Modify group aws with module

[hashibot]

This issue was originally opened by @inceptor as hashicorp/terraform#14692. It was migrated here as part of the provider split. The original body of the issue is below.

---

Hello,

This is my first post, so, if I do some mistake (naming, leak of informations, etc) claim it!

I trying to create groups iam (on aws) by a TF module.
This module take a var list with names of groups in param (ex: names=["dev", "ops"]).
The module will create these groups (with the count).

The groups creation work. But, when I try to change a name of one group in the var list (ex: names=["develop", "ops"]), the modification work but the TF state is... Not updated.

Terraform Version

v9.4

Affected Resource(s)

• module
• aws_iam_group

Terraform Configuration Files

main.tf

module "group" {
  source = "../../../../../modules/iam/group"

  groups_names = "${var.names}"
}

output "names" {
  value = ["${module.group.names}"]
}

module group

resource "aws_iam_group" "groups" {
  count = "${length(var.groups_names)}"

  name  = "${element(var.groups_names, count.index)}"
  path  = "/"

  lifecycle {
    create_before_destroy = false
  }
}

output "names" {
  value = ["${aws_iam_group.groups.*.name}"]
}

Example of tfvars

Original :
names = ["dev", "tester", "ops"]

Modification :
names = ["develop", "test", "ops"]

Debug Output

Before modification :

• tfvars use : names = ["team-billing", "team-exploit", "**team-feme**", "team-infra", "team-tel", "team-prem"]
• cmd : terraform apply
• https://gist.github.com/inceptor/ce50de57eb03acc0b4104f9d98dbdaef

After modification :

• tfvars use : names = ["team-billing", "team-exploit", "**team-fem**", "team-infra", "team-tel", "team-prem"]
• cmd : terraform apply
• https://gist.github.com/inceptor/a9f7fefceed8d332e98ad1167ed59e74

If I do terraform show, there is no trace of team-fem or groups.2

Panic Output

If I redo an apply :

• tfvars use : names = ["team-billing", "team-exploit", "**team-fem**", "team-infra", "team-tel", "team-prem"]
• cmd : terraform apply
• https://gist.github.com/inceptor/2d5cddc9b45c3430a4838f9989ba71e5

Expected Behavior

Just a group renaming without error

Actual Behavior

Error, the group "EntityAlreadyExists".
In AWS, the group is well renamed.
But the TF state is not update or no trace of the ressource ?

Steps to Reproduce

1. Put group names in the var list "names"
2. terraform apply
3. The groups are created. Change the name of one or more groups and do : terraform apply
4. The group(s) is renamed but if you redo terraform applythere is an error "EntityAlreadyExists"

Important Factoids

None.

Thank you for your help !

[bflad]

Closing this issue to focus discussion and efforts in the earlier duplicate: #620

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!