我创建了一个AWS Lambda层,并创建了将其部署到AWS的terraform代码。我希望每次创建层的新版本时都将其部署为新版本而不删除旧版本。但是现在它却相反,只是添加了新版本而删除了旧版本。怎么改变呢?
这是我的Terraform代码
provider "aws" {
region = "eu-central-1"
}
resource "aws_s3_bucket_object" "object_lambda_common_layer" {
bucket = "tm-bamboo-deploys"
key = "lambda/layers/lambda_common_layer/lambda_common_layer_${data.archive_file.layer_zip_lambda_common_layer.output_base64sha256}.zip"
source = "${data.archive_file.layer_zip_lambda_common_layer.output_path}"
etag = "${data.archive_file.layer_zip_lambda_common_layer.output_md5}"
depends_on = [
"data.archive_file.layer_zip_lambda_common_layer"]
}
data "archive_file" "layer_zip_lambda_common_layer" {
type = "zip"
source_dir = "../../src"
output_path = "../../lambda_common_layer.zip"
}
resource "aws_lambda_layer_version" "lambda_common_layer" {
layer_name = "lambda_common_layer"
s3_bucket = "${aws_s3_bucket_object.object_lambda_common_layer.bucket}"
s3_key = "${aws_s3_bucket_object.object_lambda_common_layer.key}"
s3_object_version = "${aws_s3_bucket_object.object_lambda_common_layer.version_id}"
source_code_hash = "${data.archive_file.layer_zip_lambda_common_layer.output_base64sha256}"
description = "Common layer providing logging"
compatible_runtimes = ["python3.6"]
}
terraform {
backend "s3" {
bucket = "tfstate-dev-tm"
region = "eu-central-1"
key = "service/lambda/layers/lambda_common_layer.tfenv"
dynamodb_table = "terraform_locks"
}
}
地形计划
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
data.archive_file.layer_zip_lambda_common_layer: Refreshing state...
aws_s3_bucket_object.object_lambda_common_layer: Refreshing state... (ID: lambda/layers/lambda_common_layer/lambda_common_layer.zip)
aws_lambda_layer_version.lambda_common_layer: Refreshing state... (ID: arn:aws:lambda:eu-central-1:XXXXXXXXXXXX:layer:lambda_common_layer:12)
------------------------------------------------------------------------
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement
Terraform will perform the following actions:
-/+ aws_lambda_layer_version.lambda_common_layer (new resource required)
id: "arn:aws:lambda:eu-central-1:XXXXXXXXXXXX:layer:lambda_common_layer:12" => <computed> (forces new resource)
arn: "arn:aws:lambda:eu-central-1:XXXXXXXXXXXX:layer:lambda_common_layer" => <computed>
compatible_runtimes.#: "1" => "1"
compatible_runtimes.4000986591: "python3.6" => "python3.6"
created_date: "2019-02-12T11:09:19.948+0000" => <computed>
description: "Common layer providing logging" => "Common layer providing logging"
layer_arn: "arn:aws:lambda:eu-central-1:XXXXXXXXXXXX:layer:lambda_common_layer:12" => <computed>
layer_name: "lambda_common_layer" => "lambda_common_layer"
s3_bucket: "tm-bamboo-deploys" => "tm-bamboo-deploys"
s3_key: "lambda/layers/lambda_common_layer/lambda_common_layer.zip" => "lambda/layers/lambda_common_layer/lambda_common_layer_tjn78HvsQ6vIUKxcXg+jnawPvwxyCgflesbNwz8o1Xc=.zip" (forces new resource)
s3_object_version: "" => "${aws_s3_bucket_object.object_lambda_common_layer.version_id}" (forces new resource)
source_code_hash: "tjn78HvsQ6vIUKxcXg+jnawPvwxyCgflesbNwz8o1Xc=" => "tjn78HvsQ6vIUKxcXg+jnawPvwxyCgflesbNwz8o1Xc="
source_code_size: "350" => <computed>
version: "12" => <computed>
-/+ aws_s3_bucket_object.object_lambda_common_layer (new resource required)
id: "lambda/layers/lambda_common_layer/lambda_common_layer.zip" => <computed> (forces new resource)
acl: "private" => "private"
bucket: "tm-bamboo-deploys" => "tm-bamboo-deploys"
content_type: "binary/octet-stream" => <computed>
etag: "d14b146b3478f1cdfa0dee3ada2fe79c" => "484a7fe7ce87c8c88ca5bf038b6bd426"
key: "lambda/layers/lambda_common_layer/lambda_common_layer.zip" => "lambda/layers/lambda_common_layer/lambda_common_layer_tjn78HvsQ6vIUKxcXg+jnawPvwxyCgflesbNwz8o1Xc=.zip" (forces new resource)
server_side_encryption: "" => <computed>
source: "../../lambda_common_layer.zip" => "../../lambda_common_layer.zip"
storage_class: "STANDARD" => <computed>
version_id: "" => <computed>
Plan: 2 to add, 0 to change, 2 to destroy.
------------------------------------------------------------------------
Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.
答案 0 :(得分:1)
这是terraform的预期行为。它跟踪状态和模块。如果发现需要提供者强制重新创建的任何更改,它将销毁旧的更改并创建新的更改。
如果您想保留旧的,也可以创建一个新的,我建议您使用dynamoDb和S3存储桶来保持tfstate的一件事是在Terraform块中更改key,然后手动进行维护您创建的所有lambda层的版本。将来,如果您想销毁任何版本,只需使用用于创建该lambda层并运行terraform destroy的密钥即可。
例如: 第一次使用:
terraform {
backend "s3" {
bucket = "tfstate-dev-tm"
region = "eu-central-1"
key = "service/lambda/layers/lambda_common_layer_v1.tfstate"
dynamodb_table = "terraform_locks"
}
}
然后第二次要创建新的lambda图层时,将地形更改为:
terraform {
backend "s3" {
bucket = "tfstate-dev-tm"
region = "eu-central-1"
key = "service/lambda/layers/lambda_common_layer_v2.tfstate"
dynamodb_table = "terraform_locks"
}
}
现在,它将创建一个新的lambda层。想要删除旧的lambda图层后,您可以再次执行以下操作:
terraform {
backend "s3" {
bucket = "tfstate-dev-tm"
region = "eu-central-1"
key = "service/lambda/layers/lambda_common_layer_v1.tfstate"
dynamodb_table = "terraform_locks"
}
}
并运行terraform destroy,它将删除您的旧lambda层。
我看到的唯一问题是,如果您更改实际上配置资源的核心模块,那么当您实际上销毁旧版本的lambda层时,它可能会产生问题。如果可能的话,您可以尝试复制terraform并将版本分配给实际的terraform文件而不是terraform后端密钥,这样您以后就可以销毁该响应而不会出现任何问题,因为您将拥有实际创建原始terraform文件的版本。希望这会有所帮助。