Need some help troubleshooting…
- Context: Deploying Genesys Cloud users via Terraform for AU-1 BYOC environment.
- Provider: genesyscloud v1.22.0
- Resource: genesyscloud_user
- Issue: Apply fails with HTTP 409 Conflict when attempting to update existing user profiles.
- Error Message:
“Error updating user: 409 Conflict. Body: {"code":"conflict","message":"Unable to update user due to compliance data retention policy conflict.","status":"conflict"}” - Observations:
- The plan shows no changes to the user resource itself.
- The apply succeeds if the user is newly created.
- The apply fails only when modifying attributes of users who have already been in the system for >30 days.
- Manual update via UI works without error.
- Hypothesis:
- Suspect a race condition or backend locking issue related to the new compliance data masking features rolling out in AU-1.
- The API might be checking retention locks that are not exposed in the Terraform provider schema.
- Steps to Reproduce:
- Create user via Terraform.
- Wait 24 hours.
- Modify a non-identity attribute (e.g., division_id or custom attribute).
- Run terraform apply.
- Logs:
- TF_LOG=DEBUG shows the PUT request to /api/v2/users/{id} returning 409.
- No additional details in the error body.
- Question:
- Is this a known issue with the provider and compliance policies?
- Should we add a retry mechanism or wait for a provider update?
- Any workarounds for updating users with active compliance locks?