解决 terraform 中的 EntityAlreadyExists 错误的最佳方法是什么? [英] what is the best way to solve EntityAlreadyExists error in terraform?

问题描述

我正在使用 terraform v0.12.6，但遇到了许多错误，例如:

I am using terraform v0.12.6 and I run into many errors like:

Error: Error creating Security Group: InvalidGroup.Duplicate: The security group 'security-search-populate' already exists for VPC 'vpc-003e06e33a87c22f5'
    status code: 400, request id: 82acdc81-c324-4672-b9fe-531eb8283ed3

Error: Error creating IAM Role PopulateTaskRole: EntityAlreadyExists: Role with name PopulateTaskRole already exists.
    status code: 409, request id: 49aac94c-d52b-11e9-a535-c19e5ed20660

我知道我可以通过从 aws 中删除这些资源来解决它们.但是我想知道是否有更好的方法来解决它们.

I know I can solve them by deleting these resources from aws. But I wonder whether there is any better way to solve them.

推荐答案

是的.所有重复项都应导入到 terraform 中，并且每个资源的导入可能不同.

Yes. All duplicates should be imported into terraform and each resource's import may be different.

导入安全组 sg-903004f8 使用您的 dev 配置文件对资源 aws_security_group.elb_sg 进行地形改造.您需要找到 security-search-populate 安全组的安全组 ID.

To import security group sg-903004f8 to terraform resource aws_security_group.elb_sg using your dev profile. You'll need to find the security group id of security-search-populate security group.

AWS_PROFILE=dev terraform import aws_security_group.elb_sg sg-903004f8

导入 IAM 角色 PopulateTaskRole 使用您的 dev 配置文件对资源 aws_iam_role.developer 进行地形改造.

To import IAM role PopulateTaskRole to terraform resource aws_iam_role.developer using your dev profile.

AWS_PROFILE=dev terraform import aws_iam_role.developer PopulateTaskRole

导入这些后，您可以制定有针对性的 terraform 计划，以查看源代码控制的 terraform 中的内容与 AWS 中的上游内容之间的差异

After these are imported, you can do a targetted terraform plan to see the differences between what's in source controlled terraform and what's upstream in AWS

AWS_PROFILE=dev terraform plan 
  -target aws_security_group.elb_sg 
  -target aws_iam_role.developer

这篇关于解决 terraform 中的 EntityAlreadyExists 错误的最佳方法是什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！