[AWS] aws_opsworks_permission: cannot set permissions for own user

[NicolasFrossard]

Terraform Version

Terraform v0.8.2

Affected Resource

aws_opsworks_permission

Terraform Configuration Files

resource aws_opsworks_permission sudo_users {
  allow_ssh = true
  allow_sudo = true
  user_arn = MY_OWN_USER_ARN
  stack_id = MY_STACK_ID
}

Expected Behavior

Changing the instance access permissions "allow ssh" and "allow sudo" of my own user in the Opsworks stack permisions

Actual Behavior

AWS responded with status code 400, stating:

ValidationException: Unable to change own permission level. Only AllowSsh and AllowSudo allowed.

It appears that Terraform is setting the level in the AWS SetPermission request, although level was omitted in the Terraform resource (which is ok since it is optional).

This is then rejected by AWS, as a user is not allowed to set his own permission level.

Steps to Reproduce

1. Use the configuration above to define a resource changing the Stack instance access permissions of your own user
2. terraform plan
3. terraform apply

References

There was a fix concerning the level in this resource: #9104

We believe this introduced the problem, since we didn't encounter it with previous versions of Terraform. We also noticed that there was no acceptance test for this resource that does not set the level.

Thanks a lot! I'm looking forward to hearing from you.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.