[Bug]: apigateway/CreateAuthorizer - ConflictException: Unable to complete operation due to concurrent modification

[otavioribeiromedeiros]

Terraform Core Version

1.2.7

AWS Provider Version

4.32.0

Affected Resource(s)

aws_api_gateway_authorizer

Expected Behavior

AWS API Gateway authorizer is created successfully.

Actual Behavior

Validate Response apigateway/CreateAuthorizer failed, attempt 6/25, error ConflictException: Unable to complete operation due to concurrent modification. Please try again later.

Relevant Error/Panic Output Snippet

No response

Terraform Configuration Files

resource "aws_api_gateway_authorizer" "authorizer" {
  name                   = "iterable-api-gtw-authorizer-${var.env}"
  rest_api_id            = var.api_gateway.id
  authorizer_uri         = aws_lambda_function.custom_authorizer.invoke_arn
  authorizer_credentials = aws_iam_role.authorizer_role.arn
  type = "TOKEN"
}

Steps to Reproduce

Define the resource:

resource "aws_api_gateway_authorizer" "authorizer" {
  name                   = "iterable-api-gtw-authorizer-${var.env}"
  rest_api_id            = var.api_gateway.id
  authorizer_uri         = aws_lambda_function.custom_authorizer.invoke_arn
  authorizer_credentials = aws_iam_role.authorizer_role.arn
  type = "TOKEN"
}

Execute any of the following commands: terraform apply -parallelism=1 or terraform apply -parallelism=1

Debug Output

2022-09-29T18:10:14.165-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: [DEBUG] [aws-sdk-go] DEBUG: Response apigateway/CreateAuthorizer Details:
2022-09-29T18:10:14.165-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: ---[ RESPONSE ]--------------------------------------
2022-09-29T18:10:14.165-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: HTTP/2.0 409 Conflict
2022-09-29T18:10:14.165-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: Content-Length: 99
2022-09-29T18:10:14.165-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: Content-Type: application/json
2022-09-29T18:10:14.165-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: Date: Thu, 29 Sep 2022 21:10:14 GMT
2022-09-29T18:10:14.165-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: X-Amz-Apigw-Id: ZPZ0hKAHvHcEdDw=
2022-09-29T18:10:14.165-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: X-Amzn-Errortype: ConflictException
2022-09-29T18:10:14.165-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: X-Amzn-Requestid: 888409a0-be98-41fd-9a14-abe1a837ef02
2022-09-29T18:10:14.165-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5:
2022-09-29T18:10:14.165-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5:
2022-09-29T18:10:14.165-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: -----------------------------------------------------
2022-09-29T18:10:14.165-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: [DEBUG] [aws-sdk-go] {"message":"Unable to complete operation due to concurrent modification. Please try again later."}
2022-09-29T18:10:14.165-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: [DEBUG] [aws-sdk-go] DEBUG: Validate Response apigateway/CreateAuthorizer failed, attempt 3/25, error ConflictException: Unable to complete operation due to concurrent modification. Please try again later.

Simultaneous try...

2022-09-29T18:10:14.659-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: [DEBUG] [aws-sdk-go] DEBUG: Response apigateway/CreateAuthorizer Details:
2022-09-29T18:10:14.659-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: ---[ RESPONSE ]--------------------------------------
2022-09-29T18:10:14.659-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: HTTP/2.0 409 Conflict
2022-09-29T18:10:14.659-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: Content-Length: 99
2022-09-29T18:10:14.659-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: Content-Type: application/json
2022-09-29T18:10:14.659-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: Date: Thu, 29 Sep 2022 21:10:14 GMT
2022-09-29T18:10:14.659-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: X-Amz-Apigw-Id: ZPZ0mKVOvHcEbcA=
2022-09-29T18:10:14.659-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: X-Amzn-Errortype: ConflictException
2022-09-29T18:10:14.659-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: X-Amzn-Requestid: fa132cd3-61c3-4ec4-853c-ba5ea9c37fe3
2022-09-29T18:10:14.659-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5:
2022-09-29T18:10:14.659-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5:
2022-09-29T18:10:14.659-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: -----------------------------------------------------
2022-09-29T18:10:14.659-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: [DEBUG] [aws-sdk-go] {"message":"Unable to complete operation due to concurrent modification. Please try again later."}
2022-09-29T18:10:14.659-0300 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: [DEBUG] [aws-sdk-go] DEBUG: Validate Response apigateway/CreateAuthorizer failed, attempt 4/25, error ConflictException: Unable to complete operation due to concurrent modification. Please try again later.

Panic Output

No response

Important Factoids

Apply with -parallelism=1 doesn't work either.

References

No response

Would you like to implement a fix?

No response

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[justinretzolk]

Hey @otavioribeiromedeiros 👋 Thank you for taking the time to raise this! Are you able to supply full debug logs (redacted as needed) as well? If so, that'll make it a bit easier to track down what's happening here.

[zjalicf-old]

I am also having exact issues

[Warfront1]

I got the same base level error message when creating an Authorizer. My issue was I was trying to use an incorrect rest_api_id. There is nothing in the error logs that assisted me. I just happened to get lucky and spot the issue upon checking my aws_api_gateway_authorizer resource for the 50th time.

Long story short, if you are having this issue double check your aws_api_gateway_authorizer resource in your terraform code. Make sure each variable is correct because the error handling for this resource may not be that helpful.

[pcnoic]

I usually hate recommending such workarounds but sequentially depending on the previous resource with a depends_on will solve the race condition and the apply will go through.