From 086af4bd62cc738c24b25774ff17216686f495a4 Mon Sep 17 00:00:00 2001
From: Radek Simko <radek.simko@gmail.com>
Date: Thu, 27 Apr 2017 12:42:36 +0100
Subject: [PATCH] provider/aws: Retry setting KMS key rotation on
 DisabledException (#14029)

---
 builtin/providers/aws/resource_aws_kms_key.go | 38 +++++++++++++------
 1 file changed, 26 insertions(+), 12 deletions(-)

diff --git a/builtin/providers/aws/resource_aws_kms_key.go b/builtin/providers/aws/resource_aws_kms_key.go
index 2fa8e3287..f95f76d95 100644
--- a/builtin/providers/aws/resource_aws_kms_key.go
+++ b/builtin/providers/aws/resource_aws_kms_key.go
@@ -320,19 +320,33 @@ func updateKmsKeyStatus(conn *kms.KMS, id string, shouldBeEnabled bool) error {
 }
 
 func updateKmsKeyRotationStatus(conn *kms.KMS, d *schema.ResourceData) error {
-	var err error
 	shouldEnableRotation := d.Get("enable_key_rotation").(bool)
-	if shouldEnableRotation {
-		log.Printf("[DEBUG] Enabling key rotation for KMS key %q", d.Id())
-		_, err = conn.EnableKeyRotation(&kms.EnableKeyRotationInput{
-			KeyId: aws.String(d.Id()),
-		})
-	} else {
-		log.Printf("[DEBUG] Disabling key rotation for KMS key %q", d.Id())
-		_, err = conn.DisableKeyRotation(&kms.DisableKeyRotationInput{
-			KeyId: aws.String(d.Id()),
-		})
-	}
+
+	err := resource.Retry(5*time.Minute, func() *resource.RetryError {
+		var err error
+		if shouldEnableRotation {
+			log.Printf("[DEBUG] Enabling key rotation for KMS key %q", d.Id())
+			_, err = conn.EnableKeyRotation(&kms.EnableKeyRotationInput{
+				KeyId: aws.String(d.Id()),
+			})
+		} else {
+			log.Printf("[DEBUG] Disabling key rotation for KMS key %q", d.Id())
+			_, err = conn.DisableKeyRotation(&kms.DisableKeyRotationInput{
+				KeyId: aws.String(d.Id()),
+			})
+		}
+
+		if err != nil {
+			awsErr, ok := err.(awserr.Error)
+			if ok && awsErr.Code() == "DisabledException" {
+				return resource.RetryableError(err)
+			}
+
+			return resource.NonRetryableError(err)
+		}
+
+		return nil
+	})
 
 	if err != nil {
 		return fmt.Errorf("Failed to set key rotation for %q to %t: %q",