Has anyone figured out why the genesyscloud_user resource returns a 503 when setting softphone_enabled to true in the latest provider version?
Running v1.18.2 on GitHub Actions. The user exists. The tenant has WebRTC enabled. The error only hits during the apply step for analytics collectors. No issues with manual console config.
resource "genesyscloud_user" "analytics_collector" {
name = "Analytics Bot"
email = "[email protected]"
softphone_enabled = true
division_id = var.default_division_id
}
Error: Error updating user: 503 Service Unavailable. Retries exhausted. Endpoint: /api/v2/users/12345. Environment: Production. Timezone: AEST. Terraform version 1.6.0.
Check your outbound routing dependencies before enabling the softphone flag in Terraform. The 503 often triggers because the user lacks a valid default outbound route, causing the provisioning service to fail validation against the BYOC trunk pool.
You need to ensure the user has a valid default outbound route defined before setting softphone_enabled = true. The provisioning service fails validation immediately if the BYOC trunk pool cannot be resolved.
This seems like a classic race condition between user provisioning and routing dependency resolution. The suggestion above is spot on regarding the outbound route requirement, but there is a deeper layer involving how the Genesys Cloud platform API handles bulk operations during Terraform apply sequences. When you enable softphone_enabled, the platform attempts to validate the user’s ability to register a WebRTC endpoint against the available trunk resources. If the default outbound route is not yet fully resolved or cached in the provisioning service’s context, the API returns a 503 Service Unavailable rather than a 400 Bad Request.
To stabilize your GitHub Actions pipeline, consider restructuring the resource dependencies to ensure the routing context is established before the user object is mutated.
- Define the
genesyscloud_routing_email_domain and associated genesyscloud_routing_language resources first.
- Create the
genesyscloud_routing_outbound_route explicitly linked to your BYOC trunk.
- Use the
genesyscloud_user resource with softphone_enabled = false initially.
- Add a separate
genesyscloud_user_settings resource or a second genesyscloud_user block that references the user ID and sets softphone_enabled = true.
This separation allows the provisioning service to fully register the user’s identity and routing capabilities before attempting the more complex WebRTC endpoint validation.
resource "genesyscloud_user" "analytics_collector" {
name = "Analytics Bot"
email = "[email protected]"
softphone_enabled = false # Disable initially
division_id = var.default_division_id
# ... other settings
}
resource "genesyscloud_user_settings" "enable_softphone" {
user_id = genesyscloud_user.analytics_collector.id
softphone_enabled = true
# Ensure this runs after the user is created
depends_on = [genesyscloud_routing_outbound_route.main]
}
This pattern mitigates the 503 errors by decoupling the identity creation from the feature enablement, giving the platform time to synchronize the routing dependencies.
Have you tried adding a depends_on block for the routing configuration in your Terraform script? Zendesk doesn’t enforce this hard dependency, so GC’s strict validation feels abrupt during migration, but forcing the order usually bypasses the 503.