解决 terraform 中的 EntityAlreadyExists 错误的最佳方法是什么? [英] what is the best way to solve EntityAlreadyExists error in terraform?
问题描述
我正在使用 terraform v0.12.6
,但遇到了许多错误,例如:
I am using terraform v0.12.6
and I run into many errors like:
Error: Error creating Security Group: InvalidGroup.Duplicate: The security group 'security-search-populate' already exists for VPC 'vpc-003e06e33a87c22f5'
status code: 400, request id: 82acdc81-c324-4672-b9fe-531eb8283ed3
Error: Error creating IAM Role PopulateTaskRole: EntityAlreadyExists: Role with name PopulateTaskRole already exists.
status code: 409, request id: 49aac94c-d52b-11e9-a535-c19e5ed20660
我知道我可以通过从 aws 中删除这些资源来解决它们.但是我想知道是否有更好的方法来解决它们.
I know I can solve them by deleting these resources from aws. But I wonder whether there is any better way to solve them.
推荐答案
是的.所有重复项都应导入到 terraform 中,并且每个资源的导入可能不同.
Yes. All duplicates should be imported into terraform and each resource's import may be different.
导入安全组 sg-903004f8
使用您的 dev
配置文件对资源 aws_security_group.elb_sg
进行地形改造.您需要找到 security-search-populate
安全组的安全组 ID.
To import security group sg-903004f8
to terraform resource aws_security_group.elb_sg
using your dev
profile. You'll need to find the security group id of security-search-populate
security group.
AWS_PROFILE=dev terraform import aws_security_group.elb_sg sg-903004f8
导入 IAM 角色 PopulateTaskRole
使用您的 dev
配置文件对资源 aws_iam_role.developer
进行地形改造.
To import IAM role PopulateTaskRole
to terraform resource aws_iam_role.developer
using your dev
profile.
AWS_PROFILE=dev terraform import aws_iam_role.developer PopulateTaskRole
导入这些后,您可以制定有针对性的 terraform 计划,以查看源代码控制的 terraform 中的内容与 AWS 中的上游内容之间的差异
After these are imported, you can do a targetted terraform plan to see the differences between what's in source controlled terraform and what's upstream in AWS
AWS_PROFILE=dev terraform plan
-target aws_security_group.elb_sg
-target aws_iam_role.developer
这篇关于解决 terraform 中的 EntityAlreadyExists 错误的最佳方法是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!