No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Hello,
We are managing AWS IAM Roles and associated policies using Pulumi, we faced an issue that in case of any policy update (even basic changes in permissions/JSON) - Pulumi wants to recreate a policy but fails because it is associated to role
1. Why does permission change triggers resource recreation but not in-place update? 
2. Is it any way to handle this without a recreation of Role? (It looks like <https://www.pulumi.com/registry/packages/aws/api-docs/iam/rolepolicyattachment/> can help with this)
3. How to properly link Roles to permissions? Is depends_on enough?
Thank you