"errors":["Could not update AWS Integration due to conflicting updates"]}

[thoeng-nuuday]

Datadog Terraform Provider Version

v3.18.0, v3.26.0 and v3.28.0

Terraform Version

1.0.11

What resources or data sources are affected?

datadog_integration_aws

In one state I have 5 datadog_integration_aws, and its been working for a long time, but between Jul 18 and last week
and the following error started showing up, and its random whether its one or more errors pr apply and the it also differs between different datadog_integration_aws resouce eg Acc1 or acc2 etc "errors":["Could not update AWS Integration due to conflicting updates"]}

Terraform Configuration Files

resource "datadog_integration_aws" "account" {
  count      = var.enabled ? 1 : 0
  account_id = data.aws_caller_identity.current.account_id
  role_name  = "DatadogAWSIntegrationRole"
  #  filter_tags = ["key:value"]
  host_tags = ["aws_account_name:${data.aws_iam_account_alias.current.account_alias}", "env:production", "aws_account_id:${data.aws_caller_identity.current.account_id}"]
  account_specific_namespace_rules = merge({
    api_gateway            = false
    application_elb        = false
    apprunner              = false
    appstream              = false
    appsync                = false
    athena                 = false
    auto_scaling           = false
    backup                 = false
    billing                = false
    budgeting              = false
    certificatemanager     = false
    cloudfront             = false
    cloudhsm               = false
    cloudsearch            = false
    cloudwatch_events      = true
    cloudwatch_logs        = false
    codebuild              = false
    cognito                = false
    collect_custom_metrics = false
    connect                = false
    crawl_alarms           = false
    directconnect          = false
    dms                    = false
    documentdb             = false
    dynamodb               = false
    dynamodbaccelerator    = false
    ebs                    = false
    ec2                    = false
    ec2api                 = false
    ec2spot                = false
    ecs                    = false
    efs                    = false
    elasticache            = false
    elasticbeanstalk       = false
    elasticinference       = false
    elastictranscoder      = false
    elb                    = false
    emr                    = false
    es                     = false
    firehose               = false
    fsx                    = false
    gamelift               = false
    glue                   = false
    inspector              = false
    iot                    = false
    keyspaces              = false
    kinesis                = false
    kinesis_analytics      = false
    kms                    = false
    lambda                 = false
    lex                    = false
    mediaconnect           = false
    mediaconvert           = false
    medialive              = false
    mediapackage           = false
    mediastore             = false
    mediatailor            = false
    ml                     = false
    mq                     = false
    msk                    = false
    mwaa                   = false
    nat_gateway            = false
    neptune                = false
    network_elb            = false
    networkfirewall        = false
    opsworks               = false
    polly                  = false
    rds                    = false
    rdsproxy               = false
    redshift               = false
    rekognition            = false
    route53                = false
    route53resolver        = false
    s3                     = false
    s3storagelens          = false
    sagemaker              = false
    service_quotas         = false
    ses                    = false
    shield                 = false
    sns                    = false
    sqs                    = false
    step_functions         = false
    storage_gateway        = false
    swf                    = false
    textract               = false
    transitgateway         = false
    translate              = false
    trusted_advisor        = false
    usage                  = false
    vpn                    = false
    waf                    = false
    wafv2                  = false
    workspaces             = false
    xray                   = false
  }, {})
  excluded_regions = setsubtract(data.aws_regions.current.names, [])
}

Relevant debug or panic output

Error: error updating AWS integration from https://api.datadoghq.eu/api/v1/integration/aws?account_id=XXXXXXXXX&role_name=DatadogAWSIntegrationRole: 409 Conflict: {"errors":["Could not update AWS Integration due to conflicting updates"]}

with module.XXXXX_prd_account.module.datadog.datadog_integration_aws.account[0], on modules/datadog/datadog.tf line 9, in resource "datadog_integration_aws" "account": 9: resource "datadog_integration_aws" "account" {

Error: error updating AWS integration from https://api.datadoghq.eu/api/v1/integration/aws?account_id=YYYYYYYYY&role_name=DatadogAWSIntegrationRole: 409 Conflict: {"errors":["Could not update AWS Integration due to conflicting updates"]}

with module.YYYYYYYYYY_prd_account.module.datadog.datadog_integration_aws.account[0], on modules/datadog/datadog.tf line 9, in resource "datadog_integration_aws" "account": 9: resource "datadog_integration_aws" "account" {

Expected Behavior

the apply should not fail with a "errors":["Could not update AWS Integration due to conflicting updates"]}

Actual Behavior

apply failed

Steps to Reproduce

No response

Important Factoids

No response

References

No response

[therve]

Given the timeline, it may due to the new AWS region? See #2044. Can you try to remove it manually? Thanks.

[thoeng-nuuday]

No change when remove the new region, will try to upgrade provider to newest

` - "us-east-2",

• "us-west-1",
• "us-west-2",
• "eu-west-1",
• "ap-southeast-1",
• "ap-southeast-2",
• "af-south-1",
• "ap-east-1", "ap-northeast-1",

  (1 unchanged element hidden)

      "ap-northeast-3",

• "sa-east-1", "ap-south-1",
• "ca-central-1",
• "eu-west-2",
• "eu-west-3",
• "eu-north-1",
• "af-south-1",
• "ap-east-1", "ap-south-2",
• "ap-southeast-1",
• "ap-southeast-2", "ap-southeast-3", "ap-southeast-4",
• "ca-central-1", "eu-central-2",
• "eu-north-1", "eu-south-1", "eu-south-2",
• "eu-west-1",
• "eu-west-2",
• "eu-west-3", "me-central-1", "me-south-1",
• "sa-east-1",
• "us-east-2",
• "us-west-1",
• "us-west-2",`

[thoeng-nuuday]

When removing the new region from excluded regions, and upgrading provider from 3.18 to 3.28, the apply went through.,

Thx for you assistance @therve