From 9a1f62ebe24353096ce1a7f5d162a7f54380c90c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fatih=20T=C3=BCrken?= <turkenf@gmail.com>
Date: Tue, 29 Aug 2023 13:50:16 +0300
Subject: [PATCH] Remove managed_policy_arns from Movetostatus

---
 apis/iam/v1beta1/zz_generated.deepcopy.go  | 22 ++++++++++++++++++++++
 apis/iam/v1beta1/zz_role_types.go          |  7 +++++++
 config/iam/config.go                       |  8 --------
 package/crds/iam.aws.upbound.io_roles.yaml | 12 ++++++++++++
 4 files changed, 41 insertions(+), 8 deletions(-)

diff --git a/apis/iam/v1beta1/zz_generated.deepcopy.go b/apis/iam/v1beta1/zz_generated.deepcopy.go
index 2bd59c1998..164f13edd3 100644
--- a/apis/iam/v1beta1/zz_generated.deepcopy.go
+++ b/apis/iam/v1beta1/zz_generated.deepcopy.go
@@ -2152,6 +2152,17 @@ func (in *RoleInitParameters) DeepCopyInto(out *RoleInitParameters) {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
+	if in.ManagedPolicyArns != nil {
+		in, out := &in.ManagedPolicyArns, &out.ManagedPolicyArns
+		*out = make([]*string, len(*in))
+		for i := range *in {
+			if (*in)[i] != nil {
+				in, out := &(*in)[i], &(*out)[i]
+				*out = new(string)
+				**out = **in
+			}
+		}
+	}
 	if in.MaxSessionDuration != nil {
 		in, out := &in.MaxSessionDuration, &out.MaxSessionDuration
 		*out = new(float64)
@@ -2426,6 +2437,17 @@ func (in *RoleParameters) DeepCopyInto(out *RoleParameters) {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
+	if in.ManagedPolicyArns != nil {
+		in, out := &in.ManagedPolicyArns, &out.ManagedPolicyArns
+		*out = make([]*string, len(*in))
+		for i := range *in {
+			if (*in)[i] != nil {
+				in, out := &(*in)[i], &(*out)[i]
+				*out = new(string)
+				**out = **in
+			}
+		}
+	}
 	if in.MaxSessionDuration != nil {
 		in, out := &in.MaxSessionDuration, &out.MaxSessionDuration
 		*out = new(float64)
diff --git a/apis/iam/v1beta1/zz_role_types.go b/apis/iam/v1beta1/zz_role_types.go
index 1f41165bbe..61d50f00cb 100755
--- a/apis/iam/v1beta1/zz_role_types.go
+++ b/apis/iam/v1beta1/zz_role_types.go
@@ -56,6 +56,9 @@ type RoleInitParameters struct {
 	// Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. Configuring one empty block (i.e.
 	InlinePolicy []InlinePolicyInitParameters `json:"inlinePolicy,omitempty" tf:"inline_policy,omitempty"`
 
+	// Set of exclusive IAM managed policy ARNs to attach to the IAM role. Configuring an empty set (i.e.
+	ManagedPolicyArns []*string `json:"managedPolicyArns,omitempty" tf:"managed_policy_arns,omitempty"`
+
 	// Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
 	MaxSessionDuration *float64 `json:"maxSessionDuration,omitempty" tf:"max_session_duration,omitempty"`
 
@@ -148,6 +151,10 @@ type RoleParameters struct {
 	// +kubebuilder:validation:Optional
 	InlinePolicy []InlinePolicyParameters `json:"inlinePolicy,omitempty" tf:"inline_policy,omitempty"`
 
+	// Set of exclusive IAM managed policy ARNs to attach to the IAM role. Configuring an empty set (i.e.
+	// +kubebuilder:validation:Optional
+	ManagedPolicyArns []*string `json:"managedPolicyArns,omitempty" tf:"managed_policy_arns,omitempty"`
+
 	// Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
 	// +kubebuilder:validation:Optional
 	MaxSessionDuration *float64 `json:"maxSessionDuration,omitempty" tf:"max_session_duration,omitempty"`
diff --git a/config/iam/config.go b/config/iam/config.go
index 7e4a957d64..56113119eb 100644
--- a/config/iam/config.go
+++ b/config/iam/config.go
@@ -30,14 +30,6 @@ func Configure(p *config.Provider) {
 		}
 	})
 
-	p.AddResourceConfigurator("aws_iam_role", func(r *config.Resource) {
-		// Mutually exclusive with:
-		// aws_iam_policy_attachment
-		// aws_iam_role_policy_attachment
-		// aws_iam_role_policy
-		config.MoveToStatus(r.TerraformResource, "managed_policy_arns")
-	})
-
 	p.AddResourceConfigurator("aws_iam_instance_profile", func(r *config.Resource) {
 		r.References = config.References{
 			"role": config.Reference{
diff --git a/package/crds/iam.aws.upbound.io_roles.yaml b/package/crds/iam.aws.upbound.io_roles.yaml
index 46239fd420..6c433157b4 100644
--- a/package/crds/iam.aws.upbound.io_roles.yaml
+++ b/package/crds/iam.aws.upbound.io_roles.yaml
@@ -92,6 +92,12 @@ spec:
                           type: string
                       type: object
                     type: array
+                  managedPolicyArns:
+                    description: Set of exclusive IAM managed policy ARNs to attach
+                      to the IAM role. Configuring an empty set (i.e.
+                    items:
+                      type: string
+                    type: array
                   maxSessionDuration:
                     description: Maximum session duration (in seconds) that you want
                       to set for the specified role. If you do not specify a value
@@ -150,6 +156,12 @@ spec:
                           type: string
                       type: object
                     type: array
+                  managedPolicyArns:
+                    description: Set of exclusive IAM managed policy ARNs to attach
+                      to the IAM role. Configuring an empty set (i.e.
+                    items:
+                      type: string
+                    type: array
                   maxSessionDuration:
                     description: Maximum session duration (in seconds) that you want
                       to set for the specified role. If you do not specify a value