Amazon web services 未使用terraform导入导入策略_Amazon Web Services_Terraform

Amazon web services 未使用terraform导入导入策略

amazon-web-services terraform

Amazon web services 未使用terraform导入导入策略,amazon-web-services,terraform,Amazon Web Services,Terraform,我使用aws控制台手动创建了一个名为demo_role的角色。我为这个角色附加了一个策略。我跑并成功地将其导入到状态文件中。但是，terraform show不显示我附加到它的策略。我错过了什么地形显示输出 aws_iam_role.demo_role: id = demo_role arn = arn:aws:iam::***********:role/demo_role assume_role_policy = {"Version":"2012-10-17","Statement":[

我使用aws控制台手动创建了一个名为demo_role的角色。我为这个角色附加了一个策略。我跑

并成功地将其导入到状态文件中。但是，terraform show不显示我附加到它的策略。我错过了什么

地形显示输出

aws_iam_role.demo_role:
id = demo_role
arn = arn:aws:iam::***********:role/demo_role
assume_role_policy = {"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]}
create_date = 2020-01-08T20:39:26Z
description = Allows Lambda functions to call AWS services on your behalf.
force_detach_policies = false
max_session_duration = 3600
name = demo_role
path = /
tags.% = 0
unique_id = *******************

Terraform不会自动导入附加的策略，因为它是一个单独的资源。您还需要将策略导入到资源中。假定角色策略是直接在角色本身上定义的，这就是为什么包含它

aws_iam_role.demo_role:
id = demo_role
arn = arn:aws:iam::***********:role/demo_role
assume_role_policy = {"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]}
create_date = 2020-01-08T20:39:26Z
description = Allows Lambda functions to call AWS services on your behalf.
force_detach_policies = false
max_session_duration = 3600
name = demo_role
path = /
tags.% = 0
unique_id = *******************