Terraform删除旧的AWS Lambda图层版本,而不是创建新版本
我创建了一个AWS Lambda层,并创建了将其部署到AWS的地形代码。我希望每次创建层的新版本时,它都作为新版本部署,而不删除旧版本。然而现在它却做了相反的事情,只是添加了新版本,但删除了旧版本。如何改变它 这是我的地形代码Terraform删除旧的AWS Lambda图层版本,而不是创建新版本,terraform,terraform-provider-aws,Terraform,Terraform Provider Aws,我创建了一个AWS Lambda层,并创建了将其部署到AWS的地形代码。我希望每次创建层的新版本时,它都作为新版本部署,而不删除旧版本。然而现在它却做了相反的事情,只是添加了新版本,但删除了旧版本。如何改变它 这是我的地形代码 provider "aws" { region = "eu-central-1" } resource "aws_s3_bucket_object" "object_lambda_common_layer" { bucket = "tm-bamboo-deplo
provider "aws" {
region = "eu-central-1"
}
resource "aws_s3_bucket_object" "object_lambda_common_layer" {
bucket = "tm-bamboo-deploys"
key = "lambda/layers/lambda_common_layer/lambda_common_layer_${data.archive_file.layer_zip_lambda_common_layer.output_base64sha256}.zip"
source = "${data.archive_file.layer_zip_lambda_common_layer.output_path}"
etag = "${data.archive_file.layer_zip_lambda_common_layer.output_md5}"
depends_on = [
"data.archive_file.layer_zip_lambda_common_layer"]
}
data "archive_file" "layer_zip_lambda_common_layer" {
type = "zip"
source_dir = "../../src"
output_path = "../../lambda_common_layer.zip"
}
resource "aws_lambda_layer_version" "lambda_common_layer" {
layer_name = "lambda_common_layer"
s3_bucket = "${aws_s3_bucket_object.object_lambda_common_layer.bucket}"
s3_key = "${aws_s3_bucket_object.object_lambda_common_layer.key}"
s3_object_version = "${aws_s3_bucket_object.object_lambda_common_layer.version_id}"
source_code_hash = "${data.archive_file.layer_zip_lambda_common_layer.output_base64sha256}"
description = "Common layer providing logging"
compatible_runtimes = ["python3.6"]
}
terraform {
backend "s3" {
bucket = "tfstate-dev-tm"
region = "eu-central-1"
key = "service/lambda/layers/lambda_common_layer.tfenv"
dynamodb_table = "terraform_locks"
}
}
地形图
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
data.archive_file.layer_zip_lambda_common_layer: Refreshing state...
aws_s3_bucket_object.object_lambda_common_layer: Refreshing state... (ID: lambda/layers/lambda_common_layer/lambda_common_layer.zip)
aws_lambda_layer_version.lambda_common_layer: Refreshing state... (ID: arn:aws:lambda:eu-central-1:XXXXXXXXXXXX:layer:lambda_common_layer:12)
------------------------------------------------------------------------
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement
Terraform will perform the following actions:
-/+ aws_lambda_layer_version.lambda_common_layer (new resource required)
id: "arn:aws:lambda:eu-central-1:XXXXXXXXXXXX:layer:lambda_common_layer:12" => <computed> (forces new resource)
arn: "arn:aws:lambda:eu-central-1:XXXXXXXXXXXX:layer:lambda_common_layer" => <computed>
compatible_runtimes.#: "1" => "1"
compatible_runtimes.4000986591: "python3.6" => "python3.6"
created_date: "2019-02-12T11:09:19.948+0000" => <computed>
description: "Common layer providing logging" => "Common layer providing logging"
layer_arn: "arn:aws:lambda:eu-central-1:XXXXXXXXXXXX:layer:lambda_common_layer:12" => <computed>
layer_name: "lambda_common_layer" => "lambda_common_layer"
s3_bucket: "tm-bamboo-deploys" => "tm-bamboo-deploys"
s3_key: "lambda/layers/lambda_common_layer/lambda_common_layer.zip" => "lambda/layers/lambda_common_layer/lambda_common_layer_tjn78HvsQ6vIUKxcXg+jnawPvwxyCgflesbNwz8o1Xc=.zip" (forces new resource)
s3_object_version: "" => "${aws_s3_bucket_object.object_lambda_common_layer.version_id}" (forces new resource)
source_code_hash: "tjn78HvsQ6vIUKxcXg+jnawPvwxyCgflesbNwz8o1Xc=" => "tjn78HvsQ6vIUKxcXg+jnawPvwxyCgflesbNwz8o1Xc="
source_code_size: "350" => <computed>
version: "12" => <computed>
-/+ aws_s3_bucket_object.object_lambda_common_layer (new resource required)
id: "lambda/layers/lambda_common_layer/lambda_common_layer.zip" => <computed> (forces new resource)
acl: "private" => "private"
bucket: "tm-bamboo-deploys" => "tm-bamboo-deploys"
content_type: "binary/octet-stream" => <computed>
etag: "d14b146b3478f1cdfa0dee3ada2fe79c" => "484a7fe7ce87c8c88ca5bf038b6bd426"
key: "lambda/layers/lambda_common_layer/lambda_common_layer.zip" => "lambda/layers/lambda_common_layer/lambda_common_layer_tjn78HvsQ6vIUKxcXg+jnawPvwxyCgflesbNwz8o1Xc=.zip" (forces new resource)
server_side_encryption: "" => <computed>
source: "../../lambda_common_layer.zip" => "../../lambda_common_layer.zip"
storage_class: "STANDARD" => <computed>
version_id: "" => <computed>
Plan: 2 to add, 0 to change, 2 to destroy.
------------------------------------------------------------------------
Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.
在计划之前刷新内存中的地形状态。。。
刷新状态将用于计算此计划,但不会更改
持久化到本地或远程状态存储。
data.archive\u file.layer\u zip\u lambda\u common\u层:刷新状态。。。
aws_s3_bucket_object.object_lambda_common_图层:刷新状态。。。(ID:lambda/layers/lambda_common_layer/lambda_common_layer.zip)
aws_lambda_layer_version.lambda_common_layer:刷新状态。。。(ID:arn:aws:lambda:eu-central-1:XXXXXXXXXX:layer:lambda\u common\u layer:12)
------------------------------------------------------------------------
已生成执行计划,如下所示。
资源操作用以下符号表示:
-/+销毁然后创建替换
Terraform将执行以下操作:
-/+aws_lambda_layer_version.lambda_common_layer(需要新资源)
id:“arn:aws:lambda:eu-central-1:xxxxxxxxxx:layer:lambda_common_layer:12”=>(强制新资源)
arn:“arn:aws:lambda:eu-central-1:XXXXXXXXXXXXX:layer:lambda\u common\u layer”=>
兼容的运行时。#::“1”=>“1”
compatible_runtimes.4000986591:“python3.6”=>“python3.6”
创建日期:“2019-02-12T11:09:19.948+0000”=>
description:“提供日志记录的公共层”=>“提供日志记录的公共层”
图层:arn:aws:lambda:eu-central-1:xxxxxxxxxxx:layer:lambda\u common\u图层:12“=>
层名称:“lambda\u公共层”=>“lambda\u公共层”
s3_水桶:“tm竹部署”=>“tm竹部署”
s3_键:“lambda/layers/lambda_common_layer/lambda_common_layer.zip”=>“lambda/layers/lambda_common_layer/lambda_common_layer\tjn78HvsQ6vIUKxcXg+jnawPvwxyCgflesbNwz8o1Xc=.zip”(强制新资源)
s3\u对象\u版本:“=>”${aws\u s3\u bucket\u object.object\u lambda\u common\u layer.version\u id}”(强制新资源)
源代码散列:“tjn78hvsq6viukxcg+jnawPvwxyCgflesbNwz8o1Xc=“=>”tjn78hvsq6viukxcg+jnawPvwxyCgflesbNwz8o1Xc=”
源代码大小:“350”=>
版本:“12”=>
-/+aws_s3_bucket_object.object_lambda_common_layer(需要新资源)
id:“lambda/layers/lambda_common_layer/lambda_common_layer.zip”=>(强制新资源)
acl:“专用”=>“专用”
水桶:“tm竹部署”=>“tm竹部署”
内容类型:“二进制/八位字节流”=>
etag:“D14B14B3478F1CDFA0DEE3ADA2FE79C”=>“484a7fe7ce87c8c88ca5bf038b6bd426”
关键字:“lambda/layers/lambda_common_layer/lambda_common_layer.zip”=>“lambda/layers/lambda_common_layer/lambda_common_layer\tjn78HvsQ6vIUKxcXg+jnawPvwxyCgflesbNwz8o1Xc=.zip”(强制新资源)
服务器端加密:“”=>
来源:“../../lambda\u common\u layer.zip”=>。/../lambda\u common\u layer.zip”
存储类:“标准”=>
版本号:“”=>
计划:2添加,0更改,2销毁。
------------------------------------------------------------------------
注意:您没有指定“-out”参数来保存此平面,因此Terraform
无法保证在以下情况下执行这些操作:
“地形应用”随后运行。
这是地形的预期行为。它跟踪状态和模块。如果它看到任何需要从提供程序强制重新创建的更改,它将销毁旧的更改并创建新的更改
如果您想保留旧的,还可以创建一个新的,我建议您在使用dynamoDb和S3 bucket维护tfstate时,更改terraform块中的键
,然后手动维护您创建的所有lambda层的版本。将来如果您想销毁任何版本,只需使用用于创建lambda层的密钥并运行terraform destroy
例如:
第一次使用时:
terraform {
backend "s3" {
bucket = "tfstate-dev-tm"
region = "eu-central-1"
key = "service/lambda/layers/lambda_common_layer_v1.tfstate"
dynamodb_table = "terraform_locks"
}
}
第二次,当您想要创建新的lambda层时,将地形更改为:
terraform {
backend "s3" {
bucket = "tfstate-dev-tm"
region = "eu-central-1"
key = "service/lambda/layers/lambda_common_layer_v2.tfstate"
dynamodb_table = "terraform_locks"
}
}
现在,它将创建一个新的lambda层。要删除旧lambda层后,可以再次执行以下操作:
terraform {
backend "s3" {
bucket = "tfstate-dev-tm"
region = "eu-central-1"
key = "service/lambda/layers/lambda_common_layer_v1.tfstate"
dynamodb_table = "terraform_locks"
}
}
然后运行terraformdestroy
,它将删除您的旧lambda层
我看到的唯一问题是,如果您更改了实际提供资源的核心模块,那么当您实际销毁旧版本的lambda层时,可能会产生问题。如果可能的话,您可以尝试复制terraform并将版本分配给实际的terraform文件,而不是terraform后端密钥,这样您就可以稍后销毁该响应,而不会出现任何问题,因为您将拥有原始的terraform文件版本,它实际上是通过该版本创建的。希望这能有所帮助。你能分享计划的成果吗?是的,我在帖子中加了一句。我不知道你是否见过@ClydeBarrow,但Terraform repo上仍有关于这个问题的问题。还有一个公关在等着你。也许你可以鼓励作者完成修改?:]不幸的是,这并不能帮助我们保持一切自动化,由CIMaybe完成。您可以跟踪此问题,然后:查看此处:。也许您可以使用此命令从CI运行,以从terraform sta中删除状态dat