terraform-provider-aws: AWS API Gateway VPC Link timeout before AVAILABILITY is completed.

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave “+1” or “me too” comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

Terraform v0.12.6
+ provider.aws v2.31.0

Affected Resource(s)

aws_api_gateway_vpc_link

Terraform Configuration Files

resource "aws_api_gateway_vpc_link" "main" {
  name        = "${var.application}"
  description = "Provides access to ${var.application}"
  target_arns = ["${aws_lb.svc_nlb.arn}"]
}

Debug Output

https://gist.github.com/philippevidal80/435a44e73134ae4a3db7a36e3da9cce9

Panic Output

N.A

Expected Behavior

Actual Behavior

The aws_api_gateway_vpc_link resource should wait long enough for AVAILABILITY to complete. In fact, it can last more than 8 minutes - which seems to be a hardcoded value (https://github.com/terraform-providers/terraform-provider-aws/blob/master/aws/resource_aws_api_gateway_vpc_link.go#L66) - for AWS VPC Link to be up and running. In the case where 8 minutes are not enough, Terraform state won’t be aware of this resource although it is creating and surely already created. Then, next plan and apply phases will have following errors:

aws_api_gateway_vpc_link.main: Creating...

Error: Error waiting for APIGateway Vpc Link status to be "AVAILABLE": unexpected state 'FAILED', wanted target 'AVAILABLE'. last error: %!s(<nil>)

Because, the resource is already created (from the first apply phase).

And we can see at this point in AWS Web Console the right AWS VPC Link and the one that failed (because NLB already used by the first one).

Steps to Reproduce

Simply create a aws_api_gateway_vpc_link in the same Terraform project of a NLB load balancer. Sometimes it will take more than 8 minutes - which seems to be a hardcoded value (https://github.com/terraform-providers/terraform-provider-aws/blob/master/aws/resource_aws_api_gateway_vpc_link.go#L66) - and Terraform returns error mentionned in Debug Output.

Important Factoids

N.A

References

#10407

About this issue

Original URL
State: closed
Created 5 years ago
Reactions: 24
Comments: 17 (4 by maintainers)

Most upvoted comments

My guess will be to provide a timeouts block for this resource as below:

resource "aws_api_gateway_vpc_link" "main" {
  name        = "${var.application}"
  description = "Provides access to ${var.application}"
  target_arns = ["${aws_lb.svc_nlb.arn}"]

  timeouts {
    create = "20m"
    delete = "20m"
  }
}

Currently, this block is not available.

Error: Unsupported block type

  on path_to_tf_ptoject/nlb.tf line 67, in resource "aws_api_gateway_vpc_link" "main":
  67:   timeouts {

Blocks of type "timeouts" are not expected here.

phivid on Oct 7, 2019

I’ve just upgraded to AWS provider 3.4.0 and still experiencing this issue:

module.user-preferences-api-gateway.aws_api_gateway_vpc_link.user_preferences_gateway_api_vpc_link[0]: Creating...                       
module.user-preferences-api-gateway.aws_route53_record.user_preferences_gateway_api_dns_record[0]: Still creating... [10s elapsed]       
module.user-preferences-api-gateway.aws_route53_record.user_preferences_gateway_api_dns_record[0]: Still creating... [20s elapsed]       
module.user-preferences-api-gateway.aws_route53_record.user_preferences_gateway_api_dns_record[0]: Still creating... [30s elapsed]       
module.user-preferences-api-gateway.aws_route53_record.user_preferences_gateway_api_dns_record[0]: Creation complete after 40s [id=Z2468E
QCVINKGX_user-preferences-gateway-api-test.data.XXXX.cloud_A]                                                                        
                                                                                                                                         
Error: Error waiting for APIGateway Vpc Link status to be "AVAILABLE": unexpected state 'FAILED', wanted target 'AVAILABLE'. last error: 
%!s(<nil>)

Although I’m not very familiar with Go code, If I look at the related PR merged to solve this issue, I only see an update of the waitForApiGatewayVpcLinkDeletion call:

https://github.com/terraform-providers/terraform-provider-aws/pull/10407/files

but not for any other actions. Have these been forgotten?

gijzelaerr on Sep 1, 2020

Got the same problem, how can we do a timeout here?

T00mm on Mar 19, 2020

What is the status of this? It seems like it’s not moved since 2019?

rgardam on Feb 14, 2020