Remove need to destroy/create AWS instance for iam_role_profile change

This commit is contained in:
Marcus Young 2017-02-10 12:05:29 -06:00
parent e223ec4b40
commit 7fd8be3890
1 changed files with 60 additions and 1 deletions

View File

@ -172,7 +172,6 @@ func resourceAwsInstance() *schema.Resource {
"iam_instance_profile": {
Type: schema.TypeString,
ForceNew: true,
Optional: true,
},
@ -568,6 +567,66 @@ func resourceAwsInstanceUpdate(d *schema.ResourceData, meta interface{}) error {
d.SetPartial("tags")
}
if d.HasChange("iam_instance_profile") {
request := &ec2.DescribeIamInstanceProfileAssociationsInput{
Filters: []*ec2.Filter{
&ec2.Filter{
Name: aws.String("instance-id"),
Values: []*string{aws.String(d.Id())},
},
},
}
resp, err := conn.DescribeIamInstanceProfileAssociations(request)
if err != nil {
return err
}
// An Iam Instance Profile has been provided and is pending a change
// This means it is an association or a replacement to an association
if _, ok := d.GetOk("iam_instance_profile"); ok {
// Does not have an Iam Instance Profile associated with it, need to associate
if len(resp.IamInstanceProfileAssociations) == 0 {
_, err := conn.AssociateIamInstanceProfile(&ec2.AssociateIamInstanceProfileInput{
InstanceId: aws.String(d.Id()),
IamInstanceProfile: &ec2.IamInstanceProfileSpecification{
Name: aws.String(d.Get("iam_instance_profile").(string)),
},
})
if err != nil {
return err
}
} else {
// Has an Iam Instance Profile associated with it, need to replace the association
associationId := resp.IamInstanceProfileAssociations[0].AssociationId
_, err := conn.ReplaceIamInstanceProfileAssociation(&ec2.ReplaceIamInstanceProfileAssociationInput{
AssociationId: associationId,
IamInstanceProfile: &ec2.IamInstanceProfileSpecification{
Name: aws.String(d.Get("iam_instance_profile").(string)),
},
})
if err != nil {
return err
}
}
// An Iam Instance Profile has _not_ been provided but is pending a change. This means there is a pending removal
} else {
if len(resp.IamInstanceProfileAssociations) > 0 {
// Has an Iam Instance Profile associated with it, need to remove the association
associationId := resp.IamInstanceProfileAssociations[0].AssociationId
_, err := conn.DisassociateIamInstanceProfile(&ec2.DisassociateIamInstanceProfileInput{
AssociationId: associationId,
})
if err != nil {
return err
}
}
}
}
if d.HasChange("source_dest_check") || d.IsNewResource() {
// SourceDestCheck can only be set on VPC instances // AWS will return an error of InvalidParameterCombination if we attempt
// to modify the source_dest_check of an instance in EC2 Classic