-
Notifications
You must be signed in to change notification settings - Fork 9.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aws Instance Profile already exists error #3749
Comments
Update: it turns out that instance profiles don't show up in the AWS console. Well, they do, but only attached to a role. If you delete the role, but not the policy, then there is no longer a way to see the policy in the console. Therefore, instead of using the console, you can use the AWS CLI to see all the instance profiles:
With that command, I found the old, conflicting profiles, so the terraform error message was correct. |
thanks this and |
yes, used that cmd and was able to remove the profile. thanks |
Sounds like something the AWS team should fix or at least provide an improved error message. |
Just burned an hour on this :( thanks for the fix! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
I had the following
aws_iam_instance_profile
:With
vpc_name
set toprod
ordev
, and a completely empty AWS account with no existing IAM roles or profiles, every time I ranterraform apply
, I would get an error of this form:There were no IAM roles or profiles in the account; I had nothing in the terraform file other than the definition of the referenced
aws_iam_role
; and this error would remain even if I ranterraform destroy
before runningterraform apply
.The workaround was to move the
var.vpc_name
interpolation to the end:Any idea what's going on? I know the temptation is to say "prod-iam-nat-profile must have already existed in your account", but I never created such a profile by hand and it was not there when I would check the IAM pages in the AWS console. I'm using terraform 0.6.4.
The text was updated successfully, but these errors were encountered: