How to fix-Terraform Error acquiring the state lock ConditionalCheckFiledException?
It might be possible that you are in the middle of running terraform plan
or terraform apply
command but
unfortunately, you ended up with the error - Error locking state: Error acquiring the state lock: ConditionalCheckFailedException: The conditional request failed.
Here is one of the same errors which I have faced while I was working on one of my terraform projects for saving
terraform state using DynamoDB
In this blog, we will have a more detailed look at the possible root cause as well as how to fix the error.
Table of Content
1. Root Cause
How the error Happens?- The error might show up on your console when you are either running terraform plan
or terraform apply
command.
Reason- Terraform has an internal validation that checks if there is a state lock already present then another process can not access the same resource with the same state
- Terraform allows you to have one process with one state lock.
- When more than one process tries to acquire the same state lock on the same resource then it might result in the Error locking state: Error acquiring the state lock: ConditionalCheckFailedException.
- Another possible reason is the
- Network outage - Because of the network outage there is a chance the previous terraform process might have terminated before it completion resulting in the error.
- incorrect AWS profile - In your project, you have multiple AWS profile but you are using an incorrect AWS profile which will also result in the same error.
2. How to fix it?
Here I have composed 4 possible solutions to fix it-
1. Using command terraform force-unlock- Here are steps you need to follow
- Copy the terraform process id from the error message -
copy terraform process id - Run the following command to force unlock the process -
1terraform force-unlock -force 394uf383-b6fe-c5f2-2678-98323hdfo1
2. Use -lock=false along with terraform plan - If the previous force-unlock command does not work then use the -lock=false command
1terraform plan -lock=false
3. kill terraform process- Well if none of the previous solutions works then I would recommend using kill -9
to
terminate the process.
- Find the terraform Process ID using the command
ps aux | grep terraform
- Kill the process using -
kill -9 <process_id>
(Note- Running the kill -9 might require root privileges)
4. Wrong AWS profile- The another and least possible fix for the issue is - You are using the incorrect AWS
profile. You must check the AWS Profile or at least set the correct AWS profile by running the command export AWS_PROFILE=another_one
Running the terraform plan, terraform apply
command from another profile might also lead to the issue because the
the process has already occupied the lock and another process with an incorrect profile would lead to the error Error acquiring the state lock: ConditionalCheckFailedException
3. Conclusion
I hope the above-mentioned steps would help you to troubleshoot the issue with your terraform state. For more details on Terraform state I would recommend you to go through the article - Managing Terraform states and also, look on how to put state locking using DynamoDB
Posts in this Series
- Use Terraform to manage AWS IAM Policies, Roles and Users
- How to split Your Terraform main.tf File into Multiple Files
- How to use Terraform variable within variable
- Mastering the Terraform Lookup Function for Dynamic Keys
- Copy files to EC2 and S3 bucket using Terraform
- Troubleshooting Error creating EC2 Subnet InvalidSubnet Range The CIDR is Invalid
- Troubleshooting InvalidParameter Security group and subnet belong to different networks
- Managing strings in Terraform: A comprehensive guide
- How to use terraform depends_on meta argument?
- What is user_data in Terraform?
- Why you should not store terraform state file(.tfstate) inside Git Repository?
- How to import existing resource using terraform import comand?
- Terraform - A detailed guide on setting up ALB(Application Load Balancer) and SSL?
- Testing Infrastructure as Code with Terraform?
- How to remove a resource from Terraform state?
- What is Terraform null Resource?
- In terraform how to skip creation of resource if the resource already exist?
- How to setup Virtual machine on Google Cloud Platform
- How to use Terraform locals?
- Terraform Guide - Docker Containers & AWS ECR(elastic container registry)?
- How to generate SSH key in Terraform using tls_private_key?
- How to fix-Terraform Error acquiring the state lock ConditionalCheckFiledException?
- Terraform Template - A complete guide?
- How to use Terragrunt?
- Terraform and AWS Multi account Setup?
- Terraform and AWS credentials handling?
- How to fix-error configuring S3 Backend no valid credential sources for S3 Backend found?
- Terraform state locking using DynamoDB (aws_dynamodb_table)?
- Managing Terraform states?
- Securing AWS secrets using HashiCorp Vault with Terraform?
- How to use Workspaces in Terraform?
- How to run specific terraform resource, module, target?
- How Terraform modules works?
- Secure AWS EC2s & GCP VMs with Terraform SSH Keys!
- What is terraform provisioner?
- Is terraform destroy needed before terraform apply?
- How to fix terraform error Your query returned no results. Please change your search criteria and try again?
- How to use Terraform Data sources?
- How to use Terraform resource meta arguments?
- How to use Terraform Dynamic blocks?
- Terraform - How to nuke AWS resources and save additional AWS infrastructure cost?
- Understanding terraform count, for_each and for loop?
- How to use Terraform output values?
- How to fix error configuring Terraform AWS Provider error validating provider credentials error calling sts GetCallerIdentity SignatureDoesNotMatch?
- How to fix Invalid function argument on line in provider credentials file google Invalid value for path parameter no file exists
- How to fix error value for undeclared variable a variable named was assigned on the command line?
- What is variable.tf and terraform.tfvars?
- How to use Terraform Variables - Locals,Input,Output
- Terraform create EC2 Instance on AWS
- How to fix Error creating service account googleapi Error 403 Identity and Access Management (IAM) API has not been used in project before or it is disabled
- Install terraform on Ubuntu 20.04, CentOS 8, MacOS, Windows 10, Fedora 33, Red hat 8 and Solaris 11