-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
service/iam: Import inline IAM user policies on terraform import of IAM user #2931
Conversation
d192116
to
9af872b
Compare
When performing a `terraform import` of a `aws_iam_user` resource now we import state for `aws_iam_user_policy` resources based on the inline policies. This format can be used to import additional aws_iam_user related resources such as managed policy attachments, login profiles, and group associations.
9af872b
to
5110435
Compare
NOTE: I also fixed the broken testAccCheckIAMUserPolicyDestroy function which was previously checking for a role policy instead of a user policy (which as far as I know would always come back as non-existent).
5110435
to
0e311a5
Compare
|
@@ -208,7 +210,7 @@ func testAccCheckIAMUserPolicyDestroy(s *terraform.State) error { | |||
} | |||
|
|||
if getResp != nil { | |||
return fmt.Errorf("Found IAM user policy, expected none: %s", getResp) | |||
return fmt.Errorf("Found IAM User, expected none: %s", getResp) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
pulled in post-merge, we should remove this.
Replaced by #3198. I might create an issue to discuss whether people would like the automatic import of user policies through the iam user resource. |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
terraform import
of aaws_iam_user
resource now we import state foraws_iam_user_policy
resources based on the inline policies.aws_iam_user_policy
resource using the formatterraform import aws_iam_user_policy.my_policy my_user:my_policy
.NOTE: The updated importer for
aws_iam_user
matches the format for importing anaws_s3_bucket
. I'm not sure whether we should include this functionality by default. I'd love feedback on whether aimport_inline_iam_user_resources
or similar provider configuration option would make sense for toggling this behaviour.