future-nail-59564
11/30/2020, 10:28 PMaws.iam.GroupMembership
per aws.iam.Group
? I want to be able to attach a user to a group, independently from the users already part of that group. Therefore, in my User component, I am creating a GroupMembership
specifically for that user-group relationship:
new aws.iam.GroupMembership(
`${username}-${group}`,
{
users: [username],
group: group,
},
However, it appears that this group membership gets overwritten by each user, even if all GroupMembership resources have unique names. The first time I run my stack, the group is correctly created in IAM with all users, however the state doesn’t seem to be updated correctly, because the next time I run the stack (while there is supposed to be no change), it removes all users from group in IAM but one. I assuming it’s a bug, because the second run of the stack should be idempotent.little-cartoon-10569
11/30/2020, 10:34 PMaws_iam_group_membership will conflict with itself if used more than once with the same group. To non-exclusively manage the users in a group, see the aws_iam_user_group_membership
future-nail-59564
11/30/2020, 10:35 PMlittle-cartoon-10569
11/30/2020, 10:56 PM