Menu
I have an existing IAM user which has a managed policy and and access key attached to it. I want to import that IAM user into my Terraform state file. I want to make sure that the policy and the access key also get imported, as next time I want to run a Terraform apply I do not want the policy and the access key to be destroyed. Has anyone any experience doing this? Thanks.
688
No, when you import a resource it will only import that resource. In the vast majority of cases (If not all) Terraform will only be touching the resource you tell it to.
So if I do a terraform import aws_iam_user.lb anAWSUser then I will only be importing that user.
It will not touch any of the keys, access policies, groups, etc. However if you ever delete this resource in Terraform - it will delete any of it's child resources (Keys, in-line policies, group associations, etc.)
Now if you have non in-line policies and groups created - if you delete your user and then re-create it, those will still exist and you'll be able to re-attach those because they are separate resources to start.
I believe all of the IAM resources can be created in Terraform; now do note that some of these have some caveats - like aws_iam_policy_attachment which will make an exclusive attachment and as such, remove any previous attachments, but just read the documentation as you start working with this and you'll know what to do!
Some other heavily used IAM resources to check out:
I'd recommend combing through the rest of the IAM resources that Terraform supports as well to get a better idea.
159
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
