This pull request (hopefully!) fixes an issue applying #253, where we'd try to delete the IAM user before the attached policies had been deleted. According to Terraform's documentation and this issue, adding force_destroy will let us delete this safely & sidestep this kaboom:
Error: Error deleting IAM User longshot-footlocker: DeleteConflict: Cannot delete entity, must delete policies first.
status code: 409, request id: fc6a7002-5040-44da-a871-514d28a5d077
How should this be reviewed?
Step one is re-adding the IAM user so we can "apply" the force_destroy option, step two is trying to delete it again for real. Luckily, we can conditionally apply this per workspace (e.g. Longshot first, dev, QA, and finally prod) so we'll be able to carefully test before it hits the big leagues.
What's this PR do?
This pull request (hopefully!) fixes an issue applying #253, where we'd try to delete the IAM user before the attached policies had been deleted. According to Terraform's documentation and this issue, adding
force_destroy
will let us delete this safely & sidestep this kaboom:How should this be reviewed?
Step one is re-adding the IAM user so we can "apply" the
force_destroy
option, step two is trying to delete it again for real. Luckily, we can conditionally apply this per workspace (e.g. Longshot first, dev, QA, and finally prod) so we'll be able to carefully test before it hits the big leagues.Any background context you want to provide?
🙃 💥
Relevant tickets
References Pivotal #169216617.
Checklist