snippetterraformMinor
Terraform - how to modify a existing S3 bucket that was created from module?
Viewed 0 times
howcreatedmodulewasthatbucketexistingfrommodifyterraform
Problem
I already have my S3 bucket called
How do I get it to modify my existing S3 bucket that was created in
```
provider "aws" {
alias = "east1"
region = "us-east-1"
}
module "acm_cert" {
source = "foo-git"
cluster = var.cluster
domain = var.website_domain
dns_zone = var.zone_name
tags = var.tags
extra_tags = var.extra_tags
providers = {
aws = aws.east1
}
}
module s3_website {
source = "foo-git"
cluster = var.cluster
env = var.tags.Environment
app = var.tags.Application
website_domain = var.website_domain
s3_prefix = var.s3_prefix
certificate_arn = module.acm_cert.certificate_arn
error_document = "index.html"
index_document = "index.html"
custom_error_response = [
{
"error_code" = 404
"response_code" = 200
"response_page_path" = "/index.html"
},
{
"error_code" = 403
"response_code" = 200
"response_page_path" = "/index.html"
},
]
tags = var.tags
}
data "aws_route53_zone" "base" {
name = var.zone_name
}
resource "aws_route53_record" "this" {
zone_id = data.aws_route53_zone.base.zone_id
name = var.website_domain
type = "A"
alias {
name = module.s3_website.domain_name
zone_id = module.s3_website.zone_id
evaluate_target_health = false
}
}
resource "aws_s3_bucket" "s3_website" {
bucket = "foo-name"
policy = <<POLICY
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*
foo-name created and existing with terraform. I want to modify the existing S3 bucket and a policy. But when I do this, it seems to want to add a new s3 bucket instead. I imagine s3_website in resource "aws_s3_bucket" "s3_bucket" is incorrect. But I don't know what I would use in place of that because of the way the S3 bucket was created.How do I get it to modify my existing S3 bucket that was created in
module s3_website {}?```
provider "aws" {
alias = "east1"
region = "us-east-1"
}
module "acm_cert" {
source = "foo-git"
cluster = var.cluster
domain = var.website_domain
dns_zone = var.zone_name
tags = var.tags
extra_tags = var.extra_tags
providers = {
aws = aws.east1
}
}
module s3_website {
source = "foo-git"
cluster = var.cluster
env = var.tags.Environment
app = var.tags.Application
website_domain = var.website_domain
s3_prefix = var.s3_prefix
certificate_arn = module.acm_cert.certificate_arn
error_document = "index.html"
index_document = "index.html"
custom_error_response = [
{
"error_code" = 404
"response_code" = 200
"response_page_path" = "/index.html"
},
{
"error_code" = 403
"response_code" = 200
"response_page_path" = "/index.html"
},
]
tags = var.tags
}
data "aws_route53_zone" "base" {
name = var.zone_name
}
resource "aws_route53_record" "this" {
zone_id = data.aws_route53_zone.base.zone_id
name = var.website_domain
type = "A"
alias {
name = module.s3_website.domain_name
zone_id = module.s3_website.zone_id
evaluate_target_health = false
}
}
resource "aws_s3_bucket" "s3_website" {
bucket = "foo-name"
policy = <<POLICY
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*
Solution
If you already have your S3 bucket recognized by Terraform and it was created by the code you pasted, you schould not be having any diffculties if the operation could be done in place.
There are a few important MUST KNOW things about how TF handle resources. MUST KNOW because in the end of the day it's infrastructure :) Some of the parameters are immutable, although it might not seem that intuitive changing the resource identifier would trigger delete/create scenario.
Could you paste your TF plan output ?
There are a few important MUST KNOW things about how TF handle resources. MUST KNOW because in the end of the day it's infrastructure :) Some of the parameters are immutable, although it might not seem that intuitive changing the resource identifier would trigger delete/create scenario.
Could you paste your TF plan output ?
Context
StackExchange DevOps Q#11129, answer score: 2
Revisions (0)
No revisions yet.