Skip to content
My Makerspace
Share
Explore
Blog

Unconventional use for Terraform

April 18, 2020
Sometimes terraform gets in the way when you're in the middle of a troubleshooting session and you need to change your infrastructure. Maybe there is another approach
The Long Path
Let's review what's on my TO DO this morning
TO DO:
1. Migrate Service to AWS


I am on the middle of moving a service to AWS, when suddenly, a wild TimeoutException appears on the logs. I just need to change the security group rules
TO DO:
1. Add Rule to Security Group
2. Migrate Service to AWS


wait, isn't that part of our Terraform
TO DO:
1. Update Terraform
2. Add Rule to Security Group
3. Migrate Service to AWS


but, we are not sure if this is even going to solve the timeout problem
The Short Path
Let's say we need to add a new rule to an existing Security Group
No alt text provided for this image
Now we leverage terraform plan command to list all the changes that need to be included in source control
>terraform plan
Refreshing Terraform state in-memory prior to plan...
...
Terraform will perform the following actions:
# aws_security_group.allow_tls will be updated in-place
~ resource "aws_security_group" "allow_tls" {
...
~ ingress = [
- {
- cidr_blocks = [
- "0.0.0.0/0",
]
- description = "Manual change"
- from_port = 8080
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "tcp"
- security_groups = []
- self = false
- to_port = 8080
},
...
}


Plan: 0 to add, 1 to change, 0 to destroy.

At the end of the day, we still need to do our 3 tasks, we are only rearranging its execution
Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.