08/01/2022, 6:33 PM
Hello, We are managing AWS IAM Roles and associated policies using Pulumi, we faced an issue that in case of any policy update (even basic changes in permissions/JSON) - Pulumi wants to recreate a policy but fails because it is associated to role 1. Why does permission change triggers resource recreation but not in-place update? 2. Is it any way to handle this without a recreation of Role? (It looks like can help with this) 3. How to properly link Roles to permissions? Is depends_on enough? Thank you