Resource ibm_iam_user_policy should support classic_infra_roles

[lionelmace]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Resource ibm_iam_user_policy should support classic_infra_roles

New or Affected Resource(s)

• ibm_iam_user_policy

Potential Terraform Configuration

Running this script

resource "ibm_iam_user_policy" "policy" {
  ibm_ids = ["[email protected]"]
  classic_infra_roles {
    # permission_set = "superuser"
    permission_set = "noacess"
  } 
}

will throw the error Blocks of type "classic_infra_roles" are not expected here.

Today you can only set classic_infra_roles when inviting a user

resource "ibm_iam_user_invite" "assign-existing-user-to-classic-infra" {
  users         = ["[email protected]"]
  classic_infra_roles {
    permission_set = "superuser"
  }
}

Yet removing this policy will also remove the user of the account. I do not want to do so.

References

• #0000