Terraform AlreadyExistsException:名称为arn:aws:kms:XXXXX:XXXXXXXXX:alias/myalias的别名已存在 [英] Terraform AlreadyExistsException: An alias with the name arn:aws:kms:XXXXX:XXXXXXXXX:alias/myalias already exists
问题描述
运行terraform apply时出现以下错误
Terraform AlreadyExistsException: An alias with the name arn:aws:kms:XXXXX:XXXXXXXXX:alias/myalias already exists
我可以确认该资源(KMS-Key-Alias)在AWS上存在. 怎么会这样 我该如何解决?
I can confirm that the resource (the KMS-Key-Alias) exists on AWS. How can this happen? How can I resolve this?
推荐答案
问题是创建了资源,但是Terraform状态不包含该资源.
The problem is that the resource was created, but the Terraform state does not contain this resource.
- 该资源是在AWS中手动创建的
- 资源是使用Terraform创建的,但是状态不包含该信息.这可能是因为
- the resource was created manually in AWS
- the resource was created using Terraform but the state does not contain the information. This might happen because
- the state file was deleted manually
- there is more than one developer, but the state file is not shared (this post describes in detail how to set this up)
- the state file was not updated correctly (it might have been overwritten by an older version, it might for some reason have failed to be updated despite the correct applied changes from Terraform,...)
您可以使用类似
terraform import aws_kms_alias.a alias/myalias要找出正确的命令,请查找Terraform文档以获取您感兴趣的资源.例如.这是 Terraform kms_alias 的文档.在底部,它告诉您如何导入资源(某些资源只能通过id导入,某些只能通过名称导入).
To figure out the correct command look up the Terraform docu for your resouce of interest. E.g. here is the docu for Terraform kms_alias. In the bottom it tells you how to import the resource (some resources can only be imported by id, some by name).
或者,如果您要处理许多资源并删除它们是可以接受的(即,如果您仍然需要数据,则不想删除数据库,如果仍然需要,则不想删除KMS-Key用于解密(可以删除别名,但要确保保留与它链接的KMS-Key的信息),也可以只删除资源,然后让Terraform重新创建它们.
Alternatively, if you are dealing with many resources and deleting them is acceptable (i.e. you would not want to delete a database, if you still need the data, you would not want to delete a KMS-Key, if you still need it for decription (an alias would be acceptable to be deleted, but make sure you keep the information to which KMS-Key it is linked)), you can also just delete the resources and then let Terraform recreate them.
如果问题反复出现,请尝试找出发生这种情况的原因(请参见上面的如何发生")并加以解决. 这篇文章提供了有关状态管理方式的更多信息.
If the issue appears repeatedly, try to find out why this happens (see "how this can happen" above) and fix this. This post provides some more context about how state is managed.
这篇关于Terraform AlreadyExistsException:名称为arn:aws:kms:XXXXX:XXXXXXXXX:alias/myalias的别名已存在的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
