CLI tool to generate tf and tfstate files from existing infrastructure
(reverse Terraform).
- Disclaimer: This is not an official Google product.
- Status: beta - need improve documentations, bugs etc..
- Created by: Created by Waze SRE.
- Generate
tf+tfstatefiles from existing infrastructure for all supported objects by resource. - Remote state can be uploaded to a GCS bucket.
- Connect between resources with
terraform_remote_state(local and bucket). - Compatible with terraform 0.12 syntax.
- Save
tffiles with custom folder tree pattern.
Import current state to terraform configuration from google cloud
Usage:
import google [flags]
Flags:
-b, --bucket string gs://terraform-state
-c, --connect (default true)
-h, --help help for google
-o, --path-output string (default "generated")
-p, --path-patter string {output}/{provider}/custom/{service}/ (default "{output}/{provider}/{service}/")
-r, --resources strings firewalls,networks
-s, --state string local or bucket (default "local")
--projects strings
-z, --zone string
- Google cloud
- AWS
Readonly permissions
- Run
git clone <terraformer repo> - Run
GO111MODULE=on go mod vendor - Run
go build -v - Copy your Terraform provider's plugin(s) to
~/.terraform.d/plugins/{darwin,linux}_amd64, as appropriate.
Information on provider plugins: https://www.terraform.io/docs/configuration/providers.html
Example:
terraformer import google --resources=gcs,forwardingRules,httpHealthChecks --connect=true --zone=europe-west1-a --projects=aaa,fff
List of supported GCP services:
addressesautoscalersbackendBucketsbackendServicesdisksfirewallsforwardingRulesglobalAddressesglobalForwardingRuleshealthCheckshttpHealthCheckshttpsHealthChecksimages(bug: Either raw_disk or source_disk configuration is required.)instanceGroupManagersinstanceGroupsinstanceTemplatesinstancesnetworksregionAutoscalersregionBackendServicesregionDisksregionInstanceGroupManagersroutersroutessecurityPoliciessslPoliciessubnetworkstargetHttpProxies(bug with proxy_id uint64 issue)targetHttpsProxiestargetSslProxiestargetTcpProxiesurlMapsvpnTunnelsgcsmonitoringdnscloudsql(bug, bug)
Your tf and tfstate files are written by default to
generated/gcp/zone/service.
Example:
terraformer import aws --resources=vpc,subnet --connect=true --regions=eu-west-1
Import current State to terraform configuration from aws
Usage:
import aws [flags]
Flags:
-b, --bucket string gs://terraform-state
-c, --connect (default true)
-h, --help help for aws
-o, --path-output string (default "generated")
-p, --path-patter string {output}/{provider}/custom/{service}/ (default "{output}/{provider}/{service}/")
--regions strings eu-west-1,eu-west-2,us-east-1
-r, --resources strings vpc,subnet,nacl
-s, --state string local or bucket (default "local")
List of support AWS services:
elbalbauto_scalingrdsiamigwnacls3sgsubnetvpcvpn_connectionvpn_gatewayroute53elasticache
If you have improvements or fixes, we would love to have your contributions. Please read CONTRIBUTING.md for more information on the process we would like contributors to follow.
Process for generating tf + tfstate files:
- Call GCP/AWS/other api and get list of resources.
- Iterate over resources and take only ID (we don't need mapping fields!!!)
- Call to provider for readonly fields.
- Call to infrastructure and take tf + tfstate.
- Call to provider for refresh method and get all data.
- Convert refresh data to go struct.
- Generate HCL file -
tffiles. - Generate
tfstatefiles.
All mapping of resource is made by providers and Terraform. Upgrades are needed only for providers.
For GCP compute resources, use generated code from
gcp_terraforming/compute_resources/gcp_compute_code_generator.
To regenerate code:
go run gcp_terraforming/gcp_compute_code_generator/*.go