Skip to content

fix: Attach policies to IAM user (not role) #595

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

fix: Attach policies to IAM user (not role) #595

wants to merge 1 commit into from

Conversation

@emuesuenu
Copy link

@emuesuenu emuesuenu commented Aug 14, 2025
edited
Loading

Description

Replace the incorrect resource type aws_iam_role_policy_attachment with aws_iam_user_policy_attachment.

Update arguments accordingly (role -> user) so attachments target the created IAM user (aws_iam_user.this[0].name).

No changes to input variables: var.policies remains a map and the for_each logic is unchanged.

Motivation and Context

The previous implementation attempted to attach policies using the role attachment resource for an IAM user, which is invalid.

Breaking Changes

Resource address change: from aws_iam_role_policy_attachment.additional to aws_iam_user_policy_attachment.additional.
Terraform will plan to replace these attachment resources on the next apply (destroy old, create new).

Impact: Brief re‑creation of policy attachments during apply. No persistent permission loss is expected.

How Has This Been Tested?

  • I have updated at least one of the examples/* to demonstrate and validate my change(s)
  • I have tested and validated these changes using one or more of the provided examples/* projects
@emuesuenu
fix(iam-user): attach policies to IAM user (not role)
87a4070 
Replace aws_iam_role_policy_attachment with aws_iam_user_policy_attachment and switch the attribute from `role` to `user`. This ensures `var.policies` are correctly attached to the created IAM user and prevents apply errors.
@emuesuenu emuesuenu changed the title fix(iam-user): attach policies to IAM user (not role) fix: attach policies to IAM user (not role) Aug 14, 2025
@emuesuenu emuesuenu changed the title fix: attach policies to IAM user (not role) fix: Attach policies to IAM user (not role) Aug 14, 2025
@emuesuenu emuesuenu marked this pull request as ready for review August 14, 2025 23:43
@bryantbiggs
Copy link
Member

bryantbiggs commented Aug 14, 2025

This was corrected in #594
@emuesuenu emuesuenu closed this Aug 15, 2025
@github-actions
Copy link

github-actions bot commented Sep 14, 2025

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 14, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

2 participants

@emuesuenu @bryantbiggs