Amazon web services 如何在AWS中找到有关现有资源的正确ID,以便导入到Terraform资源?
通过Terraform部署到AWS时,我遇到了一个重复的现有资源错误Amazon web services 如何在AWS中找到有关现有资源的正确ID,以便导入到Terraform资源?,amazon-web-services,terraform,Amazon Web Services,Terraform,通过Terraform部署到AWS时,我遇到了一个重复的现有资源错误 Error: Error creating IAM Role SecuritySearchAPITaskRole: EntityAlreadyExists: Role with name SecuritySearchAPITaskRole already exists. status code: 409, request id: cf5ae1f4-de6a-11e9-a7b1-d3cdff4db013 on de
Error: Error creating IAM Role SecuritySearchAPITaskRole: EntityAlreadyExists: Role with name SecuritySearchAPITaskRole already exists.
status code: 409, request id: cf5ae1f4-de6a-11e9-a7b1-d3cdff4db013
on deploy/modules/ecs-fargate-service/iam.tf line 1, in resource "aws_iam_role" "task":
1: resource "aws_iam_role" "task" {
基于上述错误,它是一个名为SecuritySearchAPITaskRole
的现有IAM角色。我认为解决方案是将这个资源导入我的本地地形状态,但我如何才能找到我需要使用的资源ID。我可以在AWS IAM控制台上找到此角色,但它似乎没有ID。我还尝试运行terraform plan
,它提供了:
+ resource "aws_iam_role" "task" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "ecs-tasks.amazonaws.com"
}
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ description = "Task role for the SecuritySearchAPI service"
+ force_detach_policies = false
+ id = (known after apply)
+ max_session_duration = 3600
+ name = "SecuritySearchAPITaskRole"
+ path = "/"
+ tags = {
+ "Application" = "Security Search"
+ "Client" = "IRESS"
+ "DataClassification" = "NoData"
+ "Name" = "SecuritySearchAPI Task Role"
+ "Owner" = "platform"
+ "Product" = "SharedServices"
+ "Schedule" = "False"
+ "Service" = "Search"
+ "TaggingStandardVersion" = "3"
}
+ unique_id = (known after apply)
}
您可以看到,apply`之后的id=
未创建。如何找到IAM角色的ID?好的,我找到了这个文档,我可以在地形导入
命令中使用角色名称
作为ID