func resourceAwsGlacierVaultPolicyUpdate(glacierconn *glacier.Glacier, d *schema.ResourceData) error { vaultName := d.Id() policyContents := d.Get("access_policy").(string) policy := &glacier.VaultAccessPolicy{ Policy: aws.String(policyContents), } if policyContents != "" { log.Printf("[DEBUG] Glacier Vault: %s, put policy", vaultName) _, err := glacierconn.SetVaultAccessPolicy(&glacier.SetVaultAccessPolicyInput{ VaultName: aws.String(d.Id()), Policy: policy, }) if err != nil { return fmt.Errorf("Error putting Glacier Vault policy: %s", err.Error()) } } else { log.Printf("[DEBUG] Glacier Vault: %s, delete policy: %s", vaultName, policy) _, err := glacierconn.DeleteVaultAccessPolicy(&glacier.DeleteVaultAccessPolicyInput{ VaultName: aws.String(d.Id()), }) if err != nil { return fmt.Errorf("Error deleting Glacier Vault policy: %s", err.Error()) } } return nil }