Remove need to destroy/create AWS instance for iam_role_profile change
This commit is contained in:
Marcus Young
parent
e223ec4b40
commit
7fd8be3890
|
|
@ -172,7 +172,6 @@ func resourceAwsInstance() *schema.Resource {
|
||||||
|
|
||||||
"iam_instance_profile": {
|
"iam_instance_profile": {
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
ForceNew: true,
|
|
||||||
Optional: true,
|
Optional: true,
|
||||||
},
|
},
|
||||||
|
|
||||||
|
|
@ -568,6 +567,66 @@ func resourceAwsInstanceUpdate(d *schema.ResourceData, meta interface{}) error {
|
||||||
d.SetPartial("tags")
|
d.SetPartial("tags")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if d.HasChange("iam_instance_profile") {
|
||||||
|
request := &ec2.DescribeIamInstanceProfileAssociationsInput{
|
||||||
|
Filters: []*ec2.Filter{
|
||||||
|
&ec2.Filter{
|
||||||
|
Name: aws.String("instance-id"),
|
||||||
|
Values: []*string{aws.String(d.Id())},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
resp, err := conn.DescribeIamInstanceProfileAssociations(request)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
// An Iam Instance Profile has been provided and is pending a change
|
||||||
|
// This means it is an association or a replacement to an association
|
||||||
|
if _, ok := d.GetOk("iam_instance_profile"); ok {
|
||||||
|
// Does not have an Iam Instance Profile associated with it, need to associate
|
||||||
|
if len(resp.IamInstanceProfileAssociations) == 0 {
|
||||||
|
_, err := conn.AssociateIamInstanceProfile(&ec2.AssociateIamInstanceProfileInput{
|
||||||
|
InstanceId: aws.String(d.Id()),
|
||||||
|
IamInstanceProfile: &ec2.IamInstanceProfileSpecification{
|
||||||
|
Name: aws.String(d.Get("iam_instance_profile").(string)),
|
||||||
|
},
|
||||||
|
})
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
} else {
|
||||||
|
// Has an Iam Instance Profile associated with it, need to replace the association
|
||||||
|
associationId := resp.IamInstanceProfileAssociations[0].AssociationId
|
||||||
|
|
||||||
|
_, err := conn.ReplaceIamInstanceProfileAssociation(&ec2.ReplaceIamInstanceProfileAssociationInput{
|
||||||
|
AssociationId: associationId,
|
||||||
|
IamInstanceProfile: &ec2.IamInstanceProfileSpecification{
|
||||||
|
Name: aws.String(d.Get("iam_instance_profile").(string)),
|
||||||
|
},
|
||||||
|
})
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// An Iam Instance Profile has _not_ been provided but is pending a change. This means there is a pending removal
|
||||||
|
} else {
|
||||||
|
if len(resp.IamInstanceProfileAssociations) > 0 {
|
||||||
|
// Has an Iam Instance Profile associated with it, need to remove the association
|
||||||
|
associationId := resp.IamInstanceProfileAssociations[0].AssociationId
|
||||||
|
|
||||||
|
_, err := conn.DisassociateIamInstanceProfile(&ec2.DisassociateIamInstanceProfileInput{
|
||||||
|
AssociationId: associationId,
|
||||||
|
})
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if d.HasChange("source_dest_check") || d.IsNewResource() {
|
if d.HasChange("source_dest_check") || d.IsNewResource() {
|
||||||
// SourceDestCheck can only be set on VPC instances // AWS will return an error of InvalidParameterCombination if we attempt
|
// SourceDestCheck can only be set on VPC instances // AWS will return an error of InvalidParameterCombination if we attempt
|
||||||
// to modify the source_dest_check of an instance in EC2 Classic
|
// to modify the source_dest_check of an instance in EC2 Classic
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue