我按照Google的指示将我的GCloud项目导出为地形格式。我尝试使用gcloud alpha和gcloud beta,结果是相同的:它创建了一个名为google_logging_log_sink的资源,为此我无法在Terraform的谷歌云平台提供商中找到文档。
我执行的命令按以下顺序执行,+显示生成的文件和文件夹。它们使用gcloud alpha和gcloud beta时工作相同,并且我省略了敏感数据:
$> gcloud alpha resource-config bulk-export --path=terraform-export --project=PROJECT_ID --resource-format=terraform
+ ./terraform-export/...
$> gcloud beta resource-config terraform generate-import terraform-export
+ ./gcloud-export-modules.tf
+ ./terraform_import_2022MMDD-HH-mm-ss.sh
$> terraform init
+ ./.terraform/…
+ ./terraform.lock.hcl
$> zsh ./terraform_import_2022MMDD-HH-mm-ss.sh # <- the errors are thrown here
+ ./.terraform.tfstate.lock.info
+ ./.terraform.tfstate.backup
这个脚本中有两个特别的错误,它们的命令和消息如下:
unknown resource type: google_logging_log_sink:
$> terraform import module.terraform-export-PROJECTNUMBER-PROJECTNUMBER-Project-LoggingLogSink.google_logging_log_sink.a_required PROJECTNUMBER###_Required
module.terraform-export-PROJECTNUMBER-PROJECTNUMBER-Project-LoggingLogSink.google_logging_log_sink.a_required: Importing from ID "PROJECTNUMBER###_Required"...
╷
│ Error: unknown resource type: google_logging_log_sink
│
│
╵
(我还尝试在PROJECTNUMBER###_Required->如果PROJECT_NUMBER ###_Required失败,则显示相同的消息)
Cannot import non-existent remote object:
$> terraform import module.terraform-export-projects-PROJECTID-IAMServiceAccount.google_service_account.PROJECTID projects/PROJECTID/serviceAccounts/some_service_account@PROJECTID.iam.gserviceaccount.com
module.terraform-export-projects-PROJECTID-IAMServiceAccount.google_service_account.PROJECTID: Importing from ID "projects/PROJECTID/serviceAccounts/some_service_account@PROJECTID.iam.gserviceaccount.com"...
module.terraform-export-projects-PROJECTID-IAMServiceAccount.google_service_account.PROJECTID: Import prepared!
Prepared google_service_account for import
module.terraform-export-projects-PROJECTID-IAMServiceAccount.google_service_account.PROJECTID: Refreshing state... [id=projects/PROJECTID/serviceAccounts/some_service_account@PROJECTID.iam.gserviceaccount.com]
╷
│ Error: Cannot import non-existent remote object
│
│ While attempting to import an existing object to "module.terraform-export-projects-PROJECTID-IAMServiceAccount.google_service_account.PROJECTID", the provider detected that no object exists with the given id. Only
│ pre-existing objects can be imported; check that the id is correct and that it is associated with the provider's configured region or endpoint, or use "terraform apply" to create a new remote object for this resource.
╵
调用terraform -v显示以下版本:
Terraform v1.2.1
on darwin_amd64
+ provider registry.terraform.io/hashicorp/google_v4.22.0
- 如何解决这些错误?
- 将修复
google_logging_log_sink错误也允许第二次失败命令是否成功?
我已经寻找了google_logging_log_sink资源的一些文档,但没有找到,所以不知道我是否需要为其他资源名称更改它。我也认为我的terraformCLI和谷歌提供商版本应该工作。我找不到gcloud导出项目的格式版本。
截至2022年6月,没有修复! 允许您使用Google Cloud的Terraform批量导出工具的配置连接器需要这个修复。在未来的版本中,您可以期望修复此问题。
目前的简单解决方案是忽略仅用于google_logging_log_sink资源的Terraform Export并将其删除。
我用google_logging_project_sink代替google_logging_log_sink修复了这个问题-参见https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/logging_project_sink