我有一个模块要创建s3,从模块中我创建了一个桶,在aws中我手动创建了另一个桶,我试图导入它。
main.tf - of the module that is called "s3"
resource "aws_s3_bucket" "s3" {
count = var.create_bucket && length(var.s3_bucket_names) > 0 ? length(var.s3_bucket_names) : 0
bucket = "${var.s3_bucket_names[count.index]}-bucket"
force_destroy = var.force_destroy
}
resource "aws_s3_bucket_public_access_block" "s3_access" {
count = var.create_bucket && length(var.s3_bucket_names) > 0 ? length(var.s3_bucket_names) : 0
bucket = aws_s3_bucket.s3[count.index].id
block_public_acls = var.block_public_acls
block_public_policy = var.block_public_policy
ignore_public_acls = var.ignore_public_acls
restrict_public_buckets = var.restrict_public_buckets
}
main.tf
module "s3" {
count = var.create_bucket ? 1 : 0
source = "./modules/s3"
s3_bucket_names = var.s3_bucket_names
create_bucket = var.create_bucket
force_destroy = var.force_destroy
block_public_acls = var.block_public_acls
block_public_policy = var.block_public_policy
ignore_public_acls = var.ignore_public_acls
restrict_public_buckets = var.restrict_public_buckets
}
在我的tfvar中有我最初创建的s3,我认为我想要导入的新s3应该添加到tfvar中…
tfvars
create_bucket = true
s3_bucket_names = [
"my-k-frontend-test",
"my-k-frontend-test-2"
]
block_public_acls = true
block_public_policy = true
ignore_public_acls = true
restrict_public_buckets = true
然后我运行命令导入,它说正确完成了…
$ terraform import -var-file=test.tfvars module.s3.aws_s3_bucket.s3 my-k-frontend-test-2-bucket
data.aws_subnet.subnets_id["subnet-xxxxxxxxxx"]: Read complete after 1s [id=subnet-xxxxxxxxxx]
data.aws_subnet.subnets_id["subnet-xxxxxxxxxx"]: Read complete after 1s [id=subnet-xxxxxxx]
data.aws_subnet.subnets_id["subnet-xxxxxxxxx"]: Read complete after 1s [id=subnet-xxxxxxxx]
Import successful!
The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.
但是当执行计划时,它好像还没有在状态文件中..
data.aws_subnet.subnets_id["subnet-xxxxxx"]: Read complete after 1s [id=subnet-xxxxx]
data.aws_subnet.subnets_id["subnet-xxxxxxx"]: Read complete after 1s [id=subnet-xxxxxx]
module.s3[0].aws_s3_bucket_public_access_block.s3_access[0]: Refreshing state... [id=my-k-frontend-test-2-bucket]
Plan: 2 to add, 0 to change, 0 to destroy.
是my-k-front -test-2 bucket的aws_s3_bucket和aws_s3_bucket_public_access_block资源。
我觉得奇怪的是在plan中它确实显示了s3模块但在import中它只显示了项目中的数据
*当我创建s3时,我通过模块添加后缀-bucket,所以在导入时,我使用它在aws中创建的全名,它也具有后缀-bucket
在没有看到所有输出的情况下,我认为问题在于您已经在状态文件中导入了手动创建的桶到terrform创建的桶之上。(你可以自己打开并检查状态文件,看看发生了什么,它是JSON)。
为了得出这个结论,我假设my-k-frontend-test-bucket是您使用TF创建的桶,而my-k-frontend-test-2-bucket是您手动创建的桶。
要正确导入它,您需要正确索引到bucket资源列表中:
$ terraform import -var-file=test.tfvars module.s3[0].aws_s3_bucket.s3[1] my-k-frontend-test-2-bucket
^^^
Note the indexing here
aws_s3_bucket.s3资源被创建为一个列表,而不是一个单独的项目,因为您已经使用count参数指定了它。
您可能还需要将tf创建的原始bucket导入到该列表的第一个槽中。