我们正试图使用Terraform v1.0.9和AWS provider v3.64.2为最近部署的AWS组织资源构建一个状态文件。
aws_organizations_organization已更正为使用terraform import aws_organizations_organization.my_organisation [id]导入。Terraform不想在组织被导入后摧毁它。
然而,当单元被导入-AWS_DEFAULT_REGION=eu-west-2 terraform import -config=tf/units/infrastructure -var 'organisation_root=[id]' aws_organizations_organizational_unit.my-ou-infrastructure ou-abc0-ab0cdefg时,它似乎成功导入,但在terraform plan上,它想要破坏OU并重新创建它。
# aws_organizations_organizational_unit.my-ou-infrastructure will be destroyed
- resource "aws_organizations_organizational_unit" "my-ou-infrastructure" {
- accounts = [] -> null
- arn = "arn:aws:organizations::000000000000:ou/o-xxxxx/ou-xxxx-xxxxxx" -> null
- id = "ou-xxxx-xxxxxx" -> null
- name = "name" -> null
- parent_id = "id" -> null
- tags = {} -> null
}
...
# module.my_organisation_units.module.my_organisation_unit_infrastructure.aws_organizations_organizational_unit.my-ou-infrastructure will be created
+ resource "aws_organizations_organizational_unit" "my-ou-infrastructure" {
+ accounts = (known after apply)
+ arn = (known after apply)
+ id = (known after apply)
+ name = "name"
+ parent_id = "id"
}
...
Plan: 31 to add, 0 to change, 1 to destroy.
这种情况应该发生吗?从文档中,导入OU看起来非常简单。
我们需要使用terraform import module.my_organisation_units.module.my_organisation_unit_infrastructure.aws_organizations_organizational_unit.my-ou-infrastructure ou-abc0-ab0cdefg将资源作为模块导入。