-
Notifications
You must be signed in to change notification settings - Fork 9.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
IAM Role not added to state when inline IAM Policy is invalid #23124
Comments
Yeah, I can confirm that we ran into this on provider v4.48.0 as well. |
Rather than partially create the resource, we believe the correct behavior is for the role creation to fail when the inline policy fails. This approach will fix the |
Warning This issue has been closed, meaning that any additional comments are hard for our team to see. Please assume that the maintainers will not see them. Ongoing conversations amongst community members are welcome, however, the issue will be locked after 30 days. Moving conversations to another venue, such as the AWS Provider forum, is recommended. If you have additional concerns, please open a new issue, referencing this one where needed. |
This functionality has been released in v5.60.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Community Note
Terraform CLI and Terraform AWS Provider Version
Terraform Configuration Files
This config is invalid due to the
inline_policy
missing theactions
.Debug Output
Plan, Apply and Import logs showing the issue.
Debug Logs
Panic Output
N/A
Expected Behavior
The IAM Role should be added to the state, allowing a second
terraform apply
to fix the IAM Policy.terraform apply
creates the role, ERRORMalformedPolicyDocument
on the policyterraform plan
shows only the IAM Policy to be updatedterraform apply
updates the IAM Policy and finishes successfully.Actual Behavior
terraform apply
creates the IAM Role. ERRORMalformedPolicyDocument
on the policyterraform plan
shows the IAM Policy and the IAM Role to be createdterraform apply
ERROREntityAlreadyExists
as the IAM Role was created on the first run, but not added to state.Steps to Reproduce
Just run the config above twice.
terraform apply
-MalformedPolicyDocument
terraform apply
-EntityAlreadyExists
Important Factoids
References
The text was updated successfully, but these errors were encountered: