diff --git a/internal/service/iam/group_policy_attachments_exclusive.go b/internal/service/iam/group_policy_attachments_exclusive.go index 876c700f996..bdc9dc22643 100644 --- a/internal/service/iam/group_policy_attachments_exclusive.go +++ b/internal/service/iam/group_policy_attachments_exclusive.go @@ -144,10 +144,10 @@ func (r *resourceGroupPolicyAttachmentsExclusive) Update(ctx context.Context, re resp.Diagnostics.Append(resp.State.Set(ctx, &plan)...) } -// syncAttachments handles keeping the configured customer managed policy +// syncAttachments handles keeping the configured managed IAM policy // attachments in sync with the remote resource. // -// Customer managed policies defined on this resource but not attached to +// Managed IAM policies defined on this resource but not attached to // the group will be added. Policies attached to the group but not configured // on this resource will be removed. func (r *resourceGroupPolicyAttachmentsExclusive) syncAttachments(ctx context.Context, groupName string, want []string) error { diff --git a/internal/service/iam/role_policy_attachments_exclusive.go b/internal/service/iam/role_policy_attachments_exclusive.go index c7c28108b92..a33ce17283a 100644 --- a/internal/service/iam/role_policy_attachments_exclusive.go +++ b/internal/service/iam/role_policy_attachments_exclusive.go @@ -144,10 +144,10 @@ func (r *resourceRolePolicyAttachmentsExclusive) Update(ctx context.Context, req resp.Diagnostics.Append(resp.State.Set(ctx, &plan)...) } -// syncAttachments handles keeping the configured customer managed policy +// syncAttachments handles keeping the configured managed IAM policy // attachments in sync with the remote resource. // -// Customer managed policies defined on this resource but not attached to +// Managed IAM policies defined on this resource but not attached to // the role will be added. Policies attached to the role but not configured // on this resource will be removed. func (r *resourceRolePolicyAttachmentsExclusive) syncAttachments(ctx context.Context, roleName string, want []string) error { diff --git a/internal/service/iam/user_policy_attachments_exclusive.go b/internal/service/iam/user_policy_attachments_exclusive.go index db960ec61ef..8f0226d8e5b 100644 --- a/internal/service/iam/user_policy_attachments_exclusive.go +++ b/internal/service/iam/user_policy_attachments_exclusive.go @@ -144,10 +144,10 @@ func (r *resourceUserPolicyAttachmentsExclusive) Update(ctx context.Context, req resp.Diagnostics.Append(resp.State.Set(ctx, &plan)...) } -// syncAttachments handles keeping the configured customer managed policy +// syncAttachments handles keeping the configured managed IAM policy // attachments in sync with the remote resource. // -// Customer managed policies defined on this resource but not attached to +// Managed IAM policies defined on this resource but not attached to // the user will be added. Policies attached to the user but not configured // on this resource will be removed. func (r *resourceUserPolicyAttachmentsExclusive) syncAttachments(ctx context.Context, userName string, want []string) error { diff --git a/website/docs/r/iam_group_policy_attachments_exclusive.html.markdown b/website/docs/r/iam_group_policy_attachments_exclusive.html.markdown index d984a62e157..192e850d6df 100644 --- a/website/docs/r/iam_group_policy_attachments_exclusive.html.markdown +++ b/website/docs/r/iam_group_policy_attachments_exclusive.html.markdown @@ -3,15 +3,16 @@ subcategory: "IAM (Identity & Access Management)" layout: "aws" page_title: "AWS: aws_iam_group_policy_attachments_exclusive" description: |- - Terraform resource for maintaining exclusive management of customer managed policies assigned to an AWS IAM (Identity & Access Management) group. + Terraform resource for maintaining exclusive management of managed IAM policies assigned to an AWS IAM (Identity & Access Management) group. --- + # Resource: aws_iam_group_policy_attachments_exclusive -Terraform resource for maintaining exclusive management of customer managed policies assigned to an AWS IAM (Identity & Access Management) group. +Terraform resource for maintaining exclusive management of managed IAM policies assigned to an AWS IAM (Identity & Access Management) group. -!> This resource takes exclusive ownership over customer managed policies attached to a group. This includes removal of customer managed policies which are not explicitly configured. To prevent persistent drift, ensure any `aws_iam_group_policy_attachment` resources managed alongside this resource are included in the `policy_arns` argument. +!> This resource takes exclusive ownership over managed IAM policies attached to a group. This includes removal of managed IAM policies which are not explicitly configured. To prevent persistent drift, ensure any `aws_iam_group_policy_attachment` resources managed alongside this resource are included in the `policy_arns` argument. -~> Destruction of this resource means Terraform will no longer manage reconciliation of the configured policy attachments. It __will not__ detach the configured policies from the group. +~> Destruction of this resource means Terraform will no longer manage reconciliation of the configured policy attachments. It **will not** detach the configured policies from the group. ## Example Usage @@ -24,11 +25,11 @@ resource "aws_iam_group_policy_attachments_exclusive" "example" { } ``` -### Disallow Customer Managed Policies +### Disallow Managed IAM Policies -To automatically remove any configured customer managed policies, set the `policy_arns` argument to an empty list. +To automatically remove any configured managed IAM policies, set the `policy_arns` argument to an empty list. -~> This will not __prevent__ customer managed policies from being assigned to a group via Terraform (or any other interface). This resource enables bringing customer managed policy assignments into a configured state, however, this reconciliation happens only when `apply` is proactively run. +~> This will not **prevent** managed IAM policies from being assigned to a group via Terraform (or any other interface). This resource enables bringing managed IAM policy assignments into a configured state, however, this reconciliation happens only when `apply` is proactively run. ```terraform resource "aws_iam_group_policy_attachments_exclusive" "example" { @@ -42,7 +43,7 @@ resource "aws_iam_group_policy_attachments_exclusive" "example" { The following arguments are required: * `group_name` - (Required) IAM group name. -* `policy_arns` - (Required) A list of customer managed policy ARNs to be attached to the group. Policies attached to this group but not configured in this argument will be removed. +* `policy_arns` - (Required) A list of managed IAM policy ARNs to be attached to the group. Policies attached to this group but not configured in this argument will be removed. ## Attribute Reference @@ -50,7 +51,7 @@ This resource exports no additional attributes. ## Import -In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to exclusively manage customer managed policy assignments using the `group_name`. For example: +In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to exclusively manage managed IAM policy assignments using the `group_name`. For example: ```terraform import { @@ -59,7 +60,7 @@ import { } ``` -Using `terraform import`, import exclusive management of customer managed policy assignments using the `group_name`. For example: +Using `terraform import`, import exclusive management of managed IAM policy assignments using the `group_name`. For example: ```console % terraform import aws_iam_group_policy_attachments_exclusive.example MyGroup diff --git a/website/docs/r/iam_role_policy_attachments_exclusive.html.markdown b/website/docs/r/iam_role_policy_attachments_exclusive.html.markdown index dc0458a52f5..be76bb34c2c 100644 --- a/website/docs/r/iam_role_policy_attachments_exclusive.html.markdown +++ b/website/docs/r/iam_role_policy_attachments_exclusive.html.markdown @@ -3,15 +3,16 @@ subcategory: "IAM (Identity & Access Management)" layout: "aws" page_title: "AWS: aws_iam_role_policy_attachments_exclusive" description: |- - Terraform resource for maintaining exclusive management of customer managed policies assigned to an AWS IAM (Identity & Access Management) role. + Terraform resource for maintaining exclusive management of managed IAM policies assigned to an AWS IAM (Identity & Access Management) role. --- + # Resource: aws_iam_role_policy_attachments_exclusive -Terraform resource for maintaining exclusive management of customer managed policies assigned to an AWS IAM (Identity & Access Management) role. +Terraform resource for maintaining exclusive management of managed IAM policies assigned to an AWS IAM (Identity & Access Management) role. -!> This resource takes exclusive ownership over customer managed policies attached to a role. This includes removal of customer managed policies which are not explicitly configured. To prevent persistent drift, ensure any `aws_iam_role_policy_attachment` resources managed alongside this resource are included in the `policy_arns` argument. +!> This resource takes exclusive ownership over managed IAM policies attached to a role. This includes removal of managed IAM policies which are not explicitly configured. To prevent persistent drift, ensure any `aws_iam_role_policy_attachment` resources managed alongside this resource are included in the `policy_arns` argument. -~> Destruction of this resource means Terraform will no longer manage reconciliation of the configured policy attachments. It __will not__ detach the configured policies from the role. +~> Destruction of this resource means Terraform will no longer manage reconciliation of the configured policy attachments. It **will not** detach the configured policies from the role. ## Example Usage @@ -24,11 +25,11 @@ resource "aws_iam_role_policy_attachments_exclusive" "example" { } ``` -### Disallow Customer Managed Policies +### Disallow Managed IAM Policies -To automatically remove any configured customer managed policies, set the `policy_arns` argument to an empty list. +To automatically remove any configured managed IAM policies, set the `policy_arns` argument to an empty list. -~> This will not __prevent__ customer managed policies from being assigned to a role via Terraform (or any other interface). This resource enables bringing customer managed policy assignments into a configured state, however, this reconciliation happens only when `apply` is proactively run. +~> This will not **prevent** managed IAM policies from being assigned to a role via Terraform (or any other interface). This resource enables bringing managed IAM policy assignments into a configured state, however, this reconciliation happens only when `apply` is proactively run. ```terraform resource "aws_iam_role_policy_attachments_exclusive" "example" { @@ -42,7 +43,7 @@ resource "aws_iam_role_policy_attachments_exclusive" "example" { The following arguments are required: * `role_name` - (Required) IAM role name. -* `policy_arns` - (Required) A list of customer managed policy ARNs to be attached to the role. Policies attached to this role but not configured in this argument will be removed. +* `policy_arns` - (Required) A list of managed IAM policy ARNs to be attached to the role. Policies attached to this role but not configured in this argument will be removed. ## Attribute Reference @@ -50,7 +51,7 @@ This resource exports no additional attributes. ## Import -In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to exclusively manage customer managed policy assignments using the `role_name`. For example: +In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to exclusively manage managed IAM policy assignments using the `role_name`. For example: ```terraform import { @@ -59,7 +60,7 @@ import { } ``` -Using `terraform import`, import exclusive management of customer managed policy assignments using the `role_name`. For example: +Using `terraform import`, import exclusive management of managed IAM policy assignments using the `role_name`. For example: ```console % terraform import aws_iam_role_policy_attachments_exclusive.example MyRole diff --git a/website/docs/r/iam_user_policy_attachments_exclusive.html.markdown b/website/docs/r/iam_user_policy_attachments_exclusive.html.markdown index 7916805644a..2035b6c71e8 100644 --- a/website/docs/r/iam_user_policy_attachments_exclusive.html.markdown +++ b/website/docs/r/iam_user_policy_attachments_exclusive.html.markdown @@ -3,15 +3,16 @@ subcategory: "IAM (Identity & Access Management)" layout: "aws" page_title: "AWS: aws_iam_user_policy_attachments_exclusive" description: |- - Terraform resource for maintaining exclusive management of customer managed policies assigned to an AWS IAM (Identity & Access Management) user. + Terraform resource for maintaining exclusive management of managed IAM policies assigned to an AWS IAM (Identity & Access Management) user. --- + # Resource: aws_iam_user_policy_attachments_exclusive -Terraform resource for maintaining exclusive management of customer managed policies assigned to an AWS IAM (Identity & Access Management) user. +Terraform resource for maintaining exclusive management of managed IAM policies assigned to an AWS IAM (Identity & Access Management) user. -!> This resource takes exclusive ownership over customer managed policies attached to a user. This includes removal of customer managed policies which are not explicitly configured. To prevent persistent drift, ensure any `aws_iam_user_policy_attachment` resources managed alongside this resource are included in the `policy_arns` argument. +!> This resource takes exclusive ownership over managed IAM policies attached to a user. This includes removal of managed IAM policies which are not explicitly configured. To prevent persistent drift, ensure any `aws_iam_user_policy_attachment` resources managed alongside this resource are included in the `policy_arns` argument. -~> Destruction of this resource means Terraform will no longer manage reconciliation of the configured policy attachments. It __will not__ detach the configured policies from the user. +~> Destruction of this resource means Terraform will no longer manage reconciliation of the configured policy attachments. It **will not** detach the configured policies from the user. ## Example Usage @@ -24,11 +25,11 @@ resource "aws_iam_user_policy_attachments_exclusive" "example" { } ``` -### Disallow Customer Managed Policies +### Disallow Managed IAM Policies -To automatically remove any configured customer managed policies, set the `policy_arns` argument to an empty list. +To automatically remove any configured managed IAM policies, set the `policy_arns` argument to an empty list. -~> This will not __prevent__ customer managed policies from being assigned to a user via Terraform (or any other interface). This resource enables bringing customer managed policy assignments into a configured state, however, this reconciliation happens only when `apply` is proactively run. +~> This will not **prevent** managed IAM policies from being assigned to a user via Terraform (or any other interface). This resource enables bringing managed IAM policy assignments into a configured state, however, this reconciliation happens only when `apply` is proactively run. ```terraform resource "aws_iam_user_policy_attachments_exclusive" "example" { @@ -42,7 +43,7 @@ resource "aws_iam_user_policy_attachments_exclusive" "example" { The following arguments are required: * `user_name` - (Required) IAM user name. -* `policy_arns` - (Required) A list of customer managed policy ARNs to be attached to the user. Policies attached to this user but not configured in this argument will be removed. +* `policy_arns` - (Required) A list of managed IAM policy ARNs to be attached to the user. Policies attached to this user but not configured in this argument will be removed. ## Attribute Reference @@ -50,7 +51,7 @@ This resource exports no additional attributes. ## Import -In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to exclusively manage customer managed policy assignments using the `user_name`. For example: +In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to exclusively manage managed IAM policy assignments using the `user_name`. For example: ```terraform import { @@ -59,7 +60,7 @@ import { } ``` -Using `terraform import`, import exclusive management of customer managed policy assignments using the `user_name`. For example: +Using `terraform import`, import exclusive management of managed IAM policy assignments using the `user_name`. For example: ```console % terraform import aws_iam_user_policy_attachments_exclusive.example MyUser