使用Terraform导入Azure上的现有资源
我在Azure上有一个现有的资源组,其中运行着一个VM,并且一直在使用Terraform尝试将资源导入到我的状态文件中 我已经建立了一个框架文件,据我所知,一旦导入TF,就应该用Azure中我的资源组上的值填充它使用Terraform导入Azure上的现有资源,azure,azure-virtual-machine,terraform,terraform-provider-azure,Azure,Azure Virtual Machine,Terraform,Terraform Provider Azure,我在Azure上有一个现有的资源组,其中运行着一个VM,并且一直在使用Terraform尝试将资源导入到我的状态文件中 我已经建立了一个框架文件,据我所知,一旦导入TF,就应该用Azure中我的资源组上的值填充它 resource "azurerm" "example" { # ...instance configuration... name = "MyResourceGroup" } 我正在从CLI运行的命令: terraform import azurerm_resource_gr
resource "azurerm" "example" {
# ...instance configuration...
name = "MyResourceGroup"
}
我正在从CLI运行的命令:
terraform import azurerm_resource_group.MyResourceGroup/subscriptions/MySubscriptionNumber/resourceGroups/MyResourceGroup
来自Terraform的消息:
The import command expects two arguments.
Usage: terraform import [options] ADDR ID
Import existing infrastructure into your Terraform state.
This will find and import the specified resource into your Terraform
state, allowing existing infrastructure to come under Terraform
management without having to be initially created by Terraform.
The ADDR specified is the address to import the resource to. Please
see the documentation online for resource addresses. The ID is a
resource-specific ID to identify that resource being imported. Please
reference the documentation for the resource type you're importing to
determine the ID syntax to use. It typically matches directly to the ID
that the provider uses.
The current implementation of Terraform import can only import resources
into the state. It does not generate configuration. A future version of
Terraform will also generate configuration.
Because of this, prior to running terraform import it is necessary to write
a resource configuration block for the resource manually, to which the
imported object will be attached.
This command will not modify your infrastructure, but it will make
network requests to inspect parts of your infrastructure relevant to
the resource being imported.
Options:
-backup=path Path to backup the existing state file before
modifying. Defaults to the "-state-out" path with
".backup" extension. Set to "-" to disable backup.
-config=path Path to a directory of Terraform configuration files
to use to configure the provider. Defaults to pwd.
If no config files are present, they must be provided
via the input prompts or env vars.
-allow-missing-config Allow import when no resource configuration block exists.
-input=true Ask for input for variables if not directly set.
-lock=true Lock the state file when locking is supported.
-lock-timeout=0s Duration to retry a state lock.
-no-color If specified, output won't contain any color.
-provider=provider Specific provider to use for import. This is used for
specifying aliases, such as "aws.eu". Defaults to the
normal provider prefix of the resource being imported.
-state=PATH Path to the source state file. Defaults to the configured
backend, or "terraform.tfstate"
-state-out=PATH Path to the destination state file to write to. If this
isn't specified, the source state file will be used. This
can be a new or existing path.
-var 'foo=bar' Set a variable in the Terraform configuration. This
flag can be set multiple times. This is only useful
with the "-config" flag.
-var-file=foo Set variables in the Terraform configuration from
a file. If "terraform.tfvars" or any ".auto.tfvars"
files are present, they will be automatically loaded.
非常感谢的任何帮助看起来您需要先修复脚本文件-
azurerm
不是有效的资源名称,您的意思是:
resource "azurerm_resource_group" "example" {
# ...instance configuration...
name = "MyResourceGroup"
}
如输出所示,
import
需要两个参数,ADDR
和ID
-您只传递(我假设是)ID。您还需要告诉terraform它映射到脚本中的哪个资源:
terraform import azurerm_resource_group.example \
/subscriptions/MySubscriptionNumber/resourceGroups/MyResourceGroup
当我复制您的CLI时,我会得到与您相同的结果 在
azurerm\u resource\u group.MyResourceGroup
和/subscriptionnumber/resourceGroups/MyResourceGroup
之间,它需要一个空格。
正确的格式如下:
terraform import azurerm_resource_group.MyResourceGroup /subscriptions/MySubscriptionNumber/resourceGroups/MyResourceGroup
有关这方面的更多信息,请参阅此。使用Terraform Azure provider v1.16.0,我收到一条“无法解析Azure ID”错误消息:
terraform import azurerm_network_security_group.myterraformnsg "subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg"
azurerm_network_security_group.myterraformnsg: Importing from ID "subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg"...
azurerm_network_security_group.myterraformnsg: Import complete!
Imported azurerm_network_security_group (ID: subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg)
azurerm_network_security_group.myterraformnsg: Refreshing state... (ID: subscriptions/ef37d4b2-686a-494a-9001-5.../networkSecurityGroups/test-nsg)
Error: azurerm_network_security_group.myterraformnsg (import id: subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg): 1 error(s) occurred:
* import azurerm_network_security_group.myterraformnsg result: subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg: azurerm_network_security_group.myterraformnsg: Cannot parse Azure ID: parse subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg: invalid URI for request
terraform import azurerm\u network\u security\u group.myterraformnsg“订阅//资源组/test/providers/Microsoft.network/networkSecurityGroups/test nsg”
azurerm_网络安全组.myterraformnsg:从ID“订阅//resourceGroups/test/providers/Microsoft.network/networkSecurityGroups/test nsg”导入。。。
azurerm_网络安全组。myterraformnsg:导入完成!
导入的azurerm\u网络安全组(ID:subscriptions//resourceGroups/test/providers/Microsoft.network/networkSecurityGroups/test nsg)
azurerm_网络安全组。myterraformnsg:正在刷新状态。。。(ID:subscriptions/ef37d4b2-686a-494a-9001-5…/网络安全组/测试nsg)
错误:azurerm\u network\u security\u group.myterraformnsg(导入id:订阅//resourceGroups/test/providers/Microsoft.network/networkSecurityGroups/test nsg):发生1个错误:
*导入azurerm_网络安全组。myterraformnsg结果:订阅//resourceGroups/test/providers/Microsoft.network/networkSecurityGroups/test-nsg:azurerm_网络安全组。myterraformnsg:无法解析Azure ID:解析订阅//resourceGroups/test/providers/Microsoft.network/networkSecurityGroups/test-nsg:的URI无效要求
查看Azure提供商源代码后,我发现您需要输入Azure资源的完整URL-如下所示:
terraform import azurerm_network_security_group.myterraformnsg "https://portal.azure.com/<id>/resource/subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg"
azurerm_network_security_group.myterraformnsg: Importing from ID "https://portal.azure.com/<id>/resource/subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg"...
azurerm_network_security_group.myterraformnsg: Import complete!
Imported azurerm_network_security_group (ID: https://portal.azure.com/<id>/resource/subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg)
azurerm_network_security_group.myterraformnsg: Refreshing state... (ID: https://portal.azure.com/<id>/networkSecurityGroups/test-nsg)
Import successful!
The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.
terraform导入azurerm\u网络安全组.myterraformnsg”https://portal.azure.com//resource/subscriptions//resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg"
azurerm_网络安全组.myterraformnsg:从ID导入”https://portal.azure.com//resource/subscriptions//resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg"...
azurerm_网络安全组。myterraformnsg:导入完成!
导入的azurerm\u网络\u安全\u组(ID:https://portal.azure.com//resource/subscriptions//resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg)
azurerm_网络安全组。myterraformnsg:正在刷新状态。。。(ID:https://portal.azure.com//networkSecurityGroups/test-nsg)
导入成功!
上面显示了导入的资源。这些资源现已投入使用
你的地球形态状态将由地球形态管理。
不幸的是,导入只会更新地形状态
它将(尚未)更新配置文件
这使得导入功能不那么有用,我想。谢谢,@Ben-我不熟悉Azure的细节-忽略了名称的那部分是TF bitbasics…谢谢…我们仍然需要更好的terraform文档。在动态和快速交互方面。文档中的链接应该更加活跃。指向此线程可能是一个选项(:这解决了我在windows中的问题。它看起来像是试图引入整个路径(例如,
c:\programfiles\…
)