Terraform Destroy on Role Grant will remove ALL users in Role, not a specific user

[knighteagle789]

When I run a terraform Role_Grant, it adds the specific user as expected. But when I run the destroy afterward, it queries out and grabs All of the users for that role and removes them.

I would expect to only see the specific user that was added to the role to be removed from the role.

[ahaffar]

i am having the same issue
version 0.15.0

[ryanking]

@knighteagle789 did the plan list all users, or only the one in your configuration?

[ryanking]

I think this may unfortunately end up being a result of the way we have to implement the read path for these resources. The grant resources all have to be exclusive currently.

[cstkpk]

@ryanking has there been any further discussion on this? I'm finding that if I've used the role_grants resource to grant a user to a role and then remove that user, the user will be destroyed but the entire role_grants object will also be destroyed, rather than just removing that user from the role_grants object.

When destroying a user or role, is it possible to remove only the users or roles granted in that particular module instead of destroying the role grant entirely?

[sfc-gh-asawicki]

We are closing this issue as part of a cleanup described in announcement. If you believe that the issue is still valid in v0.89.0, please open a new ticket.