Merge pull request hashicorp#40163 from hitofuji/d-aws_iam_xxx_policy…

…_attachments_exclusive-fix

docs: update terminology from "customer managed policies" to "managed IAM policies"

internal/service/iam/group_policy_attachments_exclusive.go

@@ -144,10 +144,10 @@ func (r *resourceGroupPolicyAttachmentsExclusive) Update(ctx context.Context, re
 	resp.Diagnostics.Append(resp.State.Set(ctx, &plan)...)
 }
 
-// syncAttachments handles keeping the configured customer managed policy
+// syncAttachments handles keeping the configured managed IAM policy
 // attachments in sync with the remote resource.
 //
-// Customer managed policies defined on this resource but not attached to
+// Managed IAM policies defined on this resource but not attached to
 // the group will be added. Policies attached to the group but not configured
 // on this resource will be removed.
 func (r *resourceGroupPolicyAttachmentsExclusive) syncAttachments(ctx context.Context, groupName string, want []string) error {

internal/service/iam/role_policy_attachments_exclusive.go

@@ -144,10 +144,10 @@ func (r *resourceRolePolicyAttachmentsExclusive) Update(ctx context.Context, req
 	resp.Diagnostics.Append(resp.State.Set(ctx, &plan)...)
 }
 
-// syncAttachments handles keeping the configured customer managed policy
+// syncAttachments handles keeping the configured managed IAM policy
 // attachments in sync with the remote resource.
 //
-// Customer managed policies defined on this resource but not attached to
+// Managed IAM policies defined on this resource but not attached to
 // the role will be added. Policies attached to the role but not configured
 // on this resource will be removed.
 func (r *resourceRolePolicyAttachmentsExclusive) syncAttachments(ctx context.Context, roleName string, want []string) error {

internal/service/iam/user_policy_attachments_exclusive.go

@@ -144,10 +144,10 @@ func (r *resourceUserPolicyAttachmentsExclusive) Update(ctx context.Context, req
 	resp.Diagnostics.Append(resp.State.Set(ctx, &plan)...)
 }
 
-// syncAttachments handles keeping the configured customer managed policy
+// syncAttachments handles keeping the configured managed IAM policy
 // attachments in sync with the remote resource.
 //
-// Customer managed policies defined on this resource but not attached to
+// Managed IAM policies defined on this resource but not attached to
 // the user will be added. Policies attached to the user but not configured
 // on this resource will be removed.
 func (r *resourceUserPolicyAttachmentsExclusive) syncAttachments(ctx context.Context, userName string, want []string) error {

website/docs/r/iam_group_policy_attachments_exclusive.html.markdown

@@ -3,15 +3,16 @@ subcategory: "IAM (Identity & Access Management)"
 layout: "aws"
 page_title: "AWS: aws_iam_group_policy_attachments_exclusive"
 description: |-
-  Terraform resource for maintaining exclusive management of customer managed policies assigned to an AWS IAM (Identity & Access Management) group.
+  Terraform resource for maintaining exclusive management of managed IAM policies assigned to an AWS IAM (Identity & Access Management) group.
 ---
+
 # Resource: aws_iam_group_policy_attachments_exclusive
 
-Terraform resource for maintaining exclusive management of customer managed policies assigned to an AWS IAM (Identity & Access Management) group.
+Terraform resource for maintaining exclusive management of managed IAM policies assigned to an AWS IAM (Identity & Access Management) group.
 
-!> This resource takes exclusive ownership over customer managed policies attached to a group. This includes removal of customer managed policies which are not explicitly configured. To prevent persistent drift, ensure any `aws_iam_group_policy_attachment` resources managed alongside this resource are included in the `policy_arns` argument.
+!> This resource takes exclusive ownership over managed IAM policies attached to a group. This includes removal of managed IAM policies which are not explicitly configured. To prevent persistent drift, ensure any `aws_iam_group_policy_attachment` resources managed alongside this resource are included in the `policy_arns` argument.
 
-~> Destruction of this resource means Terraform will no longer manage reconciliation of the configured policy attachments. It __will not__ detach the configured policies from the group.
+~> Destruction of this resource means Terraform will no longer manage reconciliation of the configured policy attachments. It **will not** detach the configured policies from the group.
 
 ## Example Usage
 
@@ -24,11 +25,11 @@ resource "aws_iam_group_policy_attachments_exclusive" "example" {
 }
 ```
 
-### Disallow Customer Managed Policies
+### Disallow Managed IAM Policies
 
-To automatically remove any configured customer managed policies, set the `policy_arns` argument to an empty list.
+To automatically remove any configured managed IAM policies, set the `policy_arns` argument to an empty list.
 
-~> This will not __prevent__ customer managed policies from being assigned to a group via Terraform (or any other interface). This resource enables bringing customer managed policy assignments into a configured state, however, this reconciliation happens only when `apply` is proactively run.
+~> This will not **prevent** managed IAM policies from being assigned to a group via Terraform (or any other interface). This resource enables bringing managed IAM policy assignments into a configured state, however, this reconciliation happens only when `apply` is proactively run.
 
 ```terraform
 resource "aws_iam_group_policy_attachments_exclusive" "example" {
@@ -42,15 +43,15 @@ resource "aws_iam_group_policy_attachments_exclusive" "example" {
 The following arguments are required:
 
 * `group_name` - (Required) IAM group name.
-* `policy_arns` - (Required) A list of customer managed policy ARNs to be attached to the group. Policies attached to this group but not configured in this argument will be removed.
+* `policy_arns` - (Required) A list of managed IAM policy ARNs to be attached to the group. Policies attached to this group but not configured in this argument will be removed.
 
 ## Attribute Reference
 
 This resource exports no additional attributes.
 
 ## Import
 
-In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to exclusively manage customer managed policy assignments using the `group_name`. For example:
+In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to exclusively manage managed IAM policy assignments using the `group_name`. For example:
 
 ```terraform
 import {
@@ -59,7 +60,7 @@ import {
 }
 ```
 
-Using `terraform import`, import exclusive management of customer managed policy assignments using the `group_name`. For example:
+Using `terraform import`, import exclusive management of managed IAM policy assignments using the `group_name`. For example:
 
 ```console
 % terraform import aws_iam_group_policy_attachments_exclusive.example MyGroup

website/docs/r/iam_role_policy_attachments_exclusive.html.markdown

@@ -3,15 +3,16 @@ subcategory: "IAM (Identity & Access Management)"
 layout: "aws"
 page_title: "AWS: aws_iam_role_policy_attachments_exclusive"
 description: |-
-  Terraform resource for maintaining exclusive management of customer managed policies assigned to an AWS IAM (Identity & Access Management) role.
+  Terraform resource for maintaining exclusive management of managed IAM policies assigned to an AWS IAM (Identity & Access Management) role.
 ---
+
 # Resource: aws_iam_role_policy_attachments_exclusive
 
-Terraform resource for maintaining exclusive management of customer managed policies assigned to an AWS IAM (Identity & Access Management) role.
+Terraform resource for maintaining exclusive management of managed IAM policies assigned to an AWS IAM (Identity & Access Management) role.
 
-!> This resource takes exclusive ownership over customer managed policies attached to a role. This includes removal of customer managed policies which are not explicitly configured. To prevent persistent drift, ensure any `aws_iam_role_policy_attachment` resources managed alongside this resource are included in the `policy_arns` argument.
+!> This resource takes exclusive ownership over managed IAM policies attached to a role. This includes removal of managed IAM policies which are not explicitly configured. To prevent persistent drift, ensure any `aws_iam_role_policy_attachment` resources managed alongside this resource are included in the `policy_arns` argument.
 
-~> Destruction of this resource means Terraform will no longer manage reconciliation of the configured policy attachments. It __will not__ detach the configured policies from the role.
+~> Destruction of this resource means Terraform will no longer manage reconciliation of the configured policy attachments. It **will not** detach the configured policies from the role.
 
 ## Example Usage
 
@@ -24,11 +25,11 @@ resource "aws_iam_role_policy_attachments_exclusive" "example" {
 }
 ```
 
-### Disallow Customer Managed Policies
+### Disallow Managed IAM Policies
 
-To automatically remove any configured customer managed policies, set the `policy_arns` argument to an empty list.
+To automatically remove any configured managed IAM policies, set the `policy_arns` argument to an empty list.
 
-~> This will not __prevent__ customer managed policies from being assigned to a role via Terraform (or any other interface). This resource enables bringing customer managed policy assignments into a configured state, however, this reconciliation happens only when `apply` is proactively run.
+~> This will not **prevent** managed IAM policies from being assigned to a role via Terraform (or any other interface). This resource enables bringing managed IAM policy assignments into a configured state, however, this reconciliation happens only when `apply` is proactively run.
 
 ```terraform
 resource "aws_iam_role_policy_attachments_exclusive" "example" {
@@ -42,15 +43,15 @@ resource "aws_iam_role_policy_attachments_exclusive" "example" {
 The following arguments are required:
 
 * `role_name` - (Required) IAM role name.
-* `policy_arns` - (Required) A list of customer managed policy ARNs to be attached to the role. Policies attached to this role but not configured in this argument will be removed.
+* `policy_arns` - (Required) A list of managed IAM policy ARNs to be attached to the role. Policies attached to this role but not configured in this argument will be removed.
 
 ## Attribute Reference
 
 This resource exports no additional attributes.
 
 ## Import
 
-In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to exclusively manage customer managed policy assignments using the `role_name`. For example:
+In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to exclusively manage managed IAM policy assignments using the `role_name`. For example:
 
 ```terraform
 import {
@@ -59,7 +60,7 @@ import {
 }
 ```
 
-Using `terraform import`, import exclusive management of customer managed policy assignments using the `role_name`. For example:
+Using `terraform import`, import exclusive management of managed IAM policy assignments using the `role_name`. For example:
 
 ```console
 % terraform import aws_iam_role_policy_attachments_exclusive.example MyRole

website/docs/r/iam_user_policy_attachments_exclusive.html.markdown

@@ -3,15 +3,16 @@ subcategory: "IAM (Identity & Access Management)"
 layout: "aws"
 page_title: "AWS: aws_iam_user_policy_attachments_exclusive"
 description: |-
-  Terraform resource for maintaining exclusive management of customer managed policies assigned to an AWS IAM (Identity & Access Management) user.
+  Terraform resource for maintaining exclusive management of managed IAM policies assigned to an AWS IAM (Identity & Access Management) user.
 ---
+
 # Resource: aws_iam_user_policy_attachments_exclusive
 
-Terraform resource for maintaining exclusive management of customer managed policies assigned to an AWS IAM (Identity & Access Management) user.
+Terraform resource for maintaining exclusive management of managed IAM policies assigned to an AWS IAM (Identity & Access Management) user.
 
-!> This resource takes exclusive ownership over customer managed policies attached to a user. This includes removal of customer managed policies which are not explicitly configured. To prevent persistent drift, ensure any `aws_iam_user_policy_attachment` resources managed alongside this resource are included in the `policy_arns` argument.
+!> This resource takes exclusive ownership over managed IAM policies attached to a user. This includes removal of managed IAM policies which are not explicitly configured. To prevent persistent drift, ensure any `aws_iam_user_policy_attachment` resources managed alongside this resource are included in the `policy_arns` argument.
 
-~> Destruction of this resource means Terraform will no longer manage reconciliation of the configured policy attachments. It __will not__ detach the configured policies from the user.
+~> Destruction of this resource means Terraform will no longer manage reconciliation of the configured policy attachments. It **will not** detach the configured policies from the user.
 
 ## Example Usage
 
@@ -24,11 +25,11 @@ resource "aws_iam_user_policy_attachments_exclusive" "example" {
 }
 ```
 
-### Disallow Customer Managed Policies
+### Disallow Managed IAM Policies
 
-To automatically remove any configured customer managed policies, set the `policy_arns` argument to an empty list.
+To automatically remove any configured managed IAM policies, set the `policy_arns` argument to an empty list.
 
-~> This will not __prevent__ customer managed policies from being assigned to a user via Terraform (or any other interface). This resource enables bringing customer managed policy assignments into a configured state, however, this reconciliation happens only when `apply` is proactively run.
+~> This will not **prevent** managed IAM policies from being assigned to a user via Terraform (or any other interface). This resource enables bringing managed IAM policy assignments into a configured state, however, this reconciliation happens only when `apply` is proactively run.
 
 ```terraform
 resource "aws_iam_user_policy_attachments_exclusive" "example" {
@@ -42,15 +43,15 @@ resource "aws_iam_user_policy_attachments_exclusive" "example" {
 The following arguments are required:
 
 * `user_name` - (Required) IAM user name.
-* `policy_arns` - (Required) A list of customer managed policy ARNs to be attached to the user. Policies attached to this user but not configured in this argument will be removed.
+* `policy_arns` - (Required) A list of managed IAM policy ARNs to be attached to the user. Policies attached to this user but not configured in this argument will be removed.
 
 ## Attribute Reference
 
 This resource exports no additional attributes.
 
 ## Import
 
-In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to exclusively manage customer managed policy assignments using the `user_name`. For example:
+In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to exclusively manage managed IAM policy assignments using the `user_name`. For example:
 
 ```terraform
 import {
@@ -59,7 +60,7 @@ import {
 }
 ```
 
-Using `terraform import`, import exclusive management of customer managed policy assignments using the `user_name`. For example:
+Using `terraform import`, import exclusive management of managed IAM policy assignments using the `user_name`. For example:
 
 ```console
 % terraform import aws_iam_user_policy_attachments_exclusive.example MyUser