IAM Authorization Policy Conflict #466
Description
TestSecurityEnforcedSolutionInSchematics fails consistently in weekly CI/CD with IAM policy conflict error (409):
Error: The policy wasn't created because an access policy with identical attributes and roles already exists.
Please update the rule in the existing policy (1cacde84-ec02-4090-96bb-fbc85bc2f23e)
with module.event_streams.ibm_iam_authorization_policy.es_s2s_policy[0],
on ../../main.tf line 179
Root Cause
Both TestFSCloudInSchematics and TestSecurityEnforcedSolutionInSchematics use:
- Same source Event Streams instance (
permanentResources["event_streams_us_south_crn"]) - Same shared resource group (
resourceGroup) - Creates identical IAM authorization policies for mirroring