patrykorwat · September 28, 2019 18:24
diff --git a/terraformer_test.tf b/terraformer_test.tf
 provider "aws" {
  region = "ap-southeast-1"
 }

 resource "aws_iam_role" "ec2_role" {
  name = "ec2-role"
  assume_role_policy = <<EOF
 {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Principal": {
        "Service": "ec2.amazonaws.com"
      },
      "Effect": "Allow",
      "Sid": ""
    }
  ]
 }
 EOF
 }

 resource "aws_iam_policy" "policy" {
  name = "ec2_test-policy"
  policy = <<EOF
 {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "ec2:Describe*"
      ],
      "Effect": "Allow",
      "Resource": "*"
    },
    {
      "Action": [
        "s3:*"
      ],
      "Effect": "Allow",
      "Resource": "*"
    }
  ]
 }
 EOF
 }

 resource "aws_iam_role_policy_attachment" "test-attach" {
  role       = "${aws_iam_role.ec2_role.name}"
  policy_arn = "${aws_iam_policy.policy.arn}"
 }

 resource "aws_iam_instance_profile" "test_profile" {
  name = "test_profile"
  role = aws_iam_role.ec2_role.name
 }

 resource "aws_instance" "my-instance" {
  ami = "ami-048a01c78f7bae4aa"
  instance_type = "t2.micro"
  vpc_security_group_ids = ["sg-XXX"]
  subnet_id = "subnet-XXX"
  iam_instance_profile = aws_iam_instance_profile.test_profile.name
  user_data = <<EOF
    #! /bin/bash
    curl -LO https://github.com/GoogleCloudPlatform/terraformer/releases/download/0.8.0/terraformer-linux-amd64
    chmod +x terraformer-linux-amd64
    sudo mv terraformer-linux-amd64 /usr/local/bin/terraformer

    wget https://releases.hashicorp.com/terraform-provider-aws/2.30.0/terraform-provider-aws_2.30.0_linux_amd64.zip
    unzip terraform-provider-aws_2.30.0_linux_amd64.zip
    mkdir -p /home/ec2-user/.terraform.d/plugins/linux_amd64
    mv terraform-provider-aws_v2.30.0_x4 /home/ec2-user/.terraform.d/plugins/linux_amd64/

    export AWS_SECRET_ACCESS_KEY=xxx
    export AWS_ACCESS_KEY_ID=xxx
    export AWS_SESSION_TOKEN=xxx
    terraformer import aws --resources=ec2_instance --connect=true --regions=ap-southeast-1 &> logs

    aws s3 mb s3://terraformer-issue
    aws s3 cp logs s3://terraformer-issue/logs

  EOF
 }
	provider "aws" {
	region = "ap-southeast-1"
	}

	resource "aws_iam_role" "ec2_role" {
	name = "ec2-role"
	assume_role_policy = <<EOF
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Action": "sts:AssumeRole",
	"Principal": {
	"Service": "ec2.amazonaws.com"
	},
	"Effect": "Allow",
	"Sid": ""
	}
	]
	}
	EOF
	}

	resource "aws_iam_policy" "policy" {
	name = "ec2_test-policy"
	policy = <<EOF
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Action": [
	"ec2:Describe*"
	],
	"Effect": "Allow",
	"Resource": "*"
	},
	{
	"Action": [
	"s3:*"
	],
	"Effect": "Allow",
	"Resource": "*"
	}
	]
	}
	EOF
	}

	resource "aws_iam_role_policy_attachment" "test-attach" {
	role = "${aws_iam_role.ec2_role.name}"
	policy_arn = "${aws_iam_policy.policy.arn}"
	}

	resource "aws_iam_instance_profile" "test_profile" {
	name = "test_profile"
	role = aws_iam_role.ec2_role.name
	}

	resource "aws_instance" "my-instance" {
	ami = "ami-048a01c78f7bae4aa"
	instance_type = "t2.micro"
	vpc_security_group_ids = ["sg-XXX"]
	subnet_id = "subnet-XXX"
	iam_instance_profile = aws_iam_instance_profile.test_profile.name
	user_data = <<EOF
	#! /bin/bash
	curl -LO https://github.com/GoogleCloudPlatform/terraformer/releases/download/0.8.0/terraformer-linux-amd64
	chmod +x terraformer-linux-amd64
	sudo mv terraformer-linux-amd64 /usr/local/bin/terraformer

	wget https://releases.hashicorp.com/terraform-provider-aws/2.30.0/terraform-provider-aws_2.30.0_linux_amd64.zip
	unzip terraform-provider-aws_2.30.0_linux_amd64.zip
	mkdir -p /home/ec2-user/.terraform.d/plugins/linux_amd64
	mv terraform-provider-aws_v2.30.0_x4 /home/ec2-user/.terraform.d/plugins/linux_amd64/

	export AWS_SECRET_ACCESS_KEY=xxx
	export AWS_ACCESS_KEY_ID=xxx
	export AWS_SESSION_TOKEN=xxx
	terraformer import aws --resources=ec2_instance --connect=true --regions=ap-southeast-1 &> logs

	aws s3 mb s3://terraformer-issue
	aws s3 cp logs s3://terraformer-issue/logs

	EOF
	}