Terraformを書いていると動的にAmazon リソースネーム (ARN)を記述したり、今実行しているリージョンを変数名やAWSの何かのリソース名に定義したくなることがあります。
その場合、data ブロックで特定のタイプを使用することによって必要な情報を簡単に取得できます。
実際に自分がよく使うのは表題に挙げたリージョンやアカウントIDなど限られた項目のみですが、せっかくなので公式に記載されているデータタイプを一通り確認してみました。
目次
データタイプ一覧
各データタイプを宣言して、それぞれoutputブロックで出力して確認していきたいと思います。
aws_region
現在、Terraformを実行しているリージョン(providerブロックで指定したリージョン)を取得できます。
# ソースコード
data "aws_region" "now" {}
output "aws_region" {
value = data.aws_region.now
}
output "aws_region_name" {
value = data.aws_region.now.name
}
# 実際の出力内容
aws_region = {
"description" = "Asia Pacific (Tokyo)"
"endpoint" = "ec2.ap-northeast-1.amazonaws.com"
"id" = "ap-northeast-1"
"name" = "ap-northeast-1"
}
aws_region_name = ap-northeast-1
aws_caller_identity
アカウントIDやユーザーIDなど取得できます。
# ソースコード
data "aws_caller_identity" "now" {}
output "aws_caller_identity" {
value = data.aws_caller_identity.now
}
output "aws_caller_identity_account_id" {
value = data.aws_caller_identity.now.account_id
}
# 実際の出力内容
aws_caller_identity = {
"account_id" = "123456789012"
"arn" = "arn:aws:iam::123456789012:root"
"id" = "123456789012"
"user_id" = "123456789012"
}
aws_caller_identity_account_id = 123456789012
aws_arn
arnを構成要素に分割してくれます。
# ソースコード
data "aws_arn" "db_instance" {
arn = "arn:aws:rds:eu-west-1:123456789012:db:mysql-db"
}
output "aws_arn" {
value = data.aws_arn.db_instance
}
# 実際の出力内容
aws_arn = {
"account" = "123456789012"
"arn" = "arn:aws:rds:eu-west-1:123456789012:db:mysql-db"
"id" = "arn:aws:rds:eu-west-1:123456789012:db:mysql-db"
"partition" = "aws"
"region" = "eu-west-1"
"resource" = "db:mysql-db"
"service" = "rds"
}aws_availability_zone
使用例をみるとサブネットをシステマチックに分割するときなど役に立つっぽいです。
# ソースコード
data "aws_availability_zone" "example" {
# 一つのAZに絞るようにしないと怒られる
# Error: multiple AZs matched; use additional constraints to reduce matches to a single AZ
name = "ap-northeast-1a"
}
output "aws_availability_zone" {
value = data.aws_availability_zone.example
}
# 実際の出力内容
aws_availability_zone = {
"group_name" = "ap-northeast-1"
"id" = "ap-northeast-1a"
"name" = "ap-northeast-1a"
"name_suffix" = "a"
"network_border_group" = "ap-northeast-1"
"opt_in_status" = "opt-in-not-required"
"region" = "ap-northeast-1"
"state" = "available"
"zone_id" = "apne1-az4"
}
aws_availability_zones
現在、Terraformを実行しているリージョンでアクセス可能なAZリストが取得できます。
# ソースコード
data "aws_availability_zones" "available" {}
output "aws_availability_zones" {
value = data.aws_availability_zones.available
}
# 実際の出力内容
aws_availability_zones = {
"group_names" = [
"ap-northeast-1",
]
"id" = "ap-northeast-1"
"names" = [
"ap-northeast-1a",
"ap-northeast-1c",
"ap-northeast-1d",
]
"state" = "available"
"zone_ids" = [
"apne1-az4",
"apne1-az1",
"apne1-az2",
]
}aws_billing_service_account
AWS課金サービスアカウントの情報が取得できます。
386209384616 はAWS側で指定されているIDのようです。
# ソースコード
data "aws_billing_service_account" "main" {}
output "aws_billing_service_account" {
value = data.aws_billing_service_account.main
}
# 実際の出力内容
aws_billing_service_account = {
"arn" = "arn:aws:iam::386209384616:root"
"id" = "386209384616"
}aws_ip_ranges
services で指定したサービスで使用しているIPの範囲を取得できます。
# ソースコード
data "aws_ip_ranges" "ec2" {
regions = ["ap-northeast-1"]
services = ["ec2"]
}
output "aws_ip_ranges" {
value = data.aws_ip_ranges.ec2
}
data "aws_ip_ranges" "cloudfront" {
regions = ["global"]
services = ["cloudfront"]
}
output "aws_ip_ranges" {
value = data.aws_ip_ranges.cloudfront
}
# 実際の出力内容
aws_ip_ranges_cloudfront = {
"cidr_blocks" = [
"111.51.66.0/24",
"116.129.226.0/25",
...
"99.84.0.0/16",
"99.86.0.0/16",
]
"create_date" = "2020-11-27-01-11-18"
"id" = "1606439478"
"ipv6_cidr_blocks" = [
"2400:7fc0:500::/40",
"2404:c2c0:500::/40",
...
"2600:9000:f000::/36",
"2600:9000:fff::/48",
]
"regions" = [
"global",
]
"services" = [
"cloudfront",
]
"sync_token" = 1606439478
"url" = "https://ip-ranges.amazonaws.com/ip-ranges.json"
}
aws_ip_ranges_ec2 = {
"cidr_blocks" = [
"103.4.8.0/21",
"13.112.0.0/14",
...
"99.77.139.0/24",
"99.77.160.0/24",
]
"create_date" = "2020-11-27-01-11-18"
"id" = "1606439478"
"ipv6_cidr_blocks" = [
"2400:6700:ff00::/64",
"2406:da00:4000::/40",
...
"2600:1ffd:8165::/48",
"2600:1ffd:816c::/48",
]
"regions" = [
"ap-northeast-1",
]
"services" = [
"ec2",
]
"sync_token" = 1606439478
"url" = "https://ip-ranges.amazonaws.com/ip-ranges.json"
}aws_partition
パーテーションの情報を取得できます。使いどころがよくわからない。。
# ソースコード
data "aws_partition" "now" {}
output "aws_partition" {
value = data.aws_partition.now
}
# 実際の出力内容
aws_partition = {
"dns_suffix" = "amazonaws.com"
"id" = "aws"
"partition" = "aws"
}aws_regions
リージョンに関する情報を取得します。
# ソースコード
data "aws_regions" "now" {}
output "aws_regions_now" {
value = data.aws_regions.now
}
data "aws_regions" "all" {
all_regions = true
}
output "aws_regions_all" {
value = data.aws_regions.all
}
# 実際の出力内容
aws_regions_all = {
"all_regions" = true
"id" = "aws"
"names" = [
"af-south-1",
"ap-east-1",
"ap-northeast-1",
"ap-northeast-2",
"ap-south-1",
"ap-southeast-1",
"ap-southeast-2",
"ca-central-1",
"eu-central-1",
"eu-north-1",
"eu-south-1",
"eu-west-1",
"eu-west-2",
"eu-west-3",
"me-south-1",
"sa-east-1",
"us-east-1",
"us-east-2",
"us-west-1",
"us-west-2",
]
}
aws_regions_now = {
"id" = "aws"
"names" = [
"ap-northeast-1",
"ap-northeast-2",
"ap-south-1",
"ap-southeast-1",
"ap-southeast-2",
"ca-central-1",
"eu-central-1",
"eu-north-1",
"eu-west-1",
"eu-west-2",
"eu-west-3",
"sa-east-1",
"us-east-1",
"us-east-2",
"us-west-1",
"us-west-2",
]
}結構ありましたね。
今回は以上です〜ノシ
参考
感謝ヽ(´∀`*)ノ
リンク
リンク
