devwannabe
Reputation: 3210
Policy not imported using terraform import
I created a role manually using aws console called demo_role. I attached a policy to this role. I ran
terraform import aws_iam_role.demo_role demo_role
and it successfully imported it in the state file. However, terraform show doesn't display the policy I attached to it. What did I miss?
output of terraform show
aws_iam_role.demo_role:
id = demo_role
arn = arn:aws:iam::***********:role/demo_role
assume_role_policy = {"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]}
create_date = 2020-01-08T20:39:26Z
description = Allows Lambda functions to call AWS services on your behalf.
force_detach_policies = false
max_session_duration = 3600
name = demo_role
path = /
tags.% = 0
unique_id = *******************
Upvotes: 0
Views: 440
Answers (1)
Ngenator
Reputation: 11259
Terraform won't import the attached policy automatically due to the fact that it's a separate resource. You need to also import the policy to an aws_iam_role_policy resource. The assume role policy is defined directly on the role itself, which is why it is included.
Upvotes: 1
Related Questions
- Terraform IAM Policy creation - MalformedPolicyDocument: The policy failed legacy parsing
- How to fix MalformedPolicyDocument: syntax error in policy generated when use terraform
- Importing terraform aws_iam_policy
- Defining new policy with Terraform on AWS, but gets error in Version
- Malformed Policy Document: Has prohibited field Resource
- How to import terraform policy attachment?
- load policy.json file in terraform
- MalformedPolicyDocument error when creating policy via terraform
- Terraform Import using Terraform modules in AWS
- Terraform bad policy