Is there a way to import iam-roles in terraform?

1
votes

I want to import existing aws resource iam-role 'DEVOPS' to my terraform management.

Though the resorce exists i get the following error -

Error: Cannot import non-existent remote object

While attempting to import an existing object to aws_iam_role.okta_devops_role, the provider detected that no object exists with the given id. Only pre-existing objects can be imported; check that the id is correct and that it is associated with the provider's configured region or endpoint, or use "terraform apply" to create a new remote object for this resource.

I created empty resource -> aws_iam_role.devops_role in my main.tf

2
terraform-provider-aws
It is helpful to post the command that you are attempting to run, so that we can see if there are syntax errors...eatsfood
I believe the error comes from the name of your tf resource,which is different than the name of your role. You have aws_iam_role.okta_devops_role and you should be able to import by doing what @eatsfood stated. I believe it would be something like terraform import aws_iam_role.okta_devops_role DEVOPS assuming that DEVOPS is the name of the role that you want to importPeter Arboleda

2 Answers

2
votes

You should be able to import an existing IAM role resource by doing the following:

  1. Create the stub for the resource in your main.tf like this:
resource "aws_iam_role" "DEVOPS" {
  # stub
}
  1. Run the import command:
terraform import aws_iam_role.DEVOPS DEVOPS
  1. When that is complete, show the resource and update the resource stub you created in step 1:
terraform show

Here is a link to the documentation.

-1
votes

There is no way for importing the existing resources which are not provisioned via terraform.

As terraform do refer to the resource via terraform state file and detects the configuration drift

Still, you can give a try to:-

https://github.com/GoogleCloudPlatform/terraformer#use-with-aws