Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

terraform fails when an iam user or role is renamed #7939

Closed
justin8 opened this issue Aug 3, 2016 · 4 comments
Closed

terraform fails when an iam user or role is renamed #7939

justin8 opened this issue Aug 3, 2016 · 4 comments

Comments

@justin8
Copy link

justin8 commented Aug 3, 2016

When renaming a role/user (probably groups as well, but I haven't tested this). It attempts to delete the old resource without detaching the policies, then returns this:

Error applying plan:

1 error(s) occurred:

* aws_iam_user.jenkins-test: Error deleting IAM User jenkins-test: DeleteConflict: Cannot delete entity, must detach all policies first.
    status code: 409, request id: 8c1f8c69-5967-11e6-b3ac-ab2eb361e21c

Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.

According to #3227 it sounds like this should have already been fixed, but it doesn't seem this way.

Terraform Version

v0.6.616

References

#3227

@jen20
Copy link
Contributor

jen20 commented Aug 3, 2016

Hi @justin8! Thanks for opening an issue. I'd definitely consider this a bug. Can you confirm the steps you took here? I think looking at it the following is probably the case:

  1. Create an aws_iam_user with at least one policy attached
  2. Rename the resulting user in the AWS console
  3. terraform plan and terraform apply?

@justin8
Copy link
Author

justin8 commented Aug 12, 2016

Sorry for the slow response, I've been travelling recently.

I get the issue without ever touching the user in the AWS console, just creating a new iam user via terraform (and the attached policy is also managed in terraform in the same file) , renaming in the state file and running terraform plan shows what you would expect, 1 create, 1 destroy. But terraform apply tries to delete the user without detaching policies first.

@tmatilai
Copy link

Duplicate of #5853

@ghost
Copy link

ghost commented Apr 10, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Apr 10, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

4 participants