Importing terraform aws_iam_policy

Question

I'm trying to import a terraform aws_iam_policy that gets automatically added by automation I don't own. The import seems to work but once I run a terraform plan I get the following error

* aws_iam_policy.mypolicy1: "policy": required field is not set

I'm running the terraform import as follows.

terraform import aws_iam_policy.mypolicy1 <myarn>

Here is my relevant terraform config

resource "aws_iam_policy" "mypolicy1" {

}

resource "aws_iam_role_policy_attachment" "mypolicy1_attachment`" {
    role       = "${aws_iam_role.myrole1.name}"
    policy_arn = "${aws_iam_policy.mypolicy1.arn}"
}

resource "aws_iam_role" "myrole1" {
     name = "myrole1"
     assume_role_policy = "${file("../policies/ecs-role.json")}"
}

I double checked that the terraform.tfstate included the policy i'm trying to import. Is there something else I'm missing here?

Answer 1

You still need to provide the required fields in the Terraform configuration for the plan to work.

If you remove the aws_iam_policy resource from your configuration and run a plan after importing the policy you should see that Terraform wants to destroy the policy because it is in the state file but not in the configuration.

Simply setup your aws_iam_policy resource to match the imported policy and then a plan should show no changes.