Amazon web services 如何将现有资源导入terraform_Amazon Web Services_Terraform

Amazon web services 如何将现有资源导入terraform

amazon-web-services terraform

Amazon web services 如何将现有资源导入terraform,amazon-web-services,terraform,Amazon Web Services,Terraform,我正在使用TerraformV0.12.6管理AWS基础设施。我在将配置部署到AWS时遇到此错误。我知道我需要导入现有资源，但我不知道应该使用的参数ID Error: Error creating Security Group: InvalidGroup.Duplicate: The security group 'SecuritySearchElasticSearchencr' already exists for VPC 'vpc-0cce833ea304b0215' status

我正在使用

TerraformV0.12.6

管理AWS基础设施。我在将配置部署到AWS时遇到此错误。我知道我需要导入现有资源，但我不知道应该使用的参数ID

Error: Error creating Security Group: InvalidGroup.Duplicate: The security group 'SecuritySearchElasticSearchencr' already exists for VPC 'vpc-0cce833ea304b0215'
    status code: 400, request id: c3bef103-023a-4d6f-888b-bcb8d024eff8

  on deploy/infra/modules/elasticsearch/security-groups.tf line 1, in resource "aws_security_group" "es":
   1: resource "aws_security_group" "es" {

当我运行

terraform import aws_security_group.es vpc-0CCE833EA304B02215

时，我收到以下错误：

Error: resource address "aws_security_group.es" does not exist in the configuration.

Before importing this resource, please create its configuration in the root module. For example:

resource "aws_security_group" "es" {
  # (resource arguments)
}

我还尝试导入安全组ID，但仍然出现相同错误：

#terraform import aws_security_group.es sg-0227291ba8162542d

Error: resource address "aws_security_group.es" does not exist in the configuration.

Before importing this resource, please create its configuration in the root module. For example:

resource "aws_security_group" "es" {
  # (resource arguments)
}

当我运行

terraform plan

时，我得到：

 + resource "aws_security_group" "es" {
      + arn                    = (known after apply)
      + description            = "Allow HTTPS inbound traffic"
      + egress                 = [
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = ""
              + from_port        = 0
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "-1"
              + security_groups  = []
              + self             = false
              + to_port          = 0
            },
        ]
      + id                     = (known after apply)
      + ingress                = [
          + {
              + cidr_blocks      = []
              + description      = ""
              + from_port        = 443
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = [
                  + "sg-08e48ea67d2f8ebd6",
                  + "sg-0bdc3d7ce660183d8",
                ]
              + self             = false
              + to_port          = 443
            },
        ]
      + name                   = "SecuritySearchElasticSearchencr"
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags                   = {
          + "Application"            = "Security Search"
          + "Client"                 = "IRESS"
          + "DataClassification"     = "NoData"
          + "Name"                   = "Security Search ElasticSearch"
          + "Owner"                  = "platform"
          + "Product"                = "SharedServices"
          + "Schedule"               = "False"
          + "Service"                = "Elastic Search Cluster"
          + "TaggingStandardVersion" = "3"
        }
      + vpc_id                 = "vpc-0cce833ea304b0215"
    }

我想知道应该使用什么命令导入现有资源？

可以使用安全组id导入安全组，而您使用VPC id导入

如果您获取

SecuritySearchElasticSearchencr

的ID并将其传递给terraform import命令，那么它应该可以工作

 terraform import aws_security_group.es sg-xxxxxx

它似乎也不起作用，我已经更新了我的帖子，包含了这个命令的错误。你的terraform脚本真的定义了一个安全组调用“es”吗？这必须存在于terraform脚本中，terraform才能将现有资源的状态导入状态文件。注意，这将使现有资源处于terraform脚本的控制之下。如果这不是您想要的（它在别处管理），那么您可能希望在脚本中将其定义为数据源，这样您就可以在不管理它的情况下访问它的属性