Skip error if role no longer exists in instance profile deletion

When performing the PreDelete step on an `InstanceProfile` that detaches a role via `RemoveRoleFromInstanceProfileWithContext` it is possible that the role no longer exists. If so, the `InstanceProfile` can no longer be deleted succesfully, repeatedly failing the `PreDelete` step. This ignores the error is `NoSuchEntity` is returned when detaching the role as the role not existing implies we should be able to proceed with the delete step for the instancep profile.
crossplane-contrib · Apr 3, 2023 · a8b9df2 · a8b9df2
1 parent 36ba63a
commit a8b9df2
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/pkg/controller/iam/instanceprofile/setup.go b/pkg/controller/iam/instanceprofile/setup.go
@@ -19,6 +19,7 @@ package instanceprofile
 import (
 	"context"
 
+	"github.com/aws/aws-sdk-go/aws/awserr"
 	svcsdk "github.com/aws/aws-sdk-go/service/iam"
 	svcsdkapi "github.com/aws/aws-sdk-go/service/iam/iamiface"
 	ctrl "sigs.k8s.io/controller-runtime"
@@ -114,5 +115,12 @@ func (u *updater) preDelete(ctx context.Context, cr *svcapitypes.InstanceProfile
 	}
 
 	_, err := u.client.RemoveRoleFromInstanceProfileWithContext(ctx, input)
+	if awsErr, ok := err.(awserr.Error); ok {
+		// If the role no longer exists, then we have already deleted the role from the instance profile.
+		if awsErr.Code() == svcsdk.ErrCodeNoSuchEntityException {
+			return false, nil
+		}
+	}
+
 	return false, err
 }