Como adicionar uma função existente à instância ec2 existente usando terraform?

tag-icon tag-icon terraform
Como adicionar uma função existente à instância ec2 existente usando terraform?

Estou executando o código a seguir, mas recebo o erro de status de saída 255 Meu arquivo resource.tf

resource "null_resource" "create-instance-profile" {
  provisioner "local-exec" {
    command = "aws iam create-instance-profile --instance-profile-name ${var.role_name}-instance-profile"
  }
}

resource "null_resource" "add-role-to-instance-profile" {
  provisioner "local-exec" {
    command = "aws iam add-role-to-instance-profile --role-name ${var.role_name} --instance-profile-name ${var.role_name}-instance-profile"
  }
}

resource "null_resource" "associate-iam-instance-profile" {
  provisioner "local-exec" {
    command = "aws ec2 associate-iam-instance-profile --instance-id ${var.instance_id}  --iam-instance-profile Name=${var.role_name}-instance-profile"
  }
}

Aqui está a mensagem de erro

null_resource.associate-iam-instance-profile: Destroying... [id=2341562538298898232]
null_resource.add-role-to-instance-profile: Destroying... [id=474229456545301978]
null_resource.associate-iam-instance-profile: Destruction complete after 0s
null_resource.add-role-to-instance-profile: Destruction complete after 0s
null_resource.add-role-to-instance-profile: Creating...
null_resource.associate-iam-instance-profile: Creating...
null_resource.add-role-to-instance-profile: Provisioning with 'local-exec'...
null_resource.associate-iam-instance-profile: Provisioning with 'local-exec'...
null_resource.add-role-to-instance-profile (local-exec): Executing: ["/bin/sh" "-c" "aws iam add-role-to-instance-profile --role-name s3access --instance-profile-name s3access-instance-profile"]
null_resource.associate-iam-instance-profile (local-exec): Executing: ["/bin/sh" "-c" "aws ec2 associate-iam-instance-profile --instance-id i-0c5a628c  --iam-instance-profile Name=s3access-instance-profile"]
null_resource.associate-iam-instance-profile (local-exec): An error occurred (IncorrectState) when calling the AssociateIamInstanceProfile operation: There is an existing association for instance i-0c5a628c
null_resource.add-role-to-instance-profile: Creation complete after 2s [id=739083633858274972]
Error: Error running command 'aws ec2 associate-iam-instance-profile --instance-id i-0c5a628c  --iam-instance-profile Name=s3access-instance-profile': exit status 255. Output: 
An error occurred (IncorrectState) when calling the AssociateIamInstanceProfile operation: There is an existing association for instance i-0c5a628c

Responder1

Parece que você precisa primeiro desassociar a função da instância comaws ec2 disassociate-iam-instance-profile

informação relacionada