Merge branch 'rds-tags-fix-arn' of https://github.com/Ticketmaster/te…

…rraform-provider-aws into Ticketmaster-rds-tags-fix-arn
hashicorp · Jul 12, 2018 · 90538bc · 90538bc
2 parents 8511849 + b8cbeee
commit 90538bc
Showing 1 changed file with 10 additions and 9 deletions.
diff --git a/aws/auth_helpers.go b/aws/auth_helpers.go
@@ -25,6 +25,16 @@ import (
 
 func GetAccountID(iamconn *iam.IAM, stsconn *sts.STS, authProviderName string) (string, error) {
 	var errors error
+
+	// First, try STS GetCallerIdentity
+	log.Println("[DEBUG] Trying to get account ID via sts:GetCallerIdentity")
+	outCallerIdentity, err := stsconn.GetCallerIdentity(&sts.GetCallerIdentityInput{})
+	if err == nil {
+		return parseAccountIDFromArn(*outCallerIdentity.Arn)
+	}
+	log.Printf("[DEBUG] Getting account ID via sts:GetCallerIdentity failed: %s", err)
+	errors = multierror.Append(errors, err)
+
 	// If we have creds from instance profile, we can use metadata API
 	if authProviderName == ec2rolecreds.ProviderName {
 		log.Println("[DEBUG] Trying to get account ID via AWS Metadata API")
@@ -67,15 +77,6 @@ func GetAccountID(iamconn *iam.IAM, stsconn *sts.STS, authProviderName string) (
 		log.Printf("[DEBUG] Getting account ID via iam:GetUser failed: %s", err)
 	}
 
-	// Then try STS GetCallerIdentity
-	log.Println("[DEBUG] Trying to get account ID via sts:GetCallerIdentity")
-	outCallerIdentity, err := stsconn.GetCallerIdentity(&sts.GetCallerIdentityInput{})
-	if err == nil {
-		return parseAccountIDFromArn(*outCallerIdentity.Arn)
-	}
-	log.Printf("[DEBUG] Getting account ID via sts:GetCallerIdentity failed: %s", err)
-	errors = multierror.Append(errors, err)
-
 	// Then try IAM ListRoles
 	log.Println("[DEBUG] Trying to get account ID via iam:ListRoles")
 	outRoles, err := iamconn.ListRoles(&iam.ListRolesInput{