From b2a3104118c9cb41f7c97085e99a8d83438174f6 Mon Sep 17 00:00:00 2001
From: Radek Simko <radek.simko@gmail.com>
Date: Thu, 18 Aug 2016 16:43:40 +0100
Subject: [PATCH] provider/aws: Explain better why we retry IAM role creation
 (#8286)

---
 builtin/providers/aws/resource_aws_iam_role.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/builtin/providers/aws/resource_aws_iam_role.go b/builtin/providers/aws/resource_aws_iam_role.go
index 7e56e79d8..0ae039aa8 100644
--- a/builtin/providers/aws/resource_aws_iam_role.go
+++ b/builtin/providers/aws/resource_aws_iam_role.go
@@ -108,8 +108,8 @@ func resourceAwsIamRoleCreate(d *schema.ResourceData, meta interface{}) error {
 	err := resource.Retry(30*time.Second, func() *resource.RetryError {
 		var err error
 		createResp, err = iamconn.CreateRole(request)
-		// IAM roles can take ~30 seconds to propagate in AWS:
-		// http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#launch-instance-with-role-console
+		// IAM users (referenced in Principal field of assume policy)
+		// can take ~30 seconds to propagate in AWS
 		if isAWSErr(err, "MalformedPolicyDocument", "Invalid principal in policy") {
 			return resource.RetryableError(err)
 		}