如何在AWS中已经存在的Terraform资源中使用(手动创建)? [英] How to use in Terraform resources already in AWS (created manually)?

问题描述

有没有办法在我的AWS账户中已经存在的Terraform资源中使用这些资源，这些资源是手动创建的?我不想更改它们，说实话，我不想触摸"它们.我只需要一些用于我正在创建的环境的资源.例如，vpc和IAM.

Is there a way to use in my terraform resources that already exist in my AWS account, which were created manually? I don't want to change them, and honestly, I don't want to "touch" them. I just need some of those resources for the environment I'm creating. For example, vpc and IAM.

我已经阅读了一些有关导入的信息，但是我不确定这是答案吗?

I have read a bit about import, but I am not sure that it is the answer?

推荐答案

Terraform有两种使用资源的方式，这些资源存在于要应用的上下文或目录之外.

Terraform has 2 ways of using resources that exist outside of the context or directory it's being applied on.

第一个是数据源，它允许您查找现有资源，并将有关它们的信息传递给其他资源. aws_ami 数据源文档提供了这个有用的示例:

The first is data sources which allow you to look up existing resources and pass information about them to other resources. The aws_ami data source documentation provides this useful example:

data "aws_ami" "ubuntu" {
  most_recent = true

  filter {
    name   = "name"
    values = ["ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*"]
  }

  filter {
    name   = "virtualization-type"
    values = ["hvm"]
  }

  owners = ["099720109477"] # Canonical
}

resource "aws_instance" "web" {
  ami           = "${data.aws_ami.ubuntu.id}"
  instance_type = "t2.micro"

  tags = {
    Name = "HelloWorld"
  }
}

这允许Terraform去获取与数据源中指定的条件相匹配的现有AMI，选择最新的AMI，然后将AMI的ID传递给 aws_instance 资源，以便将其从该AMI构建而成.

This allows Terraform to go and fetch the existing AMI that matches the criteria specified in the data source, selects the most recent AMI and then passes the AMI's ID to the aws_instance resource so that it will be built from that AMI.

即使使用Terraform创建所有资源，它仍然很有用，因为它允许您拆分Terraform配置以限制爆炸半径并控制同时更新的内容，同时仍然允许您访问信息关于那些资源. aws_subnet_ids 文档包含一个该示例提供了一个很好的示例，其中Terraform可能是在与要创建的实例不同的上下文或目录中创建了子网:

Even if you are creating all of your resources with Terraform this can still be useful as it allows you to split up your Terraform configuration to limit blast radius and control what things are updated at the same time while still allowing you to access information about those resources. The aws_subnet_ids documentation has an example that provides a good example of this where the subnets may have been created by Terraform in a different context or directory to the instances you want to create:

data "aws_subnet_ids" "private" {
  vpc_id = "${var.vpc_id}"

  tags = {
    Tier = "Private"
  }
}

resource "aws_instance" "app" {
  count         = "3"
  ami           = "${var.ami}"
  instance_type = "t2.micro"
  subnet_id     = "${element(data.aws_subnet_ids.private.ids, count.index)}"
}

使用现有资源的第二种方法是将其导入状态.这使Terraform可以开始管理现有资源，就像Terraform最初创建它们一样.这样，当您下次运行 terraform apply 时，对Terraform配置所做的任何更改都将应用于现有资源.这也意味着，如果您运行 terraform destroy ，那么资源将被删除.

The second way of using existing resources is to import them into the state. This allows Terraform to begin managing existing resources as if Terraform had originally created them. As such, any changes made to the Terraform configuration will then be applied to the existing resource when you next run terraform apply. It also means that if you ran terraform destroy then the resource would be removed.

这篇关于如何在AWS中已经存在的Terraform资源中使用(手动创建)?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！