r/aws_iam_user: Cannot update `name` and `tag` within the same apply

[jar-b]

Terraform and AWS Provider Version

terraform version
Terraform v1.14.0-beta3
on darwin_arm64
+ provider registry.terraform.io/hashicorp/aws v6.26.0

Affected Resource(s) or Data Source(s)

• aws_iam_user

Expected Behavior

When changing name and tags in the same apply operation, both changes are applied.

Actual Behavior

Tag modification fails and no changes are made at all.

Relevant Error/Panic Output

% terraform apply -auto-approve
aws_iam_user.example: Refreshing state... [id=test-user-initial]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # aws_iam_user.example will be updated in-place
  ~ resource "aws_iam_user" "example" {
        id                   = "test-user-initial"
      ~ name                 = "test-user-initial" -> "test-user-updated"
      ~ tags                 = {
          ~ "Environment" = "dev" -> "prod"
        }
      ~ tags_all             = {
          ~ "Environment" = "dev" -> "prod"
        }
        # (5 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.
aws_iam_user.example: Modifying... [id=test-user-initial]
╷
│ Error: updating tags for IAM (Identity & Access Management) User (test-user-updated): tagging resource (test-user-updated): operation error IAM: TagUser, https response error StatusCode: 404, RequestID: aa5570af-1cbf-419e-a239-f2da35e1193d, NoSuchEntity: The user with name test-user-updated cannot be found.
│
│   with aws_iam_user.example,
│   on main.tf line 13, in resource "aws_iam_user" "example":
│   13: resource "aws_iam_user" "example" {
│

Sample Terraform Configuration

Click to expand configuration

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 6.0"
    }
  }
}

# Configure the AWS Provider
provider "aws" {}

resource "aws_iam_user" "example" {
  # Step 1: Initial creation
  name = "test-user-initial"
  tags = {
    Environment = "dev"
  }

  # Step 2: Update name and tags simultaneously
  # name = "test-user-updated"
  # tags = {
  #   Environment = "prod"
  # }
}

Steps to Reproduce

1. Apply the configuration above.
2. Comment out the "Step 1" section, uncomment "Step 2".
3. Observe error.

[github-actions]

Community Guidelines

This comment is added to every new Issue to provide quick reference to how the Terraform AWS Provider is maintained. Please review the information below, and thank you for contributing to the community that keeps the provider thriving! 🚀

Voting for Prioritization

• Please vote on this Issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize it.
• Please see our prioritization guide for additional information on how the maintainers handle prioritization.
• Please do not leave +1 or other comments that do not add relevant new information or questions; they generate extra noise for others following the Issue and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.
• For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.