terraform plan/apply 想要创建导入的资源？

Question

这可能与Terraform plan wants to destroy imported RDS resource 有关，尽管在我的例子中，terraform 想要创建一个导入的资源。

我有以下目录结构

aws/spot-fleets/jenkins/main.tf,variables.tf
aws/vpc/sandbox.tf,variables.tf

我有aws/vpc/sandbox.tf

provider "aws" {
  region = var.region
}

terraform {
  backend "s3" {
    bucket = "terraform-remote-states"
    key    = "vpc/terraform.tfstate"
    region = "us-east-1"
  }
}

resource "aws_vpc" "sandbox_vpc" {
  assign_generated_ipv6_cidr_block = var.assign_generated_ipv6_cidr_block
  cidr_block = var.cidr_block["sandbox"]
#  default_network_acl_id = var.default_network_acl_id["sandbox"]
#  default_route_table_id = var. default_route_table_id["sandbox"]
#  default_security_group_id = var.default_security_group_id["sandbox"]
#  dhcp_options_id = var.dhcp_options_id["sandbox"]
  enable_classiclink = var.enable_classiclink
  enable_classiclink_dns_support = var.enable_classiclink_dns_support
  enable_dns_hostnames = var.enable_dns_hostnames
  enable_dns_support = var.enable_dns_support
  instance_tenancy = var.instance_tenancy
#  ipv6_association_id = var.ipv6_association_id
#  ipv6_cidr_block = var.ipv6_cidr_block["sandbox"]
#  main_route_table_id = var.main_route_table_id["sandbox"]
#  owner_id = var.owner_id["sandbox"]
  tags = {
    Environment = var.tag_environment["sandbox"]
    Name = var.tag_name["sandbox"]
    Product = var.tag_product
  }
}

output "sandbox_vpc_id" {
  value = aws_vpc.sandbox_vpc.id
}

在aws/vpc 然后我做一个...

$ terraform import aws_vpc.sandbox_vpc vpc-1234

然后这个，所以我知道导入成功了！

$ terraform show
# aws_vpc.sandbox_vpc:
resource "aws_vpc" "sandbox_vpc" {
    arn                              = "arn:...."
    assign_generated_ipv6_cidr_block = false
    cidr_block                       = "10.x.x.x/16"
    default_network_acl_id           = "acl-1234"
    default_route_table_id           = "rtb-1234"
    default_security_group_id        = "sg-1234"
    dhcp_options_id                  = "dopt-1234"
    enable_classiclink               = false
    enable_classiclink_dns_support   = false
    enable_dns_hostnames             = true
    enable_dns_support               = true
    id                               = "vpc-1234"
    instance_tenancy                 = "default"
    main_route_table_id              = "rtb-1234"
    owner_id                         = "123456789"
    tags                             = {
        "Environment" = "sandbox"
        "Name"        = "Sandbox VPC"
        "Product"     = "Company"
    }
}

现在在我的aws/spot-fleets/jenkins/main.tf，我有

provider "aws" {
  region = var.region
}

terraform {
  backend "s3" {
    bucket = "terraform-remote-states"
    key    = "jenkins/terraform.tfstate"
    region = "us-east-1"
  }
}

module "vpc" {
  source     = "../../vpc"
}

resource "aws_spot_fleet_request" "jenkins_fleet" {
  // some key/value pairs
}

然后我做一个terraform get，它会得到vpc状态吗？但是当我在 ``aws/spot-fleets/jenkins` 目录中执行此操作时

$ terraform plan
# aws_spot_fleet_request.jenkins_fleet will be created
+ resource "aws_spot_fleet_request" "jenkins_fleet" {
  // some key/value pairs
}

# module.vpc.aws_vpc.sandbox_vpc will be created
+ resource "aws_vpc" "sandbox_vpc" {
  // some key/value pairs
}

为什么要尝试创建 sandbox_vpc 资源？如何防止 terraform 创建它？

Answer 1

好吧，我在this Terraform Github issue 中间接找到了答案。在我的aws/spot-fleets/jenkins 目录中运行的命令是

$ terraform import module.vpc.aws_vpc.sandbox_vpc vpc-1234