As AWS does not allow for in-place updates of certain resources (Role, PolicyAttachment, ...) we currently delete the previous resource, and recreate it. This might cause issues, when hitting resource limits?
How to make this safe? The point is, if this happens in production due to something triggering the re-creation, this might leave a Role uncreated and cause services, using this role, to fail. Not sure about it...
As AWS does not allow for in-place updates of certain resources (Role, PolicyAttachment, ...) we currently delete the previous resource, and recreate it. This might cause issues, when hitting resource limits?
How to make this safe? The point is, if this happens in production due to something triggering the re-creation, this might leave a Role uncreated and cause services, using this role, to fail. Not sure about it...
https://github.com/redradrat/aws-iam-operator/blob/54e6ee578c70905a8312aa20102a25b0fcb04358/controllers/role_controller.go#L154-L177