sparse-intern-71089
12/01/2022, 12:59 PMlittle-cartoon-10569
12/01/2022, 7:39 PMlittle-cartoon-10569
12/01/2022, 7:39 PMlittle-cartoon-10569
12/01/2022, 7:40 PMignoreChanges
on the inline and managed policy ARN properties.curved-appointment-51749
12/02/2022, 11:34 AMmanagedPolicyArns
being set in code by me and being set by Pulumi? How does Pulumi track whether it set it to store it in the state or whether I set it to store it in the state? I expected that the two notes were about it being present in the state or absent from the state. Policies do get attached and are managed by Pulumi when setting the following managedPolicyArns: []
and using something like aws.iam.RolePolicyAttachment
.
If that is the case, it may be worth adding another note about this in the documentation to explain this difference as it is unexpected.little-cartoon-10569
12/04/2022, 7:50 PMHow does Pulumi track whether it set it to store it in the state or whether I set it to store it in the state?It doesn't. Instead, it tells you not to do this:
NOTE: For a given role, this resource is incompatible with using the aws.iam.Role resource managed_policy_arns argument. When using that argument and this resource, both will attempt to manage the role’s managed policy attachments and the provider will show a permanent difference.