Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

provider/aws: Remove roles from profiles when trying to delete #2177

Merged
merged 2 commits into from
Jun 8, 2015
Merged

provider/aws: Remove roles from profiles when trying to delete #2177

merged 2 commits into from
Jun 8, 2015

Conversation

catsby
Copy link
Contributor

@catsby catsby commented Jun 1, 2015

This fixes #2049.

Summary:

  • you can't update the name of a IAM Role (at least at this time, via the API)
  • you can't destroy an IAM Role when its attached to an IAM Profile
  • loop through the profiles that a role is attached to, and remove it
  • destroy role

Summoning @phinze and @mitchellh: this feels to me like a thing that should be behind a force_detach type flag, agree? As is, it removes the role from all profiles that it's attached to (I assume it's a many to many), not just any that's in the TF file(s)

@catsby catsby mentioned this pull request Jun 1, 2015
Closed
@mitchellh
Copy link
Contributor

LGTM

@catsby
Merge branch 'master' into b-aws-iam-role-profile-update
35047db 
* master: (91 commits)
  update CHANGELOG
  update CHANGELOG
  state/remote: more canonical Go for skip TLS verify
  update CHANGELOG
  update CHANGELOG
  command/apply: flatten multierrors
  provider/aws: improve iam_policy err msgs
  acc tests: ensure each resource has a _basic test
  aws/provider convert _normal tests to _basic
  go fmt
  Enpoint type configuration for OpenStack provider
  Fix page title for aws_elasticache_cluster
  Update CHANGELOG.md
  Corrected Frankfurt S3 Website Endpoint fixes #2258
  Only run Swift tests when Swift is available
  Implement OpenStack/Swift remote
  Minor correction to aws_s3_bucket docs
  docs: Fix wrong title (aws_autoscaling_notification)
  provider/aws: clarify scaling timeout error
  Update CHANGELOG.md
  ...
@catsby
Copy link
Contributor Author

catsby commented Jun 8, 2015

@mitchellh any thoughts on the force_detach idea? Maybe not necessary

@phinze
Copy link
Contributor

phinze commented Jun 8, 2015

I think in this case, since it's absolutely required that the role be detached from everything for it to be removed, that it's good as the default behavior.

catsby added a commit that referenced this pull request Jun 8, 2015
@catsby
Merge pull request #2177 from hashicorp/b-aws-iam-role-profile-update
a39516c 
provider/aws: Remove roles from profiles when trying to delete
@catsby catsby merged commit a39516c into master Jun 8, 2015
@catsby catsby deleted the b-aws-iam-role-profile-update branch June 8, 2015 18:08
@ghost
Copy link

ghost commented May 2, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators May 2, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement provider/aws
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Unable to update aws_iam_role once a aws_iam_instance_profile has been attached
3 participants
@catsby @mitchellh @phinze