From 7ac9f803a020c2211734fe14e1a060a0d9b0e871 Mon Sep 17 00:00:00 2001
From: fomichevmi <59839128+fomichevmi@users.noreply.github.com>
Date: Wed, 5 Jan 2022 13:22:56 +0100
Subject: [PATCH] Fix reading security group after create

Fix for the bug described in https://github.com/hashicorp/terraform-provider-aws/issues/21628
---
 .../service/ec2/default_security_group.go     | 20 +++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/internal/service/ec2/default_security_group.go b/internal/service/ec2/default_security_group.go
index f630b84ab183..8d35f3653c21 100644
--- a/internal/service/ec2/default_security_group.go
+++ b/internal/service/ec2/default_security_group.go
@@ -328,9 +328,25 @@ func resourceDefaultSecurityGroupRead(d *schema.ResourceData, meta interface{})
 func resourceDefaultSecurityGroupUpdate(d *schema.ResourceData, meta interface{}) error {
 	conn := meta.(*conns.AWSClient).EC2Conn
 
-	group, err := FindSecurityGroupByID(conn, d.Id())
+	var group *ec2.SecurityGroup
+	var err error
+	err = resource.Retry(15 * time.Second, func() *resource.RetryError {
+		group, err = FindSecurityGroupByID(conn, d.Id())
+		if err != nil {
+			switch err.(type) {
+				case *resource.NotFoundError:
+					return resource.RetryableError(err)
+				default:
+					return resource.NonRetryableError(err)
+			}
+		}
+		return nil
+	})
+	if tfresource.TimedOut(err) {
+		group, err = FindSecurityGroupByID(conn, d.Id())
+	}
 	if err != nil {
-		return fmt.Errorf("error updating Default Security Group (%s): %w", d.Id(), err)
+		return fmt.Errorf("error updating Security Group (%s): %w", d.Id(), err)
 	}
 
 	err = resourceSecurityGroupUpdateRules(d, "ingress", meta, group)