I would like to import the pre-installed ELB which is not made by Terraform.
As far as I know, provisioned EC2s (not created by Terraform) are modified with no problems.
Please refer to: https://www.youtube.com/watch?v=Abv3CHS4HTE
All I want to know is to enable provisioned ELB with the Access logs.
(* I don’t want to provision a new ELB)
Following is the code I run.
data "aws_elb_service_account" "main" {}
resource "aws_s3_bucket" "elb_logs" {
bucket = "<BucketName>"
acl = "private"
policy = <<POLICY
{
"Id": "Policy",
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:PutObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::<BucketName>/AWSLogs/*",
"Principal": {
"AWS": [
"${data.aws_elb_service_account.main.arn}"
]
}
}
]
}
POLICY
}
resource "aws_lb" "foobar" {
arn = "arn:aws:elasticloadbalancing:ap-northeast-1:<AccountName>:loadbalancer/app/<ELBName>/7c6a359c72a9a02e"
name = "<ELBName>"
internal = false
load_balancer_type = "application"
subnets = [
"<Subnet-1Name>",
"<Subnet-2Name>",
]
access_logs {
bucket = "${aws_s3_bucket.elb_logs.bucket}"
}
}
2
Answers
You need to import the existing load balancer into the terraform state:
(replace LB_ARN with the ARN of the load balancer).
You first need to import the resource in Terraform.
In your case for ELB, first, create a terraform resource block for ELB like this-
And, Import the resource using the command-
terraform import aws_elb.test test_elbIt’ll create terraform statefile. You can confirm the state using
terraform state listcommand.Now use the config from the state file in your resource block to exactly match the remote resource state.
Do
terraform planto check.That’s all, Now make any change in your resource block. Your resource is now managed by terraform.