provider/aws: Policy attachment resources accept multiple policy ARNs

[hydroxide]

This alters the following resources:

• aws_iam_user_policy_attachment
• aws_iam_group_policy_attachment
• aws_iam_role_policy_attachment

to accept a list of policy ARNs (rather than a single policy) to be attached to an IAM user, group, or role.

Although this change is not backwards compatible for this resource, it simplifies configuration in cases where iam_policy_attachment is too restrictive and can't be used. It is also a more accurate reflection of what is happening in IAM when we want to reason about the policies associated with a specific user, group, or role rather than vice versa; see #5483 (comment).

[apparentlymart]

Hello @hydroxide, and thanks for working on this!

As part of the the Terraform 0.10 release earlier this year, all of the Terraform providers were moved to their own repositories in the terraform-providers GitHub organization, and removed from the Terraform Core repository.

Unfortunately due to the fact that new issues and pull requests are being opened constantly, it was not possible for the various provider maintainers to merge all outstanding pull requests before this split, and there is no automatic way to migrate a pull request to a new repository.

As a result, this pull request can sadly no longer be applied as-is, and so I'm going to close it.

If you or someone else has the time and motivation to apply same changes to the aws provider repository and open a new PR there, the maintainers of that provider should be able to review and merge it.

Thanks again for working on this, and sorry it was not able to be merged before the provider repository changes.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.