
+		return nil
 	})
 	if isResourceTimeoutError(err) {
 		out, err = conn.SetRepositoryPolicy(&input)
diff --git a/aws/resource_aws_iam_role.go b/aws/resource_aws_iam_role.go
index 1fe4d34ec99..0ffefadb418 100644
--- a/aws/resource_aws_iam_role.go
+++ b/aws/resource_aws_iam_role.go
@@ -158,7 +158,10 @@ func resourceAwsIamRoleCreate(d *schema.ResourceData, meta interface{}) error {
 		if isAWSErr(err, "MalformedPolicyDocument", "Invalid principal in policy") {
 			return resource.RetryableError(err)
 		}
-		return resource.NonRetryableError(err)
+		if err != nil {
+			return resource.NonRetryableError(err)
+		}
+		return nil
 	})
 	if isResourceTimeoutError(err) {
 		createResp, err = iamconn.CreateRole(request)
diff --git a/aws/resource_aws_instance.go b/aws/resource_aws_instance.go
index abb2739a4f1..0bd327600e9 100644
--- a/aws/resource_aws_instance.go
+++ b/aws/resource_aws_instance.go
@@ -660,7 +660,10 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error {
 			log.Print("[DEBUG] IAM Instance Profile appears to have no IAM roles, retrying...")
 			return resource.RetryableError(err)
 		}
-		return resource.NonRetryableError(err)
+		if err != nil {
+			return resource.NonRetryableError(err)
+		}
+		return nil
 	})
 	if isResourceTimeoutError(err) {
 		runResp, err = conn.RunInstances(runOpts)
diff --git a/aws/resource_aws_internet_gateway.go b/aws/resource_aws_internet_gateway.go
index 9e1ce368548..0ea4971aeff 100644
--- a/aws/resource_aws_internet_gateway.go
+++ b/aws/resource_aws_internet_gateway.go
@@ -64,7 +64,7 @@ func resourceAwsInternetGatewayCreate(d *schema.ResourceData, meta interface{})
 			return nil
 		}
 		if err == nil {
-			return resource.RetryableError(err)
+			return resource.RetryableError(&resource.NotFoundError{})
 		} else {
 			return resource.NonRetryableError(err)
 		}
diff --git a/aws/resource_aws_kms_grant.go b/aws/resource_aws_kms_grant.go
index b1cda29b6d4..6937178dae4 100644
--- a/aws/resource_aws_kms_grant.go
+++ b/aws/resource_aws_kms_grant.go
@@ -356,7 +356,10 @@ func waitForKmsGrantToBeRevoked(conn *kms.KMS, keyId string, grantId string) err
 				fmt.Errorf("Grant still exists while expected to be revoked, retyring revocation check: %s", *grant.GrantId))
 		}
 
-		return resource.NonRetryableError(err)
+		if err != nil {
+			return resource.NonRetryableError(err)
+		}
+		return nil
 	})
 	if isResourceTimeoutError(err) {
 		grant, err = findKmsGrantById(conn, keyId, grantId, nil)
diff --git a/aws/resource_aws_kms_key.go b/aws/resource_aws_kms_key.go
index 38d89ba8f05..9e354df20e4 100644
--- a/aws/resource_aws_kms_key.go
+++ b/aws/resource_aws_kms_key.go
@@ -124,7 +124,10 @@ func resourceAwsKmsKeyCreate(d *schema.ResourceData, meta interface{}) error {
 		if isAWSErr(err, kms.ErrCodeMalformedPolicyDocumentException, "") {
 			return resource.RetryableError(err)
 		}
-		return resource.NonRetryableError(err)
+		if err != nil {
+			return resource.NonRetryableError(err)
+		}
+		return nil
 	})
 	if isResourceTimeoutError(err) {
 		resp, err = conn.CreateKey(req)
diff --git a/aws/resource_aws_redshift_cluster.go b/aws/resource_aws_redshift_cluster.go
index d1284ea31d6..64eeabe1f52 100644
--- a/aws/resource_aws_redshift_cluster.go
+++ b/aws/resource_aws_redshift_cluster.go
@@ -931,7 +931,10 @@ func deleteAwsRedshiftCluster(opts *redshift.DeleteClusterInput, conn *redshift.
 			return resource.RetryableError(err)
 		}
 
-		return resource.NonRetryableError(err)
+		if err != nil {
+			return resource.NonRetryableError(err)
+		}
+		return nil
 	})
 	if isResourceTimeoutError(err) {
 		_, err = conn.DeleteCluster(opts)
diff --git a/aws/resource_aws_spot_instance_request.go b/aws/resource_aws_spot_instance_request.go
index 69ca0396d11..94feefd1776 100644
--- a/aws/resource_aws_spot_instance_request.go
+++ b/aws/resource_aws_spot_instance_request.go
@@ -191,7 +191,10 @@ func resourceAwsSpotInstanceRequestCreate(d *schema.ResourceData, meta interface
 			log.Printf("[DEBUG] IAM Instance Profile appears to have no IAM roles, retrying...")
 			return resource.RetryableError(err)
 		}
-		return resource.NonRetryableError(err)
+		if err != nil {
+			return resource.NonRetryableError(err)
+		}
+		return nil
 	})
 
 	if isResourceTimeoutError(err) {
diff --git a/aws/resource_aws_ssm_activation.go b/aws/resource_aws_ssm_activation.go
index f67bfc30e86..36c6d49a70b 100644
--- a/aws/resource_aws_ssm_activation.go
+++ b/aws/resource_aws_ssm_activation.go
@@ -111,7 +111,7 @@ func resourceAwsSsmActivationCreate(d *schema.ResourceData, meta interface{}) er
 			return resource.RetryableError(err)
 		}
 
-		return resource.NonRetryableError(err)
+		return nil
 	})
 
 	if isResourceTimeoutError(err) {