Open Ianyliu opened 1 year ago
My first attempt at using BlastRadius led me to https://github.com/28mm/blast-radius/issues/93, which led me to here.
I'm on an M1 MacBook and when I run the docker run
command, I get:
$ docker run --rm -it -p 5000:5000 -v $(pwd):/data:ro --security-opt apparmor:unconfined --cap-add=SYS_ADMIN ianyliu/blast-radius-fork
Initializing modules...
Initializing the backend...
╷
│ Error: Backend configuration changed
│
│ A change in the backend configuration has been detected, which may require migrating existing state.
│
│ If you wish to attempt automatic migration of the state, use "terraform init -migrate-state".
│ If you wish to store the current configuration with no changes to the state, use "terraform init -reconfigure".
╵
This is run immediately after running the necessary commands to initialise and plan Terraform.
I've got a plan summary script to help reduce the volume of "stuff" produced by Terraform.
[snipped and cleaned]
Plan: 11 to add, 7 to change, 7 to destroy.
Changes to Outputs:
~ shared_rds_route_53 = {
~ postgresql_16_1_serverless = {
~ compute = {
+ rds_read_only_proxy = "rds-postgresql-16-1-serverless-ro-proxy.***.aws"
+ rds_read_write_proxy = "rds-postgresql-16-1-serverless-proxy.***.aws"
# (2 unchanged attributes hidden)
}
~ devops = {
+ rds_read_only_proxy = "rds-postgresql-16-1-serverless-ro-proxy.***.aws"
+ rds_read_write_proxy = "rds-postgresql-16-1-serverless-proxy.***.aws"
# (2 unchanged attributes hidden)
}
}
# (1 unchanged attribute hidden)
}
─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Saved the plan to: terraform.tfplan
To perform exactly these actions, run the following command to apply:
terraform apply "terraform.tfplan"
Plan Summary
============
Resource address Read Deleted Created Updated Trigger
---------------- ---- ------- ------- ------- -------
aws_db_proxy_default_target_group.rds_proxy_target_group *
aws_db_proxy_endpoint.rds_proxy_read_only_endpoint *
aws_db_proxy_target.rds_proxy_target *
aws_iam_policy.rds_proxy_policy *
aws_iam_role.rds_proxy_role *
aws_iam_role_policy_attachment.rds_proxy_role_policy_attachment *
aws_route53_record.compute_r53_store_rds_proxy_read_only *
aws_route53_record.compute_store_rds_proxy_read_only *
aws_route53_record.devops_r53_store_rds_proxy_read_only *
aws_secretsmanager_secret.proxy_credentials *
module.cloudfront_invalidation.aws_lambda_function.cloudfront_invalidation_lambda *
module.rds_proxy["mysql_5_7_provisioned"].data.aws_iam_policy_document.proxy_policy_document *
module.rds_proxy["mysql_5_7_provisioned"].data.aws_kms_alias.proxy *
module.rds_proxy["mysql_5_7_provisioned"].aws_db_proxy.proxy *
module.rds_proxy["mysql_5_7_provisioned"].aws_db_proxy_default_target_group.proxy *
module.rds_proxy["mysql_5_7_provisioned"].aws_db_proxy_endpoint.proxy *
module.rds_proxy["mysql_5_7_provisioned"].aws_db_proxy_target.proxy *
module.rds_proxy["mysql_5_7_provisioned"].aws_iam_policy.proxy *
module.rds_proxy["mysql_5_7_provisioned"].aws_iam_role.proxy *
module.rds_proxy["mysql_5_7_provisioned"].aws_iam_role_policy_attachment.proxy_role_policy_attachment *
module.rds_proxy["mysql_5_7_provisioned"].aws_secretsmanager_secret.proxy *
module.rds_r53["mysql_5_7_provisioned"].aws_route53_record.compute["rds_read_only_proxy"] *
module.rds_r53["mysql_5_7_provisioned"].aws_route53_record.devops["rds_read_only_proxy"] *
module.rds_r53["postgresql_16_1_serverless"].aws_route53_record.compute["rds_read_only_proxy"] *
module.rds_r53["postgresql_16_1_serverless"].aws_route53_record.compute["rds_read_write_proxy"] *
module.rds_r53["postgresql_16_1_serverless"].aws_route53_record.devops["rds_read_only_proxy"] *
module.rds_r53["postgresql_16_1_serverless"].aws_route53_record.devops["rds_read_write_proxy"] *
Completed
Effectively, I'm ready to apply the changes. I just wanted to see the dependency graph so I can see the sequence of what gets altered.
I want the new things created and the updates to carry through to the resources that use the references, before the old resources are deleted.
If I use moved
, the deletion comes first. If I don't use moved
, then the above is the list of create/destroy, just with no easy way of seeing the dependency order.
I've been working on the improvements of this tool as a Cisco Technical Intern this summer.
Here are some of the major changes I've made:
terraform graph
output into a text file.You can test out my Docker image at https://hub.docker.com/repository/docker/ianyliu/blast-radius-fork/