Closed s-vitaliy closed 2 months ago
Currently the provider has very annoying bug: if an IAM policy was removed externally, plan fails and the project that contains minio policies becomes unplannable.
This PR implements the following changes:
XMinioAdminNoSuchPolicy
The new behavior:
$ terraform plan minio_iam_policy.test_policy: Refreshing state... [id=state-terraform-s3] Note: Objects have changed outside of Terraform Terraform detected the following changes made outside of Terraform since the last "terraform apply": # minio_iam_policy.test_policy has been deleted - resource "minio_iam_policy" "test_policy" { - id = "state-terraform-s3" -> null - name = "state-terraform-s3" -> null - policy = jsonencode( { - Statement = [ - { - Action = [ - "s3:GetBucketLocation", - "s3:ListAllMyBuckets", ] - Effect = "Allow" - Resource = [ - "arn:aws:s3:::*", ] - Sid = "1" }, - { - Action = [ - "s3:*", ] - Condition = { - StringLike = { - s3:prefix = [ - "", - "home/", ] } } - Effect = "Allow" - Resource = [ - "arn:aws:s3:::state-terraform-s3", ] }, - { - Action = [ - "s3:DeleteObject", - "s3:PutObject", ] - Effect = "Allow" - Resource = [ - "arn:aws:s3:::state-terraform-s3", - "arn:aws:s3:::state-terraform-s3/*", ] }, ] - Version = "2012-10-17" } ) -> null } Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following plan may include actions to undo or respond to these changes. ───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # minio_iam_policy.test_policy will be created + resource "minio_iam_policy" "test_policy" { + id = (known after apply) + name = "state-terraform-s3" + policy = jsonencode( { + Statement = [ + { + Action = [ + "s3:ListAllMyBuckets", + "s3:GetBucketLocation", ] + Effect = "Allow" + Resource = "arn:aws:s3:::*" + Sid = "1" }, + { + Action = "s3:*" + Condition = { + StringLike = { + s3:prefix = [ + "", + "home/", ] } } + Effect = "Allow" + Resource = "arn:aws:s3:::state-terraform-s3" + Sid = "" }, + { + Action = [ + "s3:PutObject", + "s3:DeleteObject", ] + Effect = "Allow" + Resource = [ + "arn:aws:s3:::state-terraform-s3/*", + "arn:aws:s3:::state-terraform-s3", ] + Sid = "" }, ] + Version = "2012-10-17" } ) } Plan: 1 to add, 0 to change, 0 to destroy. Changes to Outputs: ~ minio_id = "state-terraform-s3" -> (known after apply)
Resolves #550
Handle case when an IAM policy was Removed externally
Currently the provider has very annoying bug: if an IAM policy was removed externally, plan fails and the project that contains minio policies becomes unplannable.
This PR implements the following changes:
XMinioAdminNoSuchPolicy
error code, similar to how it is handled in the minio_iam_user resource.The new behavior:
Reference
Resolves #550
Closing issues