Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue #5489 : don't call DeleteRolePermissionsBoundary when deleting IAM role #5544

Merged
merged 1 commit into from
Aug 15, 2018
Merged

Issue #5489 : don't call DeleteRolePermissionsBoundary when deleting IAM role #5544

merged 1 commit into from
Aug 15, 2018

Conversation

mgarstecki
Copy link

Fixes #5489

Changes proposed in this pull request:

  • Remove the call to the DeleteRolePermissionsBoundary API in resourceAwsIamRoleDelete.
    It is not necessary for a succesful deletion, and breaks deletion for limited AWS users.

This scenario seems to be already tested in TestAccAWSIAMRole_PermissionsBoundary so I didn't add any new tests.

This is my first PR on TF, any constructive feedback welcome :)

Output from acceptance testing:

$ make testacc TESTARGS='-run TestAccAWSIAMRole'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./... -v -run TestAccAWSIAMRole -timeout 120m
?   	github.com/terraform-providers/terraform-provider-aws	[no test files]
=== RUN   TestAccAWSIAMRolePolicy_importBasic
--- PASS: TestAccAWSIAMRolePolicy_importBasic (15.56s)
=== RUN   TestAccAWSIAMRole_importBasic
--- PASS: TestAccAWSIAMRole_importBasic (14.17s)
=== RUN   TestAccAWSIAMRolePolicy_basic
--- PASS: TestAccAWSIAMRolePolicy_basic (24.45s)
=== RUN   TestAccAWSIAMRolePolicy_namePrefix
--- PASS: TestAccAWSIAMRolePolicy_namePrefix (24.07s)
=== RUN   TestAccAWSIAMRolePolicy_generatedName
--- PASS: TestAccAWSIAMRolePolicy_generatedName (23.55s)
=== RUN   TestAccAWSIAMRolePolicy_invalidJSON
--- PASS: TestAccAWSIAMRolePolicy_invalidJSON (1.15s)
=== RUN   TestAccAWSIAMRole_basic
--- PASS: TestAccAWSIAMRole_basic (12.77s)
=== RUN   TestAccAWSIAMRole_basicWithDescription
--- PASS: TestAccAWSIAMRole_basicWithDescription (31.00s)
=== RUN   TestAccAWSIAMRole_namePrefix
--- PASS: TestAccAWSIAMRole_namePrefix (12.19s)
=== RUN   TestAccAWSIAMRole_testNameChange
--- PASS: TestAccAWSIAMRole_testNameChange (28.93s)
=== RUN   TestAccAWSIAMRole_badJSON
--- PASS: TestAccAWSIAMRole_badJSON (1.24s)
=== RUN   TestAccAWSIAMRole_disappears
--- PASS: TestAccAWSIAMRole_disappears (8.84s)
=== RUN   TestAccAWSIAMRole_force_detach_policies
--- PASS: TestAccAWSIAMRole_force_detach_policies (17.70s)
=== RUN   TestAccAWSIAMRole_MaxSessionDuration
--- PASS: TestAccAWSIAMRole_MaxSessionDuration (22.84s)
=== RUN   TestAccAWSIAMRole_PermissionsBoundary
--- PASS: TestAccAWSIAMRole_PermissionsBoundary (40.25s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	278.727s

@ghost ghost added the size/XS Managed by automation to categorize the size of a PR. label Aug 14, 2018
@bflad bflad added enhancement Requests to existing resources that expand the functionality or scope. service/iam Issues and PRs that pertain to the iam service. labels Aug 15, 2018
@bflad bflad added this to the v1.32.0 milestone Aug 15, 2018
bflad
bflad approved these changes Aug 15, 2018
View reviewed changes
Copy link
Contributor

@bflad bflad left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks for catching and fixing this @mgarstecki! 🚀

10 tests passed (all tests)
=== RUN   TestAccAWSIAMRole_badJSON
--- PASS: TestAccAWSIAMRole_badJSON (1.24s)
=== RUN   TestAccAWSIAMRole_disappears
--- PASS: TestAccAWSIAMRole_disappears (5.07s)
=== RUN   TestAccAWSIAMRole_namePrefix
--- PASS: TestAccAWSIAMRole_namePrefix (7.05s)
=== RUN   TestAccAWSIAMRole_basic
--- PASS: TestAccAWSIAMRole_basic (7.07s)
=== RUN   TestAccAWSIAMRole_importBasic
--- PASS: TestAccAWSIAMRole_importBasic (7.71s)
=== RUN   TestAccAWSIAMRole_MaxSessionDuration
--- PASS: TestAccAWSIAMRole_MaxSessionDuration (11.63s)
=== RUN   TestAccAWSIAMRole_force_detach_policies
--- PASS: TestAccAWSIAMRole_force_detach_policies (11.97s)
=== RUN   TestAccAWSIAMRole_basicWithDescription
--- PASS: TestAccAWSIAMRole_basicWithDescription (15.15s)
=== RUN   TestAccAWSIAMRole_testNameChange
--- PASS: TestAccAWSIAMRole_testNameChange (17.09s)
=== RUN   TestAccAWSIAMRole_PermissionsBoundary
--- PASS: TestAccAWSIAMRole_PermissionsBoundary (19.77s)

@bflad bflad added bug Addresses a defect in current functionality. and removed enhancement Requests to existing resources that expand the functionality or scope. labels Aug 15, 2018
@bflad bflad merged commit 45f6b51 into hashicorp:master Aug 15, 2018
@bflad bflad mentioned this pull request Aug 15, 2018
Closed
bflad added a commit that referenced this pull request Aug 15, 2018
@bflad
Update CHANGELOG for #5544
8d6794a
@bflad
Copy link
Contributor

bflad commented Aug 16, 2018

This has been released in version 1.32.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

@mgarstecki mgarstecki deleted the iam_role-fix_boundary_error_on_delete branch August 30, 2018 20:37
@ghost
Copy link

ghost commented Apr 3, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Apr 3, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@bflad bflad bflad approved these changes

Assignees
No one assigned
Labels
bug Addresses a defect in current functionality. service/iam Issues and PRs that pertain to the iam service. size/XS Managed by automation to categorize the size of a PR.
Projects
None yet
Milestone
v1.32.0
Development

Successfully merging this pull request may close these issues.

Cannot delete IAM role without permissions to delete non-existent RoleBoundary
2 participants
@mgarstecki @bflad