From b5e72e80660138af0bbc9d0ed1c2379eab4e8a5c Mon Sep 17 00:00:00 2001
From: Kazuhiro MUSASHI <simoom634@yahoo.co.jp>
Date: Sat, 27 Nov 2021 22:14:27 +0900
Subject: [PATCH 1/4] =?UTF-8?q?Terraformer=E3=81=AE=E8=A8=98=E4=BA=8B?=
 =?UTF-8?q?=E3=82=92=E8=BF=BD=E5=8A=A0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ...ormer-converts-infra-to-terraform-codes.md | 263 ++++++++++++++++++
 1 file changed, 263 insertions(+)
 create mode 100644 content/posts/2021/2021-11-27-terraformer-converts-infra-to-terraform-codes.md

diff --git a/content/posts/2021/2021-11-27-terraformer-converts-infra-to-terraform-codes.md b/content/posts/2021/2021-11-27-terraformer-converts-infra-to-terraform-codes.md
new file mode 100644
index 0000000..0e2b1bb
--- /dev/null
+++ b/content/posts/2021/2021-11-27-terraformer-converts-infra-to-terraform-codes.md
@@ -0,0 +1,263 @@
++++
+title = "terraformerを試しに使ってみましたよ"
+date = 2021-11-27T22:13:43+09:00
+description = "必要に迫られて[terraformer](https://github.com/GoogleCloudPlatform/terraformer)を使ってみました。`terraform import`をお手軽簡単にできるものみたいです。"
+tags = ["terraform"]
+categories = ["インフラ", "HashiCorp"]
+author = "kazu634"
++++
+
+必要に迫られて[terraformer](https://github.com/GoogleCloudPlatform/terraformer)を使ってみました。`terraform import`をお手軽簡単にできるものみたいです。
+
+## terraformerとは
+各種クラウドサービスなどから、`Terraform`のコードを生成してくれるツールです。インフラからソースコードを生成します。
+
+## 事前準備
+[terraformer](https://github.com/GoogleCloudPlatform/terraformer)を利用する前の準備作業を説明します。
+
+### AWSのIAMユーザー作成
+今回はAWSからコードを生成するので、AWSから情報を取得するIAMユーザーを作成します。ポリシーは`ReadOnlyAccess`を割り当ててみました:
+
+[image:A23972B4-D553-49EF-9990-D08463E1F4ED-877-00000015FDFCFCEF/IAM Management C.png]
+
+### AWS認証情報を設定ファイルに格納
+`~/.aws/credentials`に先ほど作成したIAMユーザーのアクセスキー・シークレットキーの情報、あとはリージョン情報を格納します:
+
+```ini
+[default]
+aws_access_key_id=<ここにアクセスキー>
+aws_secret_access_key=<ここにシークレットキー>
+region=ap-northeast-1
+```
+
+## terraformerのインストール
+それではインストールしていきます:
+
+```bash
+kazu634@bastion2004% export PROVIDER=all
+kazu634@bastion2004% curl -LO https://github.com/GoogleCloudPlatform/terraformer/releases/download/$(curl -s https://api.github.com/repos/GoogleCloudPlatform/terraformer/releases/latest | grep tag_name | cut -d '"' -f 4)/terraformer-${PROVIDER}-linux-amd64
+  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
+                                 Dload  Upload   Total   Spent    Left  Speed
+100   666  100   666    0     0   2466      0 --:--:-- --:--:-- --:--:--  2475
+100  358M  100  358M    0     0  21.0M      0  0:00:17  0:00:17 --:--:-- 26.9M
+kazu634@bastion2004% chmod +x terraformer-${PROVIDER}-linux-amd64
+kazu634@bastion2004% sudo mv terraformer-${PROVIDER}-linux-amd64 /usr/local/bin/terraformer
+[sudo] password for kazu634:
+```
+
+## terraformerを使ってみる
+まずはAWSの情報を取得するということを宣言するようで、`init.tf`に`provider “aws” {}`を書き込み、`terraform init`を実行します:
+
+```bash
+kazu634@bastion2004% echo 'provider "aws" {}' > init.tf
+kazu634@bastion2004% terraform init
+Initializing the backend...
+
+Initializing provider plugins...
+- Finding latest version of hashicorp/aws...
+- Installing hashicorp/aws v3.67.0...
+- Installed hashicorp/aws v3.67.0 (signed by HashiCorp)
+
+Terraform has created a lock file .terraform.lock.hcl to record the provider
+selections it made above. Include this file in your version control repository
+so that Terraform can guarantee to make the same selections by default when
+you run "terraform init" in the future.
+
+Terraform has been successfully initialized!
+
+You may now begin working with Terraform. Try running "terraform plan" to see
+any changes that are required for your infrastructure. All Terraform commands
+should now work.
+
+If you ever set or change modules or backend configuration for Terraform,
+rerun this command to reinitialize your working directory. If you forget, other
+commands will detect it and remind you to do so if necessary.
+```
+
+`Route53`の情報を取得する場合は、次のようにします:
+
+```bash
+kazu634@bastion2004% terraformer import aws --resources=route53
+2021/11/27 21:25:49 aws importing default region
+2021/11/27 21:25:51 aws importing... route53
+2021/11/27 21:25:52 aws done importing route53
+2021/11/27 21:25:52 Number of resources for service route53: 16
+2021/11/27 21:25:52 Refreshing state... aws_route53_record.tfer--ZI0FHD0611WVA_kazu634-002E-com-002E-_NS_
+2021/11/27 21:25:52 Refreshing state... aws_route53_record.tfer--ZI0FHD0611WVA_blog-002E-kazu634-002E-com-002E-_A_
+2021/11/27 21:25:52 Refreshing state... aws_route53_record.tfer--ZI0FHD0611WVA_pocket-002E-kazu634-002E-com-002E-_A_
+2021/11/27 21:25:52 Refreshing state... aws_route53_record.tfer--ZI0FHD0611WVA_minio-002E-kazu634-002E-com-002E-_A_
+2021/11/27 21:25:52 Refreshing state... aws_route53_record.tfer--ZI0FHD0611WVA_openvpn-002E-kazu634-002E-com-002E-_CNAME_
+2021/11/27 21:25:52 Refreshing state... aws_route53_record.tfer--ZI0FHD0611WVA_git-002E-kazu634-002E-com-002E-_A_
+2021/11/27 21:25:52 Refreshing state... aws_route53_record.tfer--ZI0FHD0611WVA_kazu634-002E-com-002E-_SOA_
+2021/11/27 21:25:52 Refreshing state... aws_route53_record.tfer--ZI0FHD0611WVA_kazu634-002E-com-002E-_A_
+2021/11/27 21:25:52 Refreshing state... aws_route53_record.tfer--ZI0FHD0611WVA_blog-002E-kazu634-002E-com-002E-_CAA_
+2021/11/27 21:25:52 Refreshing state... aws_route53_record.tfer--ZI0FHD0611WVA_grafana-002E-kazu634-002E-com-002E-_A_
+2021/11/27 21:25:52 Refreshing state... aws_route53_record.tfer--ZI0FHD0611WVA_gitea-002E-kazu634-002E-com-002E-_A_
+2021/11/27 21:25:52 Refreshing state... aws_route53_record.tfer--ZI0FHD0611WVA_test-002E-kazu634-002E-com-002E-_A_
+2021/11/27 21:25:52 Refreshing state... aws_route53_record.tfer--ZI0FHD0611WVA_g-002E-kazu634-002E-com-002E-_A_
+2021/11/27 21:25:52 Refreshing state... aws_route53_record.tfer--ZI0FHD0611WVA_faktory-002E-kazu634-002E-com-002E-_A_
+2021/11/27 21:25:52 Refreshing state... aws_route53_zone.tfer--ZI0FHD0611WVA_kazu634-002E-com
+2021/11/27 21:25:54 Refreshing state... aws_route53_record.tfer--ZI0FHD0611WVA_drone-002E-kazu634-002E-com-002E-_A_
+2021/11/27 21:25:55 Filtered number of resources for service route53: 16
+2021/11/27 21:25:55 aws Connecting....
+2021/11/27 21:25:55 aws save route53
+2021/11/27 21:25:55 aws save tfstate for route53
+```
+
+すると`generated`というディレクトリーが作成され、その中に`terraform`のソースコードが格納されます:
+
+```bash
+kazu634@bastion2004% ll
+total 28K
+drwxrwxr-x  4 kazu634 kazu634 4.0K Nov 27 21:25 .
+drwxr-xr-x 13 kazu634 kazu634 4.0K Nov 26 23:51 ..
+drwxrwxr-x  3 kazu634 kazu634 4.0K Nov 27 21:25 generated
+-rw-rw-r--  1 kazu634 kazu634   18 Nov 27 00:54 init.tf
+drwxr-xr-x  3 kazu634 kazu634 4.0K Nov 27 00:54 .terraform
+-rw-r--r--  1 kazu634 kazu634 1.1K Nov 27 00:54 .terraform.lock.hcl
+```
+
+`generated`の中身はこのようになっています:
+
+```bash
+kazu634@bastion2004% pwd
+/home/kazu634/works/mnt/others/terraformer/generated
+
+kaws
+    └── route53
+        ├── outputs.tf
+        ├── provider.tf
+        ├── route53_record.tf
+        ├── route53_zone.tf
+        └── terraform.tfstate
+
+2 directories,  5 files
+```
+
+たとえば`route53_record.tf`の中身はこのようになっています:
+
+```bash
+kazu634@bastion2004% cat route53_record.tf
+resource "aws_route53_record" "tfer--ZI0FHD0611WVA_blog-002E-kazu634-002E-com-002E-_A_" {
+  name    = "blog.kazu634.com"
+  records = ["52.193.98.253"]
+  ttl     = "86400"
+  type    = "A"
+  zone_id = "${aws_route53_zone.tfer--ZI0FHD0611WVA_kazu634-002E-com.zone_id}"
+}
+
+resource "aws_route53_record" "tfer--ZI0FHD0611WVA_blog-002E-kazu634-002E-com-002E-_CAA_" {
+  name    = "blog.kazu634.com"
+  records = ["0 issue \"letsencrypt.org\""]
+  ttl     = "86400"
+  type    = "CAA"
+  zone_id = "${aws_route53_zone.tfer--ZI0FHD0611WVA_kazu634-002E-com.zone_id}"
+}
+
+resource "aws_route53_record" "tfer--ZI0FHD0611WVA_drone-002E-kazu634-002E-com-002E-_A_" {
+  name    = "drone.kazu634.com"
+  records = ["52.193.98.253"]
+  ttl     = "3600"
+  type    = "A"
+  zone_id = "${aws_route53_zone.tfer--ZI0FHD0611WVA_kazu634-002E-com.zone_id}"
+}
+
+resource "aws_route53_record" "tfer--ZI0FHD0611WVA_faktory-002E-kazu634-002E-com-002E-_A_" {
+  name    = "faktory.kazu634.com"
+  records = ["52.193.98.253"]
+  ttl     = "3600"
+  type    = "A"
+  zone_id = "${aws_route53_zone.tfer--ZI0FHD0611WVA_kazu634-002E-com.zone_id}"
+}
+
+resource "aws_route53_record" "tfer--ZI0FHD0611WVA_g-002E-kazu634-002E-com-002E-_A_" {
+  name    = "g.kazu634.com"
+  records = ["52.193.98.253"]
+  ttl     = "3600"
+  type    = "A"
+  zone_id = "${aws_route53_zone.tfer--ZI0FHD0611WVA_kazu634-002E-com.zone_id}"
+}
+
+resource "aws_route53_record" "tfer--ZI0FHD0611WVA_git-002E-kazu634-002E-com-002E-_A_" {
+  name    = "git.kazu634.com"
+  records = ["52.193.98.253"]
+  ttl     = "3600"
+  type    = "A"
+  zone_id = "${aws_route53_zone.tfer--ZI0FHD0611WVA_kazu634-002E-com.zone_id}"
+}
+
+resource "aws_route53_record" "tfer--ZI0FHD0611WVA_gitea-002E-kazu634-002E-com-002E-_A_" {
+  name    = "gitea.kazu634.com"
+  records = ["52.193.98.253"]
+  ttl     = "3600"
+  type    = "A"
+  zone_id = "${aws_route53_zone.tfer--ZI0FHD0611WVA_kazu634-002E-com.zone_id}"
+}
+
+resource "aws_route53_record" "tfer--ZI0FHD0611WVA_grafana-002E-kazu634-002E-com-002E-_A_" {
+  name    = "grafana.kazu634.com"
+  records = ["52.193.98.253"]
+  ttl     = "3600"
+  type    = "A"
+  zone_id = "${aws_route53_zone.tfer--ZI0FHD0611WVA_kazu634-002E-com.zone_id}"
+}
+
+resource "aws_route53_record" "tfer--ZI0FHD0611WVA_kazu634-002E-com-002E-_A_" {
+  name    = "kazu634.com"
+  records = ["52.193.98.253"]
+  ttl     = "3600"
+  type    = "A"
+  zone_id = "${aws_route53_zone.tfer--ZI0FHD0611WVA_kazu634-002E-com.zone_id}"
+}
+
+resource "aws_route53_record" "tfer--ZI0FHD0611WVA_kazu634-002E-com-002E-_NS_" {
+  name    = "kazu634.com"
+  records = ["ns-1111.awsdns-10.org.",  "ns-469.awsdns-58.com.",  "ns-720.awsdns-26.net.",  "ns-1844.awsdns-38.co.uk."]
+  ttl     = "172800"
+  type    = "NS"
+  zone_id = "${aws_route53_zone.tfer--ZI0FHD0611WVA_kazu634-002E-com.zone_id}"
+}
+
+resource "aws_route53_record" "tfer--ZI0FHD0611WVA_kazu634-002E-com-002E-_SOA_" {
+  name    = "kazu634.com"
+  records = ["ns-720.awsdns-26.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400"]
+  ttl     = "900"
+  type    = "SOA"
+  zone_id = "${aws_route53_zone.tfer--ZI0FHD0611WVA_kazu634-002E-com.zone_id}"
+}
+
+resource "aws_route53_record" "tfer--ZI0FHD0611WVA_minio-002E-kazu634-002E-com-002E-_A_" {
+  name    = "minio.kazu634.com"
+  records = ["52.193.98.253"]
+  ttl     = "3600"
+  type    = "A"
+  zone_id = "${aws_route53_zone.tfer--ZI0FHD0611WVA_kazu634-002E-com.zone_id}"
+}
+
+resource "aws_route53_record" "tfer--ZI0FHD0611WVA_openvpn-002E-kazu634-002E-com-002E-_CNAME_" {
+  name    = "openvpn.kazu634.com"
+  records = ["52.193.98.253"]
+  ttl     = "3600"
+  type    = "CNAME"
+  zone_id = "${aws_route53_zone.tfer--ZI0FHD0611WVA_kazu634-002E-com.zone_id}"
+}
+
+resource "aws_route53_record" "tfer--ZI0FHD0611WVA_pocket-002E-kazu634-002E-com-002E-_A_" {
+  name    = "pocket.kazu634.com"
+  records = ["52.193.98.253"]
+  ttl     = "3600"
+  type    = "A"
+  zone_id = "${aws_route53_zone.tfer--ZI0FHD0611WVA_kazu634-002E-com.zone_id}"
+}
+
+resource "aws_route53_record" "tfer--ZI0FHD0611WVA_test-002E-kazu634-002E-com-002E-_A_" {
+  name    = "test.kazu634.com"
+  records = ["52.193.98.253"]
+  ttl     = "3600"
+  type    = "A"
+  zone_id = "${aws_route53_zone.tfer--ZI0FHD0611WVA_kazu634-002E-com.zone_id}"
+}
+```
+
+## まとめ
+`terraform import`コマンドを使うと、AWSリソースのIDをいちいち調べて指定して、一つずつインポートするという苦行をしていたのですが、[terraformer](https://github.com/GoogleCloudPlatform/terraformer)を利用するとコマンド一発で`terraform`のコードに落とし込んでもらえるので、だいぶ楽になるということがわかりました。はまるとすると、IAMとかポリシーの部分ですかね。

From d054d39da795d57d87f87c63ea2d7d782f4cd2cf Mon Sep 17 00:00:00 2001
From: Kazuhiro MUSASHI <simoom634@yahoo.co.jp>
Date: Sat, 27 Nov 2021 22:19:30 +0900
Subject: [PATCH 2/4] =?UTF-8?q?=E7=94=BB=E5=83=8F=E3=81=AE=E5=B7=AE?=
 =?UTF-8?q?=E3=81=97=E6=9B=BF=E3=81=88?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../2021-11-27-terraformer-converts-infra-to-terraform-codes.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/posts/2021/2021-11-27-terraformer-converts-infra-to-terraform-codes.md b/content/posts/2021/2021-11-27-terraformer-converts-infra-to-terraform-codes.md
index 0e2b1bb..81242ee 100644
--- a/content/posts/2021/2021-11-27-terraformer-converts-infra-to-terraform-codes.md
+++ b/content/posts/2021/2021-11-27-terraformer-converts-infra-to-terraform-codes.md
@@ -18,7 +18,7 @@ author = "kazu634"
 ### AWSのIAMユーザー作成
 今回はAWSからコードを生成するので、AWSから情報を取得するIAMユーザーを作成します。ポリシーは`ReadOnlyAccess`を割り当ててみました:
 
-[image:A23972B4-D553-49EF-9990-D08463E1F4ED-877-00000015FDFCFCEF/IAM Management C.png]
+<a data-flickr-embed="true" href="https://www.flickr.com/photos/42332031@N02/51708608624/in/dateposted-public/" title="IAM Management C"><img src="https://live.staticflickr.com/65535/51708608624_6881a50569_z.jpg" width="640" height="491" alt="IAM Management C"></a><script async src="//embedr.flickr.com/assets/client-code.js" charset="utf-8"></script>
 
 ### AWS認証情報を設定ファイルに格納
 `~/.aws/credentials`に先ほど作成したIAMユーザーのアクセスキー・シークレットキーの情報、あとはリージョン情報を格納します:

From 4cca52ef50ba8dc4206a1c2713f1035ceb83bb1b Mon Sep 17 00:00:00 2001
From: Kazuhiro MUSASHI <simoom634@yahoo.co.jp>
Date: Sat, 27 Nov 2021 22:19:54 +0900
Subject: [PATCH 3/4] =?UTF-8?q?=E5=8F=82=E8=80=83URL=E3=81=AE=E8=BF=BD?=
 =?UTF-8?q?=E5=8A=A0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ...1-11-27-terraformer-converts-infra-to-terraform-codes.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/content/posts/2021/2021-11-27-terraformer-converts-infra-to-terraform-codes.md b/content/posts/2021/2021-11-27-terraformer-converts-infra-to-terraform-codes.md
index 81242ee..c976f54 100644
--- a/content/posts/2021/2021-11-27-terraformer-converts-infra-to-terraform-codes.md
+++ b/content/posts/2021/2021-11-27-terraformer-converts-infra-to-terraform-codes.md
@@ -261,3 +261,9 @@ resource "aws_route53_record" "tfer--ZI0FHD0611WVA_test-002E-kazu634-002E-com-00
 
 ## まとめ
 `terraform import`コマンドを使うと、AWSリソースのIDをいちいち調べて指定して、一つずつインポートするという苦行をしていたのですが、[terraformer](https://github.com/GoogleCloudPlatform/terraformer)を利用するとコマンド一発で`terraform`のコードに落とし込んでもらえるので、だいぶ楽になるということがわかりました。はまるとすると、IAMとかポリシーの部分ですかね。
+
+## 参考
+- [Terraformerを使ってTerraformに既存インフラのリソースをインポートする \| 株式会社ビヨンド](https://beyondjapan.com/blog/2020/05/terraformer-import-existing-infrastructure/?utm_source=pocket_mylist)
+- [terraformerをmaster accountからassume roleでアクセス＆MFA必須なAWS環境で使う \- Qiita](https://qiita.com/nntsugu/items/c34fc5183e0b5ffdf88e?utm_source=pocket_mylist)
+- [設定ファイルと認証情報ファイルの設定](https://docs.aws.amazon.com/ja_jp/cli/latest/userguide/cli-configure-files.html)
+- [ubuntuでtreeコマンドを使う方法 – magazine off](https://off.tokyo/blog/ubuntu-tree/)

From d861141e86596bb30bbd9a971004cc05d66641bd Mon Sep 17 00:00:00 2001
From: Kazuhiro MUSASHI <simoom634@yahoo.co.jp>
Date: Sat, 27 Nov 2021 22:19:41 +0900
Subject: [PATCH 4/4] Fix typo

---
 .../2021-11-27-terraformer-converts-infra-to-terraform-codes.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/posts/2021/2021-11-27-terraformer-converts-infra-to-terraform-codes.md b/content/posts/2021/2021-11-27-terraformer-converts-infra-to-terraform-codes.md
index c976f54..1beab66 100644
--- a/content/posts/2021/2021-11-27-terraformer-converts-infra-to-terraform-codes.md
+++ b/content/posts/2021/2021-11-27-terraformer-converts-infra-to-terraform-codes.md
@@ -123,7 +123,7 @@ drwxr-xr-x  3 kazu634 kazu634 4.0K Nov 27 00:54 .terraform
 kazu634@bastion2004% pwd
 /home/kazu634/works/mnt/others/terraformer/generated
 
-kaws
+aws
     └── route53
         ├── outputs.tf
         ├── provider.tf