I’ve imported a role with two inline policies.
I then added a dynamic “import_policy” entry that accepts a list of policies and defines them on the role. The idea is to model the aws_iam_role resource to match the existing inline_policy, so there is a no-op when running the initial apply.
But for some reason Terraform plan always picks up a change, removing two inline_policy records and adding two new inline_policy records - even though these records are exactly the same.
Is this expected? Does this mean that if I want to model inline policies as inline_policy blocks within an aws_iam_role resource that they will always be replaced the first time, even if the policies are exactly the same as the ones loaded during the initial import?