provider/aws: Query all pages of group membership

By default, group membership queries return pages of 100 users at a
time. Because of this, if there are more than 100 users in an
aws_iam_group_membership resource, the resource always reports as
needing to be changed (because it only sees 100 of the users as
existing in the group).

The group membership now queries all pages.

Fixes #6722

builtin/providers/aws/resource_aws_iam_group_membership.go

@@ -56,25 +56,35 @@ func resourceAwsIamGroupMembershipCreate(d *schema.ResourceData, meta interface{
 func resourceAwsIamGroupMembershipRead(d *schema.ResourceData, meta interface{}) error {
 	conn := meta.(*AWSClient).iamconn
 	group := d.Get("group").(string)
-	resp, err := conn.GetGroup(&iam.GetGroupInput{
-		GroupName: aws.String(group),
-	})
 
-	if err != nil {
+	var ul []string
-		if awsErr, ok := err.(awserr.Error); ok {
+	var marker *string
-			// aws specific error
+	for {
-			if awsErr.Code() == "NoSuchEntity" {
+		resp, err := conn.GetGroup(&iam.GetGroupInput{
-				// group not found
+			GroupName: aws.String(group),
-				d.SetId("")
+			Marker:    marker,
-				return nil
+		})
+
+		if err != nil {
+			if awsErr, ok := err.(awserr.Error); ok {
+				// aws specific error
+				if awsErr.Code() == "NoSuchEntity" {
+					// group not found
+					d.SetId("")
+					return nil
+				}
 			}
+			return err
 		}
-		return err
-	}
 
-	ul := make([]string, 0, len(resp.Users))
+		for _, u := range resp.Users {
-	for _, u := range resp.Users {
+			ul = append(ul, *u.UserName)
-		ul = append(ul, *u.UserName)
+		}
+
+		if !*resp.IsTruncated {
+			break
+		}
+		marker = resp.Marker
 	}
 
 	if err := d.Set("users", ul); err != nil {