diff --git a/.changelog/21369.txt b/.changelog/21369.txt new file mode 100644 index 00000000000..fcd5280abce --- /dev/null +++ b/.changelog/21369.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +resource/aws_route53_key_signing_key: Deactivate key-signing key with `ACTION_NEEDED` status before deletion +``` \ No newline at end of file diff --git a/internal/service/route53/key_signing_key.go b/internal/service/route53/key_signing_key.go index 9f915a6e6dd..6a4c2b17f71 100644 --- a/internal/service/route53/key_signing_key.go +++ b/internal/service/route53/key_signing_key.go @@ -251,7 +251,7 @@ func resourceKeySigningKeyDelete(d *schema.ResourceData, meta interface{}) error status := d.Get("status").(string) - if status == KeySigningKeyStatusActive { + if status == KeySigningKeyStatusActive || status == KeySigningKeyStatusActionNeeded { input := &route53.DeactivateKeySigningKeyInput{ HostedZoneId: aws.String(d.Get("hosted_zone_id").(string)), Name: aws.String(d.Get("name").(string)),