Merge branch 'stripe-paginate_roles'

builtin/providers/aws/resource_aws_iam_group_membership_test.go

@@ -157,12 +157,10 @@ func testAccCheckAWSGroupMembershipAttributes(group *iam.GetGroupOutput, users [
 const testAccAWSGroupMemberConfig = `
 resource "aws_iam_group" "group" {
 	name = "test-group-%s"
-	path = "/"
 }
 
 resource "aws_iam_user" "user" {
 	name = "test-user-%s"
-	path = "/"
 }
 
 resource "aws_iam_group_membership" "team" {
@@ -175,22 +173,18 @@ resource "aws_iam_group_membership" "team" {
 const testAccAWSGroupMemberConfigUpdate = `
 resource "aws_iam_group" "group" {
 	name = "test-group-%s"
-	path = "/"
 }
 
 resource "aws_iam_user" "user" {
 	name = "test-user-%s"
-	path = "/"
 }
 
 resource "aws_iam_user" "user_two" {
 	name = "test-user-two-%s"
-	path = "/"
 }
 
 resource "aws_iam_user" "user_three" {
 	name = "test-user-three-%s"
-	path = "/"
 }
 
 resource "aws_iam_group_membership" "team" {
@@ -206,12 +200,10 @@ resource "aws_iam_group_membership" "team" {
 const testAccAWSGroupMemberConfigUpdateDown = `
 resource "aws_iam_group" "group" {
 	name = "test-group-%s"
-	path = "/"
 }
 
 resource "aws_iam_user" "user_three" {
 	name = "test-user-three-%s"
-	path = "/"
 }
 
 resource "aws_iam_group_membership" "team" {
@@ -226,7 +218,6 @@ resource "aws_iam_group_membership" "team" {
 const testAccAWSGroupMemberConfigPaginatedUserList = `
 resource "aws_iam_group" "group" {
 	name = "test-paginated-group"
-	path = "/"
 }
 
 resource "aws_iam_group_membership" "team" {
@@ -238,6 +229,5 @@ resource "aws_iam_group_membership" "team" {
 resource "aws_iam_user" "user" {
 	count = 101
 	name = "${format("paged-test-user-%d", count.index + 1)}"
-	path = "/"
 }
 `

builtin/providers/aws/resource_aws_iam_policy_attachment.go

@@ -103,29 +103,30 @@ func resourceAwsIamPolicyAttachmentRead(d *schema.ResourceData, meta interface{}
 		return err
 	}
 
-	policyEntities, err := conn.ListEntitiesForPolicy(&iam.ListEntitiesForPolicyInput{
+	ul := make([]string, 0)
+	rl := make([]string, 0)
+	gl := make([]string, 0)
+
+	args := iam.ListEntitiesForPolicyInput{
 		PolicyArn: aws.String(arn),
-	})
-
-	if err != nil {
-		return err
 	}
-
+	err = conn.ListEntitiesForPolicyPages(&args, func(page *iam.ListEntitiesForPolicyOutput, lastPage bool) bool {
-	ul := make([]string, 0, len(policyEntities.PolicyUsers))
+		for _, u := range page.PolicyUsers {
-	rl := make([]string, 0, len(policyEntities.PolicyRoles))
-	gl := make([]string, 0, len(policyEntities.PolicyGroups))
-
-	for _, u := range policyEntities.PolicyUsers {
 			ul = append(ul, *u.UserName)
 		}
 
-	for _, r := range policyEntities.PolicyRoles {
+		for _, r := range page.PolicyRoles {
 			rl = append(rl, *r.RoleName)
 		}
 
-	for _, g := range policyEntities.PolicyGroups {
+		for _, g := range page.PolicyGroups {
 			gl = append(gl, *g.GroupName)
 		}
+		return true
+	})
+	if err != nil {
+		return err
+	}
 
 	userErr := d.Set("users", ul)
 	roleErr := d.Set("roles", rl)

builtin/providers/aws/resource_aws_iam_policy_attachment_test.go

@@ -35,8 +35,26 @@ func TestAccAWSPolicyAttachment_basic(t *testing.T) {
 		},
 	})
 }
-func testAccCheckAWSPolicyAttachmentDestroy(s *terraform.State) error {
 
+func TestAccAWSPolicyAttachment_paginatedEntities(t *testing.T) {
+	var out iam.ListEntitiesForPolicyOutput
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSPolicyAttachmentDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccAWSPolicyPaginatedAttachConfig,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSPolicyAttachmentExists("aws_iam_policy_attachment.test-paginated-attach", 101, &out),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckAWSPolicyAttachmentDestroy(s *terraform.State) error {
 	return nil
 }
 
@@ -74,6 +92,7 @@ func testAccCheckAWSPolicyAttachmentExists(n string, c int64, out *iam.ListEntit
 		return nil
 	}
 }
+
 func testAccCheckAWSPolicyAttachmentAttributes(users []string, roles []string, groups []string, out *iam.ListEntitiesForPolicyOutput) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		uc := len(users)
@@ -130,7 +149,6 @@ resource "aws_iam_role" "role" {
 }
 EOF
 }
-
 resource "aws_iam_group" "group" {
     name = "test-group"
 }
@@ -276,3 +294,35 @@ resource "aws_iam_policy_attachment" "test-attach" {
     policy_arn = "${aws_iam_policy.policy.arn}"
 }
 `
+
+const testAccAWSPolicyPaginatedAttachConfig = `
+resource "aws_iam_user" "user" {
+    count = 101
+    name = "${format("paged-test-user-%d", count.index + 1)}"
+}
+
+resource "aws_iam_policy" "policy" {
+    name = "test-policy"
+    description = "A test policy"
+    policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": [
+        "iam:ChangePassword"
+      ],
+      "Resource": "*",
+      "Effect": "Allow"
+    }
+  ]
+}
+EOF
+}
+
+resource "aws_iam_policy_attachment" "test-paginated-attach" {
+    name = "test-attachment"
+    users = ["${aws_iam_user.user.*.name}"]
+    policy_arn = "${aws_iam_policy.policy.arn}"
+}
+`

builtin/providers/aws/resource_aws_iam_role_policy_attachment.go

@@ -67,20 +67,22 @@ func resourceAwsIamRolePolicyAttachmentRead(d *schema.ResourceData, meta interfa
 		return err
 	}
 
-	attachedPolicies, err := conn.ListAttachedRolePolicies(&iam.ListAttachedRolePoliciesInput{
+	args := iam.ListAttachedRolePoliciesInput{
 		RoleName: aws.String(role),
-	})
-	if err != nil {
-		return err
 	}
-
 	var policy string
-	for _, p := range attachedPolicies.AttachedPolicies {
+	err = conn.ListAttachedRolePoliciesPages(&args, func(page *iam.ListAttachedRolePoliciesOutput, lastPage bool) bool {
+		for _, p := range page.AttachedPolicies {
 			if *p.PolicyArn == arn {
 				policy = *p.PolicyArn
 			}
 		}
 
+		return policy == ""
+	})
+	if err != nil {
+		return err
+	}
 	if policy == "" {
 		log.Printf("[WARN] No such policy found for Role Policy Attachment (%s)", role)
 		d.SetId("")