実践Terraform ch25 既存リソースのインポート
terraform import
単一リソースのインポート
準備
aws ec2 create-vpc --cidr-block 192.168.0.0/16
{ "Vpc": { "CidrBlock": "192.168.0.0/16", "DhcpOptionsId": "dopt-404d5f25", "State": "pending", "VpcId": "vpc-0748f758131eecf92", "OwnerId": "646279979860", "InstanceTenancy": "default", "Ipv6CidrBlockAssociationSet": [], "CidrBlockAssociationSet": [ { "AssociationId": "vpc-cidr-assoc-0de1eca7f12483850", "CidrBlock": "192.168.0.0/16", "CidrBlockState": { "State": "associated" } } ], "IsDefault": false, "Tags": [] } }
インポートの実行
- AWSのプロバイダのみ記述したtfファイルを作る
provider "aws" { version = "2.55.0" region = "ap-northeast-1" }
- import実行
terraform import aws_vpc.imported vpc-0748f758131eecf92
Error: resource address "aws_vpc.imported" does not exist in the configuration.
Before importing this resource, please create its configuration in the root module. For example:
resource "aws_vpc" "imported" {
# (resource arguments)
}
- main.tfを追記しろと怒られる
provider "aws" {
version = "2.55.0"
region = "ap-northeast"
}
+
+ resource "aws_vpc" "imported" {
+ # (resource arguments)
+ }
- 再度import
aws_vpc.imported: Importing from ID "vpc-0748f758131eecf92"... aws_vpc.imported: Import prepared! Prepared aws_vpc for import aws_vpc.imported: Refreshing state... [id=vpc-0748f758131eecf92] Import successful! The resources that were imported are shown above. These resources are now in your Terraform state and will henceforth be managed by Terraform.
- リソースがterraform管理になる
terraform state list
aws_vpc.imported
コードの修正
- リソースとtfstateの同期がとれた
- コードとの同期がとれていない
terraform plan
Error: Missing required argument
on main.tf line 6, in resource "aws_vpc" "imported":
6: resource "aws_vpc" "imported" {
The argument "cidr_block" is required, but no definition was found.
- リソースに合わせてコードを修正していく
aws ec2 describe-vpcs --vpc-ids=vpc-0748f758131eecf92
{
"Vpcs": [
{
"CidrBlock": "192.168.0.0/16",
"DhcpOptionsId": "dopt-404d5f25",
"State": "available",
"VpcId": "vpc-0748f758131eecf92",
"OwnerId": "646279979860",
"InstanceTenancy": "default",
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-0de1eca7f12483850",
"CidrBlock": "192.168.0.0/16",
"CidrBlockState": {
"State": "associated"
}
}
],
"IsDefault": false
}
]
}
cidr_blockを追記
resource "aws_vpc" "imported" {
- # (resource arguments)
+ cidr_block = "192.168.0.0/16"
}
- 再度planを実行し、差分のなきことを確認する
Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. aws_vpc.imported: Refreshing state... [id=vpc-0748f758131eecf92] ------------------------------------------------------------------------ No changes. Infrastructure is up-to-date. This means that Terraform did not detect any differences between your configuration and real physical resources that exist. As a result, no actions need to be performed.
関連リソースのインポート
- リソースによっては芋づる式に複数リソースがimportされたりする
- SGに対するruleとか
terraformer
- 先述の方法だとtfコードを手で書くのが大変
- terraformer等で自動生成すると便利
準備
- またvpcリソースを作る
aws ec2 create-vpc --cidr-block 192.168.0.0/16
{ "Vpc": { "CidrBlock": "192.168.0.0/16", "DhcpOptionsId": "dopt-404d5f25", "State": "pending", "VpcId": "vpc-08c854e513b5917be", "OwnerId": "646279979860", "InstanceTenancy": "default", "Ipv6CidrBlockAssociationSet": [], "CidrBlockAssociationSet": [ { "AssociationId": "vpc-cidr-assoc-01223263c5255d8bb", "CidrBlock": "192.168.0.0/16", "CidrBlockState": { "State": "associated" } } ], "IsDefault": false, "Tags": [] } }
指定したリソースのインポート
- プロバイダが必要
provider "aws" { version = "2.55.0" region = "ap-northeast-1" }
terraform init
- importの実行
terraformer import aws --regions=ap-northeast-1 --resources=vpc --filter=aws_vpc=vpc-08c854e513b5917be
2020/04/01 01:01:45 aws importing region ap-northeast-1 2020/04/01 01:01:45 aws importing... vpc 2020/04/01 01:01:52 Refreshing state... aws_vpc.tfer--vpc-002D-08c854e513b5917be 2020/04/01 01:01:53 aws Connecting.... 2020/04/01 01:01:53 aws save vpc 2020/04/01 01:01:53 aws save tfstate for vpc
./generated/に出力される
ls -lR ./generated/
./generated/: total 4 drwxr-xr-x 3 root root 4096 Apr 1 10:01 aws ./generated/aws: total 4 drwxr-xr-x 3 root root 4096 Apr 1 10:01 vpc ./generated/aws/vpc: total 4 drwxr-xr-x 2 root root 4096 Apr 1 10:01 ap-northeast-1 ./generated/aws/vpc/ap-northeast-1: total 16 -rwxr-xr-x 1 root root 116 Apr 1 10:01 outputs.tf -rwxr-xr-x 1 root root 72 Apr 1 10:01 provider.tf -rwxr-xr-x 1 root root 2312 Apr 1 10:01 terraform.tfstate -rwxr-xr-x 1 root root 383 Apr 1 10:01 vpc.tf
provider.tf
provider "aws" { region = "ap-northeast-1" version = "~>v2.55.0" }
outputs.tf
output "aws_vpc_tfer--vpc-002D-08c854e513b5917be_id" { value = "${aws_vpc.tfer--vpc-002D-08c854e513b5917be.id}" }
vpc.tf
resource "aws_vpc" "tfer--vpc-002D-08c854e513b5917be" { assign_generated_ipv6_cidr_block = "false" cidr_block = "192.168.0.0/16" enable_classiclink = "false" enable_classiclink_dns_support = "false" enable_dns_hostnames = "false" enable_dns_support = "true" instance_tenancy = "default" }
terraform.tfstate
{ "version": 3, "terraform_version": "0.12.10", "serial": 1, "lineage": "fcb95550-b823-eb70-c0d1-b4692547743b", "modules": [ { "path": [ "root" ], "outputs": { "aws_vpc_tfer--vpc-002D-08c854e513b5917be_id": { "sensitive": false, "type": "string", "value": "vpc-08c854e513b5917be" } }, "resources": { "aws_vpc.tfer--vpc-002D-08c854e513b5917be": { "type": "aws_vpc", "depends_on": [], "primary": { "id": "vpc-08c854e513b5917be", "attributes": { "arn": "arn:aws:ec2:ap-northeast-1:646279979860:vpc/vpc-08c854e513b5917be", "assign_generated_ipv6_cidr_block": "false", "cidr_block": "192.168.0.0/16", "default_network_acl_id": "acl-006cc370113b2aa82", "default_route_table_id": "rtb-06c0126ac426528fb", "default_security_group_id": "sg-064319eda80f5e66d", "dhcp_options_id": "dopt-404d5f25", "enable_classiclink": "false", "enable_classiclink_dns_support": "false", "enable_dns_hostnames": "false", "enable_dns_support": "true", "id": "vpc-08c854e513b5917be", "instance_tenancy": "default", "ipv6_association_id": "", "ipv6_cidr_block": "", "main_route_table_id": "rtb-06c0126ac426528fb", "owner_id": "646279979860", "tags.%": "0" }, "meta": { "schema_version": 0 }, "tainted": false }, "deposed": [], "provider": "provider.aws" } }, "depends_on": [] } ] }
- 自動生成tfファイルはデフォルト値等もすべて埋まっている
- 適宜削除する
- tfstateファイルは適宜
state mvなどで統合して用いる
