我有一个variables.tf文件,它包含以下内容:
variable "thing_configuration_set" {
default = {
"name" = "customer1"
"projects" = [
{
"name" = "project1"
"things" = [
{
"name" = "device1"
"fw_version" = "1.0"
"fw_type" = "generic_device"
"thing_type" = "default_device"
}
]
}
]
}
}
variable "iot_policy" {
type = string
sensitive = true
}
locals {
customer_list = distinct(flatten([for idx, customer in var.thing_configuration_set :
{
"customer" : customer.name
}
]))
project_list = distinct(flatten([for idx, customer in var.thing_configuration_set :
flatten([for project_idx, project in customer.projects :
{
"customer" = customer.name
"project" = project.name
}
])
]))
thing_list = flatten([for idx, customer in var.thing_configuration_set :
flatten([for project_idx, project in customer.projects :
flatten([for thing in project.things :
{
"customer" = customer.name
"project" = project.name
"thing" = thing
}
])
])
])
thing_types = distinct(flatten([for idx, record in local.thing_list :
{
"thing_type" = record.thing.thing_type
}]))
iot_policy_json = base64decode(var.iot_policy)
}
然后是另一个tf文件,它定义了在aws中设置IoT所需的所有资源:
resource "aws_iot_thing_group" "customer" {
for_each = { for idx, record in local.customer_list : idx => record }
name = each.value.customer
}
resource "aws_iot_thing_group" "project" {
for_each = { for idx, record in local.project_list : idx => record }
name = each.value.project
parent_group_name = each.value.customer
}
resource "aws_iot_thing" "thing" {
for_each = { for idx, record in local.thing_list : idx => record }
name = "${each.value.customer}_${each.value.project}_${each.value.thing.name}"
attributes = {
bms_fw_version = each.value.thing.bms_fw_version
bms_type = each.value.thing.bms_fw_type
}
thing_type_name = each.value.thing.thing_type
}
resource "aws_iot_thing_group_membership" "thing_group_membership" {
for_each = { for idx, record in local.thing_list : idx => record }
thing_name = "${each.value.customer}_${each.value.project}_${each.value.thing.name}"
thing_group_name = each.value.project
}
resource "aws_iot_thing_type" "thing_type" {
for_each = { for idx, record in local.thing_types : idx => record }
name = "${each.value.thing_type}"
}
resource "aws_iot_certificate" "things_cert" {
active = true
}
resource "aws_iot_thing_principal_attachment" "cert_attachment" {
for_each = { for idx, record in local.thing_list : idx => record }
principal = aws_iot_certificate.things_cert.arn
thing = aws_iot_thing.thing[each.key].name
}
resource "aws_iot_policy" "policy" {
name = "connect_subscribe_publish_any"
policy = local.iot_policy_json
}
resource "aws_iot_policy_attachment" "thing_policy_attachment" {
policy = aws_iot_policy.tf_policy.name
target = aws_iot_certificate.things_cert.arn
}
由于我们在AWS中已经有相当多的资源,我尝试导入它们。但当我执行terraform plan时,它仍然希望创建这些"成功"导入的资源。
例如:
terraform import aws_iot_thing_group.customer Customer1
将返回:
Import successful!
The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.
如果我运行terraform plan,它仍然会列出它将创建这个客户:
# aws_iot_thing_group.customer["0"] will be created
+ resource "aws_iot_thing_group" "customer" {
+ arn = (known after apply)
+ id = (known after apply)
+ metadata = (known after apply)
+ name = "Customer1"
+ tags_all = (known after apply)
+ version = (known after apply)
}
我做错了什么?这是地形中的虫子吗?
根据我所看到的(对terraform来说非常新(,只有当你直接定义资源时,这种状态才有效,而没有任何生成的东西(比如每个等等(。
根据@luk2302(h/t(注释和文档[1],正确的导入命令是(因为它在PowerShell中运行(:
terraform import 'aws_iot_thing_group.customer["0"]' Customer1
[1]https://developer.hashicorp.com/terraform/cli/commands/import#example-导入到资源配置中—每个都有