DevOps
Fix Terraform Error: CloudWatch Log Group Already Exists
Fix terraform CloudWatch Log Group ResourceAlreadyExistsException. Import orphaned log groups, prevent Lambda auto-creation
3 min read
DevOps
Fix Terraform Error - Error Waiting for Route53 ChangeInfo - Timeout
Fix Route53 DNS change timeout errors in Terraform. Handle slow DNS propagation, increase timeouts, and troubleshoot hosted zone configuration issues.
LLuca Berton1 min read
Quick Answer
#Route53 DNS changes are taking longer than Terraform's default timeout to propagate. DNS changes usually take 60 seconds but can take longer. Increase the timeout or check if the hosted zone configuration has issues.
The Error
#Error: error waiting for Route53 change: timeout while waiting
for state to become 'INSYNC' (last state: 'PENDING', timeout: 30s)What Causes This
#- Normal propagation delay — Route53 changes typically take 60s but can take longer
- Large batch of changes — many records modified at once
- Hosted zone delegation issues — NS records don't match the registrar
- API throttling — too many Route53 API calls
How to Fix It
#Solution 1: Increase Timeout on Records
#resource "aws_route53_record" "www" {
zone_id = aws_route53_zone.main.zone_id
name = "www.example.com"
type = "A"
alias {
name = aws_lb.main.dns_name
zone_id = aws_lb.main.zone_id
evaluate_target_health = true
}
# Route53 records don't have built-in timeouts,
# but you can use provisioner with retry logic
}Solution 2: Apply in Smaller Batches
## Instead of all records at once
terraform apply -target=aws_route53_record.www
terraform apply -target=aws_route53_record.api
terraform apply # Remaining resourcesSolution 3: Verify Hosted Zone
## Check the hosted zone exists and is active
aws route53 get-hosted-zone --id Z1234567890
# Check if NS records match registrar
aws route53 list-resource-record-sets --hosted-zone-id Z1234567890 \
--query "ResourceRecordSets[?Type=='NS']"
# Check change status
aws route53 get-change --id /change/C1234567890Solution 4: Use allow_overwrite
#resource "aws_route53_record" "www" {
zone_id = aws_route53_zone.main.zone_id
name = "www.example.com"
type = "A"
ttl = 300
records = ["1.2.3.4"]
allow_overwrite = true # Prevents conflict with existing records
}Common Route53 Issues
#| Issue | Cause | Fix |
|---|---|---|
| Timeout on INSYNC | Normal propagation | Retry terraform apply |
| Record already exists | Created outside Terraform | allow_overwrite = true or import |
| Delegation failed | NS mismatch | Update registrar NS records |
| Throttling | Too many API calls | Apply in smaller batches |
Troubleshooting Checklist
#- ✅ Does a simple retry fix it? (
terraform applyagain) - ✅ Is the hosted zone correctly delegated?
- ✅ Are you creating many records at once?
- ✅ Can you verify the change status? (
aws route53 get-change)
Related Articles
#Conclusion
#Route53 timeout errors are usually temporary — DNS propagation takes time. Retry the apply first. If persistent, check hosted zone delegation, apply in smaller batches, and use allow_overwrite to handle pre-existing records.
#Terraform#Troubleshooting#DevOps#Error Fix#Infrastructure as Code
Related articles
DevOps
Fix Terraform Error: Cannot Import Into Existing State
Fix terraform import errors when a resource already exists in state. Covers state rm, state show, reimport workflow, import blocks
3 min read
DevOps
Fix Terraform Error: Too Many Command Line Arguments
Fix terraform too many command line arguments errors. Correct -var syntax, quote values with spaces, and learn proper Terraform CLI argument format for plan
3 min read
DevOps
Fix Terraform Error: Invalid Escape Sequence in String
Fix terraform invalid escape sequence errors. Double backslashes for Windows paths, use heredocs for regex, and learn all valid HCL escape sequences.
2 min read