Merge pull request #14153 from olemarkus/ignore-404-deletion

Ignore entities not found when deleting IAM roles and profiles
2022-08-20 10:45:35 -07:00 · 2022-08-20 10:45:35 -07:00 · 87de208fcd
parent 92a456283c 578e27bb5f
commit 87de208fcd
1 changed files with 13 additions and 3 deletions
--- a/pkg/resources/aws/aws.go
+++ b/pkg/resources/aws/aws.go
@ -2003,10 +2003,15 @@ func ListIAMRoles(cloud fi.Cloud, clusterName string) ([]*resources.Resource, er
 				getRequest := &iam.GetRoleInput{RoleName: r.RoleName}
 				roleOutput, err := c.IAM().GetRole(getRequest)
 				if err != nil {
-					if awserror, ok := err.(awserr.RequestFailure); ok && awserror.StatusCode() == 403 {
-						klog.Warningf("failed to determine ownership of %q: %v", *r.RoleName, awserror)
+					if awserror, ok := err.(awserr.RequestFailure); ok {
+						if awserror.StatusCode() == 403 {
+							klog.Warningf("failed to determine ownership of %q: %v", *r.RoleName, awserror)

-						return true
+							return true
+						} else if awserror.StatusCode() == 404 {
+							klog.Warningf("could not find instance profile %q. Resource may already have been deleted: %v", name, awserror)
+							return true
+						}
 					} else {
 						getRoleErr = fmt.Errorf("calling IAM GetRole on %s: %w", name, err)
 						return false
@ -2088,6 +2093,11 @@ func ListIAMInstanceProfiles(cloud fi.Cloud, clusterName string) ([]*resources.R
 			getRequest := &iam.GetInstanceProfileInput{InstanceProfileName: p.InstanceProfileName}
 			profileOutput, err := c.IAM().GetInstanceProfile(getRequest)
 			if err != nil {
+				if awserror, ok := err.(awserr.RequestFailure); ok {
+					if awserror.StatusCode() == 404 {
+						klog.Warningf("could not find instance profile %q. Resource may already have been deleted: %v", *p.InstanceProfileName, awserror)
+					}
+				}
 				getProfileErr = fmt.Errorf("calling IAM GetInstanceProfile on %s: %w", name, err)
 				return false
 			}