search

cycloidio / inframap

Read your tfstate or HCL to generate a graph specific for each provider, showing only the resources that are most important/relevant.
MIT License
1.74k stars 94 forks source link

Doesn't work #53

Open davidkarlsen opened 4 years ago

davidkarlsen commented 4 years ago 
/Users/et2448/Downloads/inframap-darwin-amd64 generate --tfstate /tmp/tfstate 
strict digraph G {

}

with --raw I get some kind of output:

/Users/et2448/Downloads/inframap-darwin-amd64 generate --tfstate /tmp/tfstate --raw
strict digraph G {
        "aws_iam_user_policy.s3_upload_user_policy"->"aws_iam_user.s3_upload";
        "aws_iam_user_policy.s3_upload_user_policy"->"aws_kms_key.bucket_key";
        "aws_s3_bucket_public_access_block.this"->"aws_kms_key.bucket_key";
        "aws_s3_bucket_notification.s3_notification"->"aws_sqs_queue.bucket_notification_queue";
        "aws_s3_bucket.this"->"aws_kms_key.bucket_key";
        "aws_s3_bucket_object.upload_folder"->"aws_kms_key.bucket_key";
        "aws_sqs_queue.bucket_notification_queue"->"aws_kms_key.bucket_key";
        "aws_iam_access_key.s3_upload_ak"->"aws_iam_user.s3_upload";
        "aws_iam_access_key.s3_upload_ak" [ shape=ellipse ];
        "aws_iam_user.s3_upload" [ shape=ellipse ];
        "aws_iam_user_policy.s3_upload_user_policy" [ shape=ellipse ];
        "aws_kms_key.bucket_key" [ shape=ellipse ];
        "aws_s3_bucket.this" [ shape=ellipse ];
        "aws_s3_bucket_notification.s3_notification" [ shape=ellipse ];
        "aws_s3_bucket_object.upload_folder" [ shape=ellipse ];
        "aws_s3_bucket_public_access_block.this" [ shape=ellipse ];
        "aws_sqs_queue.bucket_notification_queue" [ shape=ellipse ];

}

Note that I use remote state, but download it like this: https://www.terraform.io/docs/commands/state/pull.html

davidkarlsen commented 4 years ago

I tried 0.2.0 but then I get:

Error: error while reading TFState: state snapshot was created by Terraform v0.12.29, which is newer than current v0.12.28; upgrade to Terraform v0.12.29 or greater to work with this state
xescugc commented 4 years ago

This is the way InfraMap works regarding this (https://github.com/cycloidio/inframap#why-is-my-graph-generated-empty).

We support, on aws, network connections, which basically are security_group and segurity_group_rules, in your case the connections are, I think, based in IAM which is not yet supported (https://github.com/cycloidio/inframap/issues/11). So when we try to reduce the graph turns up empty as we find nothing "relevant".

When using --raw it'll not use the AWS Provider logic (our logic) and basically show the dependencies on the TFState. You can try with --connections=false which will show an potential reduction on your graph for what we find relevant. Also --clean=false will avoid removing nodes without edges which could also be useful.

KIVagant commented 2 years ago

I have tried Inframap on my statefile, which represents a big infrastructure. It shows nothing at all, no matter if I use --raw , --tfstate, --clean=false arguments in any combination.

xescugc commented 2 years ago

@KIVagant Mm you could try, if wanted, to send us the file you are using, we have a command inframap prune that will ofuscate a TFState so it can be shared without leaking information and only leaving the attributes we want and deleting the rest. I would, nevertheless, check the output if it's good to share.

chaoscreater commented 1 year ago

I can't get this to work either.

I've created a test folder and inside the folder, I have a main.tf with the following example contents:

`resource "aws_vpc" "vpc-prod" { cidr_block = "172.16.0.0/16"

tags = { Name = "vpc-prod" } }

resource "aws_subnet" "subnet-prod" { vpc_id = aws_vpc.vpc-prod.id cidr_block = "172.16.10.0/24" availability_zone = "us-west-2a"

tags = { Name = "subnet-prod" } }

resource "aws_network_interface" "nic-prod" { subnet_id = aws_subnet.subnet-prod.id private_ips = ["172.16.10.100"]

tags = { Name = "primary_network_interface" } }

resource "aws_instance" "ec2-prod" { ami = "ami-005e54dee72cc1d00" # us-west-2 instance_type = "m6a.4xlarge"

network_interface { network_interface_id = aws_network_interface.nic-prod.id device_index = 0 }

credit_specification { cpu_credits = "unlimited" } } `

I then run terraform graph | dot -tsvg > graph.svg and I get the correct output and can view the SVG file just fine.

I then run inframap generate main.tf | dot -tsvg > inframap.svg and it generates a blank SVG file.

If I run inframap generate main.tf, I just get this:

strict digraph G {

}

but if I add --raw, then I get a bit more output, but still can't generate a graph.

alex700 commented 9 months ago

I have the same issue, but in my case, there is no output even when the raw parameter is used. terraform graph generates an image well for the same infra.

jacksonpradolima commented 1 month ago

+1