Running terraform apply fails immediately with a 409 Conflict on genesyscloud_auth_division. The error states the resource already exists, but I didn’t define it manually. Here is the config:
resource "genesyscloud_auth_division" "main" {
name = "Main Division"
}
I tried running terraform refresh but it didn’t help. How do I import the existing default division or force the provider to skip this conflict?
Make sure you verify if the division already exists in your instance before running apply. The default division often causes this conflict if not handled correctly in your Terraform state.
Use the import command to sync the existing resource:
terraform import genesyscloud_auth_division.main <division_id>
This aligns your local state with the remote reality.
It depends, but generally… relying on manual terraform import for the default division is a fragile anti-pattern in automated pipelines. The default division ID is not static across environments, and hardcoding it or manually importing it breaks the idempotency of your CI/CD validation.
Instead, query the existing default division ID dynamically during the plan phase to avoid the 409 Conflict entirely. Use a local variable with the genesyscloud_auth_division data source or a pre-apply script to fetch the correct ID.
data "genesyscloud_auth_division" "default" {
name = "default"
}
resource "genesyscloud_auth_division" "main" {
name = "Main Division"
# Only create if it doesn't match default
}
Warning: If your state file already tracks a non-existent resource, you must run terraform state rm genesyscloud_auth_division.main before re-applying. Otherwise, the provider will attempt to create a duplicate, causing the conflict regardless of the import status. Always verify state integrity before applying changes in disaster recovery scenarios.
This is typically caused by the default division collision. The suggestion above is correct, but manual imports fail in CI/CD.
Error: 409 Conflict on genesyscloud_auth_division
Use a data source to fetch the ID dynamically. This ensures idempotency across environments.
data "genesyscloud_auth_division" "default" {
name = "Default Division"
}The root cause here is the provider attempting to create a resource that already exists in your org. The suggestion above using a data source is correct, but be cautious with naming collisions.
resource block for the default division.data "genesyscloud_auth_division" to fetch the ID.data.genesyscloud_auth_division.default.id in your configs.