如何在 AWS(手动创建)中使用 Terraform 资源? [英] How to use in Terraform resources already in AWS (created manually)?

问题描述

有没有办法在我的 AWS 账户中已经存在的手动创建的 terraform 资源中使用这些资源?我不想改变它们，老实说，我不想触摸"它们.我只需要其中一些资源用于我正在创建的环境.例如，vpc 和 IAM.

Is there a way to use in my terraform resources that already exist in my AWS account, which were created manually? I don't want to change them, and honestly, I don't want to "touch" them. I just need some of those resources for the environment I'm creating. For example, vpc and IAM.

我读过一些关于导入的内容，但我不确定它是否是答案?

I have read a bit about import, but I am not sure that it is the answer?

推荐答案

Terraform 有 2 种方式来使用存在于它所应用的上下文或目录之外的资源.

Terraform has 2 ways of using resources that exist outside of the context or directory it's being applied on.

第一个是数据源，可以让你查找现有资源并将有关它们的信息传递给其他资源.aws_ami 数据源 文档提供了这个有用的例子:

The first is data sources which allow you to look up existing resources and pass information about them to other resources. The aws_ami data source documentation provides this useful example:

data "aws_ami" "ubuntu" {
  most_recent = true

  filter {
    name   = "name"
    values = ["ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*"]
  }

  filter {
    name   = "virtualization-type"
    values = ["hvm"]
  }

  owners = ["099720109477"] # Canonical
}

resource "aws_instance" "web" {
  ami           = "${data.aws_ami.ubuntu.id}"
  instance_type = "t2.micro"

  tags = {
    Name = "HelloWorld"
  }
}

这允许 Terraform 去获取与数据源中指定的条件相匹配的现有 AMI，选择最新的 AMI，然后将 AMI 的 ID 传递给 aws_instance 资源，以便它将从那个 AMI 构建.

This allows Terraform to go and fetch the existing AMI that matches the criteria specified in the data source, selects the most recent AMI and then passes the AMI's ID to the aws_instance resource so that it will be built from that AMI.

即使您使用 Terraform 创建所有资源，这仍然很有用，因为它允许您拆分 Terraform 配置以限制爆炸半径并控制同时更新的内容，同时仍然允许您访问信息关于那些资源.aws_subnet_ids 文档有一个这个例子提供了一个很好的例子，其中子网可能是由 Terraform 在与您要创建的实例不同的上下文或目录中创建的:

Even if you are creating all of your resources with Terraform this can still be useful as it allows you to split up your Terraform configuration to limit blast radius and control what things are updated at the same time while still allowing you to access information about those resources. The aws_subnet_ids documentation has an example that provides a good example of this where the subnets may have been created by Terraform in a different context or directory to the instances you want to create:

data "aws_subnet_ids" "private" {
  vpc_id = "${var.vpc_id}"

  tags = {
    Tier = "Private"
  }
}

resource "aws_instance" "app" {
  count         = "3"
  ami           = "${var.ami}"
  instance_type = "t2.micro"
  subnet_id     = "${element(data.aws_subnet_ids.private.ids, count.index)}"
}

使用现有资源的第二种方式是将它们导入状态.这允许 Terraform 开始管理现有资源，就像 Terraform 最初创建它们一样.因此，当您下次运行 terraform apply 时，对 Terraform 配置所做的任何更改都将应用于现有资源.这也意味着如果你运行 terraform destroy 那么资源将被删除.

The second way of using existing resources is to import them into the state. This allows Terraform to begin managing existing resources as if Terraform had originally created them. As such, any changes made to the Terraform configuration will then be applied to the existing resource when you next run terraform apply. It also means that if you ran terraform destroy then the resource would be removed.

这篇关于如何在 AWS(手动创建)中使用 Terraform 资源?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！