Skip to content

Commit

Permalink
Merge pull request #31656 from hashicorp/td-aws_iam_role-remove-role_…
Browse files Browse the repository at this point in the history
…last_used

r/aws_iam_role: Remove `role_last_used` attribute
  • Loading branch information
jar-b authored Jun 1, 2023
2 parents 3916a4a + 915f495 commit 483f3e0
Showing 5 changed files with 22 additions and 42 deletions.
7 changes: 7 additions & 0 deletions .changelog/31656.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:breaking-change
resource/aws_iam_role: The `role_last_used` attribute has been removed. Use the `aws_iam_role` data source instead.
```

```release-note:note
resource/aws_iam_role: The `role_last_used` attribute has been removed. Use the `aws_iam_role` data source instead. See the community feedback provided in the [linked issue](https://github.com/hashicorp/terraform-provider-aws/issues/30861) for additional justification on this change. As the attribute is read-only, unlikely to be used as an input to another resource, and available in the corresponding data source, a breaking change in a minor version was deemed preferable to a long deprecation/removal cycle in this circumstance.
```
35 changes: 0 additions & 35 deletions internal/service/iam/role.go
Original file line number Diff line number Diff line change
@@ -160,22 +160,6 @@ func ResourceRole() *schema.Resource {
Optional: true,
ValidateFunc: verify.ValidARN,
},
"role_last_used": {
Type: schema.TypeList,
Computed: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"region": {
Type: schema.TypeString,
Computed: true,
},
"last_used_date": {
Type: schema.TypeString,
Computed: true,
},
},
},
},
names.AttrTags: tftags.TagsSchema(),
names.AttrTagsAll: tftags.TagsSchemaComputed(),
"unique_id": {
@@ -324,10 +308,6 @@ func resourceRoleRead(ctx context.Context, d *schema.ResourceData, meta interfac
return sdkdiag.AppendErrorf(diags, "reading inline policies for IAM role %s, error: %s", d.Id(), err)
}

if err := d.Set("role_last_used", flattenRoleLastUsed(role.RoleLastUsed)); err != nil {
return sdkdiag.AppendErrorf(diags, "setting role_last_used: %s", err)
}

var configPoliciesList []*iam.PutRolePolicyInput
if v := d.Get("inline_policy").(*schema.Set); v.Len() > 0 {
configPoliciesList = expandRoleInlinePolicies(aws.StringValue(role.RoleName), v.List())
@@ -754,21 +734,6 @@ func deleteRoleInlinePolicies(ctx context.Context, conn *iam.IAM, roleName strin
return nil
}

func flattenRoleLastUsed(apiObject *iam.RoleLastUsed) []interface{} {
if apiObject == nil {
return nil
}

tfMap := map[string]interface{}{
"region": aws.StringValue(apiObject.Region),
}

if apiObject.LastUsedDate != nil {
tfMap["last_used_date"] = apiObject.LastUsedDate.Format(time.RFC3339)
}
return []interface{}{tfMap}
}

func flattenRoleInlinePolicy(apiObject *iam.PutRolePolicyInput) map[string]interface{} {
if apiObject == nil {
return nil
15 changes: 15 additions & 0 deletions internal/service/iam/role_data_source.go
Original file line number Diff line number Diff line change
@@ -131,3 +131,18 @@ func dataSourceRoleRead(ctx context.Context, d *schema.ResourceData, meta interf

return diags
}

func flattenRoleLastUsed(apiObject *iam.RoleLastUsed) []interface{} {
if apiObject == nil {
return nil
}

tfMap := map[string]interface{}{
"region": aws.StringValue(apiObject.Region),
}

if apiObject.LastUsedDate != nil {
tfMap["last_used_date"] = apiObject.LastUsedDate.Format(time.RFC3339)
}
return []interface{}{tfMap}
}
1 change: 0 additions & 1 deletion internal/service/iam/role_data_source_test.go
Original file line number Diff line number Diff line change
@@ -74,7 +74,6 @@ const testAccRoleDataSourceConfig_AssumeRolePolicy_ExpectedJSON = `{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Action": "sts:AssumeRole",
"Principal": {
6 changes: 0 additions & 6 deletions website/docs/r/iam_role.html.markdown
Original file line number Diff line number Diff line change
@@ -208,15 +208,9 @@ In addition to all arguments above, the following attributes are exported:
* `create_date` - Creation date of the IAM role.
* `id` - Name of the role.
* `name` - Name of the role.
* `role_last_used` - Contains information about the last time that an IAM role was used. See [`role_last_used`](#role_last_used) for details.
* `tags_all` - A map of tags assigned to the resource, including those inherited from the provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block).
* `unique_id` - Stable and unique string identifying the role.

### role_last_used

* `region` - The name of the AWS Region in which the role was last used.
* `last_used_time` - The date and time, in RFC 3339 format, that the role was last used.

## Import

IAM Roles can be imported using the `name`, e.g.,

0 comments on commit 483f3e0

Please sign in to comment.