我们的主要目标是将一些资源转移到不同的地形状态。我试图导入资源的策略附件,但似乎它不支持导入策略附件。我收到一个错误。
如果它不支持,另一种选择是什么?
我正在尝试导入此政策
+ aws_iam_role_policy_attachment.gitlab_as_attach
id: <computed>
policy_arn: "arn:aws:iam::xxxxxxxxxxxx:policy/gitlab_as_policy"
role: "gitlab_prod"
错误:
terraform import aws_iam_role_policy_attachment.gitlab_as_attach arn:aws:iam::xxxxxxxxx:policy/gitlab_as_policy
aws_iam_role_policy_attachment.gitlab_as_attach: Importing from ID "arn:aws:iam::xxxxxxxx:policy/gitlab_as_policy"...
Error importing: 1 error(s) occurred:
* aws_iam_role_policy_attachment.gitlab_as_attach (import id: arn:aws:iam::xxxxxxxxxx:policy/gitlab_as_policy): import aws_iam_role_policy_attachment.gitlab_as_attach (id: arn:aws:iam::xxxxxxxxxx:policy/gitlab_as_policy): resource aws_iam_role_policy_attachment doesn't support import
terraform版本:
Terraform v0.11.0
+ provider.aws v1.5.0
答案 0 :(得分:4)
在1.37.0中,provider.aws插件已解决此问题。请升级与terraform相关的插件和模块。
要升级插件,请运行以下命令
terraform init -upgrade
要升级模块,请运行以下命令
terraform get -update
有关更多信息,请查看与地形相关的缺陷和增强功能
我今天运行了aws_iam_role_policy_attachment的导入,并且成功。
terraform import -provider=aws.{example} aws_iam_role_policy_attachment.role-attach-1 {test-role}/arn:aws:iam::aws:policy/ReadOnlyAccess
aws_iam_role_policy_attachment.role-attach-1: Importing from ID "{test-role}/arn:aws:iam::aws:policy/ReadOnlyAccess"...
aws_iam_role_policy_attachment.role-attach-1: Import complete!
Imported aws_iam_role_policy_attachment (ID: {test-role}-arn:aws:iam::aws:policy/ReadOnlyAccess)
aws_iam_role_policy_attachment.role-attach-1: Refreshing state... (ID: {test-role}-arn:aws:iam::aws:policy/ReadOnlyAccess)
我希望这会有所帮助。
答案 1 :(得分:1)
编辑:编写并合并了new PR,并添加了此版本的新版AWS Terraform提供程序(1.37.0)。这个答案现在不再有效了;看看Momooo的答案是如何做到的。
不幸的是,AWS Terraform提供商暂时只有open issue,PR that would fix it被放弃了。您可以尝试分离策略,刷新terraform,执行导入,然后在导入后重新附加。
答案 2 :(得分:0)
只需运行terraform apply