-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
service/secretsmanager: Handle additional scheduled/marked for deletion error messages #8219
service/secretsmanager: Handle additional scheduled/marked for deletion error messages #8219
Conversation
…eletion InvalidRequestException error during immediate recreation Previous output from acceptance testing: ``` --- FAIL: TestAccAwsSecretsManagerSecret_RecoveryWindowInDays_Recreate (6.87s) testing.go:538: Step 1 error: Error applying: 1 error occurred: * aws_secretsmanager_secret.test: 1 error occurred: * aws_secretsmanager_secret.test: error creating Secrets Manager Secret: InvalidRequestException: You can't create this secret because a secret with this name is already scheduled for deletion. ``` Output from acceptance testing: ``` --- PASS: TestAccAwsSecretsManagerSecret_policy (10.63s) --- PASS: TestAccAwsSecretsManagerSecret_Basic (11.18s) --- PASS: TestAccAwsSecretsManagerSecret_withNamePrefix (11.23s) --- PASS: TestAccAwsSecretsManagerSecret_Description (19.12s) --- PASS: TestAccAwsSecretsManagerSecret_Tags (33.62s) --- PASS: TestAccAwsSecretsManagerSecret_RecoveryWindowInDays_Recreate (45.49s) --- PASS: TestAccAwsSecretsManagerSecret_RotationLambdaARN (46.06s) --- PASS: TestAccAwsSecretsManagerSecret_RotationRules (48.05s) --- PASS: TestAccAwsSecretsManagerSecret_KmsKeyID (50.75s) ```
…arked for deletion InvalidRequestException error during CheckDestroy Previous output from acceptance testing: ``` --- FAIL: TestAccAwsSecretsManagerSecretVersion_Base64Binary (7.05s) testing.go:599: Error destroying resource! WARNING: Dangling resources may exist. The full state and error is shown below. Error: Check failed: InvalidRequestException: You can’t perform this operation on the secret because it was marked for deletion. --- FAIL: TestAccAwsSecretsManagerSecretVersion_BasicString (6.82s) testing.go:599: Error destroying resource! WARNING: Dangling resources may exist. The full state and error is shown below. Error: Check failed: InvalidRequestException: You can’t perform this operation on the secret because it was marked for deletion. --- FAIL: TestAccAwsSecretsManagerSecretVersion_VersionStages (16.18s) testing.go:599: Error destroying resource! WARNING: Dangling resources may exist. The full state and error is shown below. Error: Check failed: InvalidRequestException: You can’t perform this operation on the secret because it was marked for deletion. ``` Output from acceptance testing: ``` --- PASS: TestAccAwsSecretsManagerSecretVersion_BasicString (11.80s) --- PASS: TestAccAwsSecretsManagerSecretVersion_Base64Binary (11.81s) --- PASS: TestAccAwsSecretsManagerSecretVersion_VersionStages (25.33s) ```
// InvalidRequestException: You can’t perform this operation on the secret because it was deleted. | ||
if isAWSErr(err, secretsmanager.ErrCodeInvalidRequestException, "You can’t perform this operation on the secret because it was deleted") { | ||
// InvalidRequestException: You can't create this secret because a secret with this name is already scheduled for deletion. | ||
if isAWSErr(err, secretsmanager.ErrCodeInvalidRequestException, "scheduled for deletion") || isAWSErr(err, secretsmanager.ErrCodeInvalidRequestException, "was deleted") { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did you encounter while running acceptance tests or was this documented in the SDK?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Acceptance testing:
--- FAIL: TestAccAwsSecretsManagerSecret_RecoveryWindowInDays_Recreate (6.87s)
testing.go:538: Step 1 error: Error applying: 1 error occurred:
* aws_secretsmanager_secret.test: 1 error occurred:
* aws_secretsmanager_secret.test: error creating Secrets Manager Secret: InvalidRequestException: You can't create this secret because a secret with this name is already scheduled for deletion.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 👍
I left a question more for my curiosity.
This has been released in version 2.6.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
Community Note
It seems the Secrets Manager service now delineates the pending deletion state with different error messages. Presumably the old messages could still be returned depending on timing.
Previous output from acceptance testing:
Output from acceptance testing: