No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Our program creates two Cosmos DB data plane RBAC role assignments (similar to, yet distinct from, the standard Azure RBAC role assignment). These are created using the `SqlResourceSqlRoleAssignment` type from the `DocumentDB` namespace.

It seems Cosmos is only able to create one of these at a time. One of them succeeds, the other gets:
```error: Code="PreconditionFailed" Message="There is another user operation in progress which requires an exclusive lock on [orgflow-runner-runner-cdb]. Please retry after sometime.\r\nActivityId: af360631-3ac5-470a-897a-ba45563aabc7, Microsoft.Azure.Documents.Common/2.14.0"```
If I retry the `pulumi up` then the next time the other one gets created.

Now, our IaC code is very decomposed, with different microservices each owning and contributing their own chunks to the resource tree, and these two role assignments live in different and completely decoupled parts of the code. Therefore it’s not really feasible to have one of them simply do `DependsOn` on the other to serialize their creation.

How can we solve this problem?