Fixes #11258 (#12595)

If the user_arn changes on the user_profile resource we should delete it and recreate it instead of attempting to modify it incorrectly and causing the terraform apply to fail. I also added an acceptance test that will trigger this case.
2025-02-25 18:45:20 -06:00 · 2017-03-13 02:05:22 -07:00 · 2017-03-13 02:05:22 -07:00 · f28c811534
commit f28c811534
parent 1a957a0481
2 changed files with 40 additions and 6 deletions
--- a/builtin/providers/aws/resource_aws_opsworks_user_profile.go
+++ b/builtin/providers/aws/resource_aws_opsworks_user_profile.go
@ -26,6 +26,7 @@ func resourceAwsOpsworksUserProfile() *schema.Resource {
 			"user_arn": &schema.Schema{
 				Type:     schema.TypeString,
 				Required: true,
+				ForceNew: true,
 			},

 			"allow_self_management": &schema.Schema{
--- a/builtin/providers/aws/resource_aws_opsworks_user_profile_test.go
+++ b/builtin/providers/aws/resource_aws_opsworks_user_profile_test.go
@ -14,14 +14,14 @@ import (

 func TestAccAWSOpsworksUserProfile(t *testing.T) {
 	rName := fmt.Sprintf("test-user-%d", acctest.RandInt())
-	roleName := fmt.Sprintf("tf-ops-user-profile-%d", acctest.RandInt())
+	updateRName := fmt.Sprintf("test-user-%d", acctest.RandInt())
 	resource.Test(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t) },
 		Providers:    testAccProviders,
 		CheckDestroy: testAccCheckAwsOpsworksUserProfileDestroy,
 		Steps: []resource.TestStep{
 			resource.TestStep{
-				Config: testAccAwsOpsworksUserProfileCreate(rName, roleName),
+				Config: testAccAwsOpsworksUserProfileCreate(rName),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSOpsworksUserProfileExists(
 						"aws_opsworks_user_profile.user", rName),
@ -36,6 +36,22 @@ func TestAccAWSOpsworksUserProfile(t *testing.T) {
 					),
 				),
 			},
+			resource.TestStep{
+				Config: testAccAwsOpsworksUserProfileUpdate(rName, updateRName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSOpsworksUserProfileExists(
+						"aws_opsworks_user_profile.user", updateRName),
+					resource.TestCheckResourceAttr(
+						"aws_opsworks_user_profile.user", "ssh_public_key", "",
+					),
+					resource.TestCheckResourceAttr(
+						"aws_opsworks_user_profile.user", "ssh_username", updateRName,
+					),
+					resource.TestCheckResourceAttr(
+						"aws_opsworks_user_profile.user", "allow_self_management", "false",
+					),
+				),
+			},
 		},
 	})
 }
@ -114,7 +130,7 @@ func testAccCheckAwsOpsworksUserProfileDestroy(s *terraform.State) error {
 	return nil
 }

-func testAccAwsOpsworksUserProfileCreate(rn, roleName string) string {
+func testAccAwsOpsworksUserProfileCreate(rn string) string {
 	return fmt.Sprintf(`
 resource "aws_opsworks_user_profile" "user" {
  user_arn = "${aws_iam_user.user.arn}"
@ -125,7 +141,24 @@ resource "aws_iam_user" "user" {
 	name = "%s"
 	path = "/"
 }
-
-%s
-	`, rn, testAccAwsOpsworksStackConfigNoVpcCreate(roleName))
+	`, rn)
+}
+
+func testAccAwsOpsworksUserProfileUpdate(rn, updateRn string) string {
+	return fmt.Sprintf(`
+resource "aws_opsworks_user_profile" "user" {
+  user_arn = "${aws_iam_user.new-user.arn}"
+  ssh_username = "${aws_iam_user.new-user.name}"
+}
+
+resource "aws_iam_user" "user" {
+	name = "%s"
+	path = "/"
+}
+
+resource "aws_iam_user" "new-user" {
+	name = "%s"
+	path = "/"
+}
+	`, rn, updateRn)
 }