DXE-3656 SECKSD-25404 Loop issue for app-sec activations?

[dparback]

Hi there,

With Akamai Terraform provider version 5.6.0 there has been some change in behaviour for app-sec security activations. Specifically reading akamai_appsec_activations , there's been changes targeting retries and reactivation.

Compared to 5.5.0-version, the provider returned the following exception and stopped the process, if the current / active version is also the latest version:

Error: Title: Concurrent Modification Error; Type: https://problems.luna.akamaiapis.net/appsec-configuration/error-types/CONCURRENT-MODIFICATION-ERROR; 
Detail: Can't activate this configuration version. Possible reasons are because it is pending or active on production already.
Error
  with akamai_appsec_activations.appsecactivation, 
Error
  on main.tf line 5, in resource "akamai_appsec_activations" "appsecactivation": 
Error
   5: resource "akamai_appsec_activations" "appsecactivation" { 

which would be an expected outcome. However, in version 5.6.0, creating a terraform plan and applying it results in an loop behaviour, without (seemingly) actually changing anything.

Have let the Terraform apply command run for more than 15 minutes, and it simply continues to run apply all the time. Leaving the only option to cancel (Ctrl+C) the operation. (In some executions, the Terraform state have actually updated the activation for x network, and by the next time the plan command is run, the outcome is "No changes. Your infratructure matches the configuration.").

Terraform Version

• Terraform v1.7.4
• Terraform v1.1.6

Affected Resource(s)

• akamai_appsec_activations

Debug Output

Running debug log (TF_LOG="DEBUG") actually reveals the same exception as shown in version 5.5.0, but re-runs the call again and again every 10 second:

akamai_appsec_activations.appsecactivation: Modifying... [id=0000000]
2024-03-01T00:00:00.00+0000 [INFO]  Starting apply for akamai_appsec_activations.appsecactivation
2024-03-01T00:00:00.00+0000 [DEBUG] akamai_appsec_activations.appsecactivation: applying the planned Update change
2024-03-01T00:00:00.00+0000 [DEBUG] provider.terraform-provider-akamai_v5.6.0.exe: 2024/03/01 00:00:00 [DEBUG] in resourceActivationsUpdate: APPSEC=resourceActivationsUpdate OperationID=00000000-0000-0000-0000-000000000000
2024-03-01T00:00:00.00+0000 [DEBUG] provider.terraform-provider-akamai_v5.6.0.exe: 2024/03/01 00:00:00 [DEBUG] creating activation
2024-03-01T00:00:00.00+0000 [DEBUG] provider.terraform-provider-akamai_v5.6.0.exe: 2024/03/01 00:00:00 [DEBUG] CreateActivations: OperationID=00000000-0000-0000-0000-000000000000
2024-03-01T00:00:00.00+0000 [DEBUG] provider.terraform-provider-akamai_v5.6.0.exe: 2024/03/01 00:00:00 [DEBUG] %s: retrying: %w: create activation failed="Title: Concurrent Modification Error; 
Type: https://problems.luna.akamaiapis.net/appsec-configuration/error-types/CONCURRENT-MODIFICATION-ERROR; Detail: Can't activate this configuration version. Possible reasons are because it is pending or active on 
production already."

Expected Behavior

From my point of view, either similar exception / behavior as in version 5.5.0 or perhaps a bit cleaner handling, like "version is already activated, skipping".

Actual Behavior

The apply action continued to run in a loop, without seemingly actually performing any changes.

Steps to Reproduce

Config to use the latest provider:

terraform {
  required_providers {
    akamai = {
      source = "akamai/akamai"
      version = "5.6.0"
    }
  }
}

1. terraform plan -out "plan.tf (passing network = STAGING or PRODUCTION, depending on what is currently recorded in the Terraform state)
2. terraform apply plan.tf

[lsadlon]

Hi @dparback

Thank you for raising this issue. We will get back to you after investigation.

BR,
Lukasz

[dparback]

Hi @lsadlon

Do you have any updates on this please?

Best regards,
Daniel

[lsadlon]

Hi @dparback

We are currently working on fixing it.

BR,
Lukasz