通过Terraform部署到AWS时,我得到了重复的现有资源错误。
Error: Error creating IAM Role SecuritySearchAPITaskRole: EntityAlreadyExists: Role with name SecuritySearchAPITaskRole already exists.
status code: 409, request id: cf5ae1f4-de6a-11e9-a7b1-d3cdff4db013
on deploy/modules/ecs-fargate-service/iam.tf line 1, in resource "aws_iam_role" "task":
1: resource "aws_iam_role" "task" {
基于上述错误,它是名称为SecuritySearchAPITaskRole
的现有IAM角色。我认为解决方案是将资源导入到我的本地Terraform状态,但是如何找到需要使用的资源ID。我可以在AWS IAM控制台上找到此角色,但似乎没有ID。我还尝试运行terraform plan
,这给了我
+ resource "aws_iam_role" "task" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "ecs-tasks.amazonaws.com"
}
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ description = "Task role for the SecuritySearchAPI service"
+ force_detach_policies = false
+ id = (known after apply)
+ max_session_duration = 3600
+ name = "SecuritySearchAPITaskRole"
+ path = "/"
+ tags = {
+ "Application" = "Security Search"
+ "Client" = "IRESS"
+ "DataClassification" = "NoData"
+ "Name" = "SecuritySearchAPI Task Role"
+ "Owner" = "platform"
+ "Product" = "SharedServices"
+ "Schedule" = "False"
+ "Service" = "Search"
+ "TaggingStandardVersion" = "3"
}
+ unique_id = (known after apply)
}
您会看到未创建Apply之后知道的id =
。如何找到IAM角色的ID?
答案 0 :(得分:0)
好吧,我发现了这个文档https://www.terraform.io/docs/providers/aws/r/iam_role.html#import,可以在role name
命令中使用terraform import
作为ID。