Amazon web services 如何将现有资源导入terraform
我正在使用Amazon web services 如何将现有资源导入terraform,amazon-web-services,terraform,Amazon Web Services,Terraform,我正在使用TerraformV0.12.6管理AWS基础设施。我在将配置部署到AWS时遇到此错误。我知道我需要导入现有资源,但我不知道应该使用的参数ID Error: Error creating Security Group: InvalidGroup.Duplicate: The security group 'SecuritySearchElasticSearchencr' already exists for VPC 'vpc-0cce833ea304b0215' status
TerraformV0.12.6
管理AWS基础设施。我在将配置部署到AWS时遇到此错误。我知道我需要导入现有资源,但我不知道应该使用的参数ID
Error: Error creating Security Group: InvalidGroup.Duplicate: The security group 'SecuritySearchElasticSearchencr' already exists for VPC 'vpc-0cce833ea304b0215'
status code: 400, request id: c3bef103-023a-4d6f-888b-bcb8d024eff8
on deploy/infra/modules/elasticsearch/security-groups.tf line 1, in resource "aws_security_group" "es":
1: resource "aws_security_group" "es" {
当我运行terraform import aws_security_group.es vpc-0CCE833EA304B02215
时,我收到以下错误:
Error: resource address "aws_security_group.es" does not exist in the configuration.
Before importing this resource, please create its configuration in the root module. For example:
resource "aws_security_group" "es" {
# (resource arguments)
}
我还尝试导入安全组ID,但仍然出现相同错误:
#terraform import aws_security_group.es sg-0227291ba8162542d
Error: resource address "aws_security_group.es" does not exist in the configuration.
Before importing this resource, please create its configuration in the root module. For example:
resource "aws_security_group" "es" {
# (resource arguments)
}
当我运行terraform plan
时,我得到:
+ resource "aws_security_group" "es" {
+ arn = (known after apply)
+ description = "Allow HTTPS inbound traffic"
+ egress = [
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = ""
+ from_port = 0
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "-1"
+ security_groups = []
+ self = false
+ to_port = 0
},
]
+ id = (known after apply)
+ ingress = [
+ {
+ cidr_blocks = []
+ description = ""
+ from_port = 443
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "tcp"
+ security_groups = [
+ "sg-08e48ea67d2f8ebd6",
+ "sg-0bdc3d7ce660183d8",
]
+ self = false
+ to_port = 443
},
]
+ name = "SecuritySearchElasticSearchencr"
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags = {
+ "Application" = "Security Search"
+ "Client" = "IRESS"
+ "DataClassification" = "NoData"
+ "Name" = "Security Search ElasticSearch"
+ "Owner" = "platform"
+ "Product" = "SharedServices"
+ "Schedule" = "False"
+ "Service" = "Elastic Search Cluster"
+ "TaggingStandardVersion" = "3"
}
+ vpc_id = "vpc-0cce833ea304b0215"
}
我想知道应该使用什么命令导入现有资源?可以使用安全组id导入安全组,而您使用VPC id导入 如果您获取
SecuritySearchElasticSearchencr
的ID并将其传递给terraform import命令,那么它应该可以工作
terraform import aws_security_group.es sg-xxxxxx
它似乎也不起作用,我已经更新了我的帖子,包含了这个命令的错误。你的terraform脚本真的定义了一个安全组调用“es”吗?这必须存在于terraform脚本中,terraform才能将现有资源的状态导入状态文件。注意,这将使现有资源处于terraform脚本的控制之下。如果这不是您想要的(它在别处管理),那么您可能希望在脚本中将其定义为数据源,这样您就可以在不管理它的情况下访问它的属性