Confusion about "aws_iam_role.managed_policy_arns" attribute


I am upgrading the AWS provider and stumbled onto the fairly new attribute aws_iam_role.managed_polcy_arns The documentation for this attribute includes this statement:

If this attribute is not configured, Terraform will ignore policy attachments to this resource.

What does that mean? My code does not configure this attribute but has a aws_iam_role_policy_attachement resource which is incompatible with this attribute. Will it be ignored?

Background: Terraform wants to add the new attribute with the arn from the attachment to the state. In my view that would create an inconsistent state since it conflicts with my existing attachment.

I am not sure if this is a bug or if I am misreading the documentation.


I also found the semantics / documentation of managed_policy_arns confusing, to the point where I flailed around a bit on one of the related feature requests:

Hopefully the discussion at the end (between @lorengordon and myself) helps dispel the confusion – and if you have suggestions for better phrasing (which would hopefully bypassed the confusion we both had on this attribute), I believe it would be welcome.