This error occurs when Terraform attempts to create an AWS ECR repository that already exists. It happens due to state file mismatches or concurrent deployments trying to create the same repository name.
When you run `terraform apply`, the aws_ecr_repository resource attempts to create a new ECR repository, but AWS rejects the request because a repository with that name already exists in your registry. This typically occurs when there's a mismatch between your Terraform state file and actual AWS resources, or when multiple deployments or environments inadvertently target the same repository name.
First, confirm the ECR repository actually exists in your AWS account:
aws ecr describe-repositories --repository-names your-repo-nameIf it returns repository details, it exists. Note the exact repository name for the next step.
Use terraform import to register the existing repository with your Terraform state:
terraform import aws_ecr_repository.my_repo your-repo-nameReplace aws_ecr_repository.my_repo with your resource identifier in Terraform and your-repo-name with the actual ECR repository name in AWS.
If you're using count or for_each in your resource definition, adjust the import command:
For count:
terraform import 'aws_ecr_repository.repo[0]' your-repo-nameFor for_each:
terraform import 'aws_ecr_repository.repo["mykey"]' your-repo-nameAfter importing, run terraform plan to ensure Terraform now recognizes the repository and won't try to recreate it:
terraform planYou should see no changes to the ECR repository resource. If there are still changes, review the resource configuration to ensure it matches the actual AWS resource.
To prevent this error in the future, ensure each environment has uniquely named repositories. Use Terraform variables and naming conventions:
resource "aws_ecr_repository" "app" {
name = "${var.environment}-${var.app_name}"
}For example: dev-myapp, staging-myapp, prod-myapp.
Configure lifecycle rules and policies to manage repositories consistently:
resource "aws_ecr_repository" "app" {
name = "my-app"
image_tag_mutability = "MUTABLE"
image_scanning_configuration {
scan_on_push = true
}
lifecycle {
prevent_destroy = true
}
}The prevent_destroy flag helps prevent accidental deletions.
State file consistency: The root cause often involves AWS API eventual consistency. When Terraform creates an ECR repository, it sends CreateRepository followed by DescribeRepositories, but the DescribeRepositories call may temporarily fail even though the repository was created. This can leave Terraform unaware the resource exists. Always run terraform import for existing repositories rather than modifying your configuration to work around the error. For multi-environment setups, consider using Terraform workspaces or separate backend configurations per environment to avoid state conflicts.
Error: Error rendering template: template not found
How to fix "template not found" error in Terraform
Error: Error generating private key
How to fix 'Error generating private key' in Terraform
Error creating Kubernetes Service: field is immutable
How to fix "field is immutable" errors in Terraform
Error: Error creating local file: open: permission denied
How to fix "Error creating local file: permission denied" in Terraform
Error: line endings have changed from CRLF to LF
Line endings have changed from CRLF to LF in Terraform