Last active
August 29, 2015 14:15
-
-
Save solarce/39d634fe5f6b3ae494c6 to your computer and use it in GitHub Desktop.
Terraform template (HCL) to YAML in Python
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # need to pip install pyhcl pyyaml | |
| import sys, yaml, hcl | |
| filename = sys.argv[1] | |
| print("Reading", filename) | |
| with open(filename, 'r') as fp: | |
| obj = hcl.load(fp) | |
| print("Converting to yaml") | |
| bar = yaml.safe_dump(obj,default_flow_style=False) | |
| print(bar) | |
| print("Done.") |
I don't know HCL or Terraform but I think the resource lines should to be changed.
resource "aws_security_group" "private_to_private__any"
change the order to
resource "private_to_private__any" "aws_security_group"
If you do that the output is closer in line numbers...
hcl2yaml.py socorro-fixed.tf | wc -l
197
--- socorro.tf 2015-02-24 16:11:55.000000000 -0800
+++ socorro-fixed.tf 2015-02-24 17:46:51.000000000 -0800
@@ -5,7 +5,7 @@
}
# This is potentially dangerous; may require review.
-resource "aws_security_group" "private_to_private__any" {
+resource "private_to_private__any" "aws_security_group" {
name = "private_to_private__any"
description = "Allow all private traffic."
ingress {
@@ -34,7 +34,7 @@
}
}
-resource "aws_security_group" "internet_to_any__ssh" {
+resource "internet_to_any__ssh" "aws_security_group" {
name = "internet_to_any__ssh"
description = "Allow (alt) SSH to any given node."
ingress {
@@ -45,7 +45,7 @@
}
}
-resource "aws_security_group" "internet_to_elb__http" {
+resource "internet_to_elb__http" "aws_security_group" {
name = "internet_to_elb__http"
description = "Allow incoming traffic from Internet to HTTP(S) on ELBs."
ingress {
@@ -66,7 +66,7 @@
}
}
-resource "aws_security_group" "elb_to_webheads__http" {
+resource "elb_to_webheads__http" "aws_security_group" {
name = "elb_to_webheads__http"
description = "Allow HTTP(S) from ELBs to webheads."
ingress {
@@ -87,7 +87,7 @@
}
}
-resource "aws_security_group" "internet_to_snowflakes__http" {
+resource "internet_to_snowflakes__http" "aws_security_group" {
name = "internet_to_snowflakes__http"
description = "Allow HTTP access to some oddball nodes."
ingress {
@@ -100,7 +100,7 @@
}
}
-resource "aws_elb" "elb_for_collectors" {
+resource "elb_for_collectors" "aws_elb" {
name = "elb-for-collectors"
availability_zones = [
"${aws_instance.collectors.*.availability_zone}"
@@ -128,7 +128,7 @@
]
}
-resource "aws_elb" "elb_for_webheads" {
+resource "elb_for_webheads" "aws_elb" {
name = "elb-for-webheads"
availability_zones = [
"${aws_instance.webheads.*.availability_zone}"
@@ -156,7 +156,7 @@
]
}
-resource "aws_instance" "webheads" {
+resource "webheads" "aws_instance" {
ami = "${lookup(var.base_ami, var.region)}"
instance_type = "t2.micro"
key_name = "${lookup(var.ssh_key_name, var.region)}"
@@ -179,7 +179,7 @@
}
}
-resource "aws_instance" "collectors" {
+resource "collectors" "aws_instance" {
ami = "${lookup(var.base_ami, var.region)}"
instance_type = "t2.micro"
key_name = "${lookup(var.ssh_key_name, var.region)}"
@@ -202,7 +202,7 @@
}
}
-resource "aws_instance" "processors" {
+resource "processors" "aws_instance" {
ami = "${lookup(var.base_ami, var.region)}"
instance_type = "t2.micro"
key_name = "${lookup(var.ssh_key_name, var.region)}"
@@ -213,7 +213,7 @@
]
}
-resource "aws_instance" "middleware" {
+resource "middleware" "aws_instance" {
ami = "${lookup(var.base_ami, var.region)}"
instance_type = "t2.micro"
key_name = "${lookup(var.ssh_key_name, var.region)}"
@@ -224,7 +224,7 @@
]
}
-resource "aws_instance" "rabbitmq" {
+resource "rabbitmq" "aws_instance" {
ami = "${lookup(var.base_ami, var.region)}"
instance_type = "t2.micro"
key_name = "${lookup(var.ssh_key_name, var.region)}"
@@ -235,7 +235,7 @@
]
}
-resource "aws_instance" "elasticsearch" {
+resource "elasticsearch" "aws_instance" {
ami = "${lookup(var.base_ami, var.region)}"
instance_type = "t2.micro"
key_name = "${lookup(var.ssh_key_name, var.region)}"
@@ -246,7 +246,7 @@
]
}
-resource "aws_instance" "postgres" {
+resource "postgres" "aws_instance" {
ami = "${lookup(var.base_ami, var.region)}"
instance_type = "t2.micro"
key_name = "${lookup(var.ssh_key_name, var.region)}"
@@ -257,7 +257,7 @@
]
}
-resource "aws_instance" "crash-analysis" {
+resource "crash-analysis" "aws_instance" {
ami = "${lookup(var.base_ami, var.region)}"
instance_type = "t2.micro"
key_name = "${lookup(var.ssh_key_name, var.region)}"
@@ -269,7 +269,7 @@
]
}
-resource "aws_instance" "symbolapi" {
+resource "symbolapi" "aws_instance" {
ami = "${lookup(var.base_ami, var.region)}"
instance_type = "t2.micro"
key_name = "${lookup(var.ssh_key_name, var.region)}"
@@ -281,7 +281,7 @@
]
}
-resource "aws_instance" "admin_host" {
+resource "admin_host" "aws_instance" {
ami = "${lookup(var.base_ami, var.region)}"
instance_type = "t2.micro"
key_name = "${lookup(var.ssh_key_name, var.region)}"
provider:
aws:
access_key: ${var.access_key}
region: ${var.region}
secret_key: ${var.secret_key}
resource:
admin_host:
aws_instance:
ami: ${lookup(var.base_ami, var.region)}
count: 1
instance_type: t2.micro
key_name: ${lookup(var.ssh_key_name, var.region)}
security_groups:
- ${aws_security_group.internet_to_any__ssh.name}
- ${aws_security_group.private_to_private__any.name}
collectors:
aws_instance:
ami: ${lookup(var.base_ami, var.region)}
count: 1
instance_type: t2.micro
key_name: ${lookup(var.ssh_key_name, var.region)}
provisioner:
remote-exec:
connection:
key_file: ${lookup(var.ssh_key_file, var.region)}
port: ${var.alt_ssh_port}
user: centos
inline:
- sudo sh -c 'echo collector > /var/www/html/index.html'
- sudo systemctl start httpd
security_groups:
- ${aws_security_group.elb_to_webheads__http.name}
- ${aws_security_group.internet_to_any__ssh.name}
- ${aws_security_group.private_to_private__any.name}
crash-analysis:
aws_instance:
ami: ${lookup(var.base_ami, var.region)}
count: 1
instance_type: t2.micro
key_name: ${lookup(var.ssh_key_name, var.region)}
security_groups:
- ${aws_security_group.internet_to_any__ssh.name}
- ${aws_security_group.internet_to_snowflakes__http.name}
- ${aws_security_group.private_to_private__any.name}
elasticsearch:
aws_instance:
ami: ${lookup(var.base_ami, var.region)}
count: 1
instance_type: t2.micro
key_name: ${lookup(var.ssh_key_name, var.region)}
security_groups:
- ${aws_security_group.internet_to_any__ssh.name}
- ${aws_security_group.private_to_private__any.name}
elb_for_collectors:
aws_elb:
availability_zones:
- ${aws_instance.collectors.*.availability_zone}
instances:
- ${aws_instance.collectors.*.id}
listener:
instance_port: 80
instance_protocol: http
lb_port: 80
lb_protocol: http
name: elb-for-collectors
security_groups:
- ${aws_security_group.internet_to_elb__http.id}
elb_for_webheads:
aws_elb:
availability_zones:
- ${aws_instance.webheads.*.availability_zone}
instances:
- ${aws_instance.webheads.*.id}
listener:
instance_port: 80
instance_protocol: http
lb_port: 80
lb_protocol: http
name: elb-for-webheads
security_groups:
- ${aws_security_group.internet_to_elb__http.id}
elb_to_webheads__http:
aws_security_group:
description: Allow HTTP(S) from ELBs to webheads.
ingress:
from_port: 443
protocol: tcp
security_groups:
- ${aws_security_group.internet_to_elb__http.id}
to_port: 443
name: elb_to_webheads__http
internet_to_any__ssh:
aws_security_group:
description: Allow (alt) SSH to any given node.
ingress:
cidr_blocks:
- 0.0.0.0/0
from_port: ${var.alt_ssh_port}
protocol: tcp
to_port: ${var.alt_ssh_port}
name: internet_to_any__ssh
internet_to_elb__http:
aws_security_group:
description: Allow incoming traffic from Internet to HTTP(S) on ELBs.
ingress:
cidr_blocks:
- 0.0.0.0/0
from_port: 443
protocol: tcp
to_port: 443
name: internet_to_elb__http
internet_to_snowflakes__http:
aws_security_group:
description: Allow HTTP access to some oddball nodes.
ingress:
cidr_blocks:
- 0.0.0.0/0
from_port: 80
protocol: tcp
to_port: 80
name: internet_to_snowflakes__http
middleware:
aws_instance:
ami: ${lookup(var.base_ami, var.region)}
count: 1
instance_type: t2.micro
key_name: ${lookup(var.ssh_key_name, var.region)}
security_groups:
- ${aws_security_group.internet_to_any__ssh.name}
- ${aws_security_group.private_to_private__any.name}
postgres:
aws_instance:
ami: ${lookup(var.base_ami, var.region)}
count: 1
instance_type: t2.micro
key_name: ${lookup(var.ssh_key_name, var.region)}
security_groups:
- ${aws_security_group.internet_to_any__ssh.name}
- ${aws_security_group.private_to_private__any.name}
private_to_private__any:
aws_security_group:
description: Allow all private traffic.
ingress:
cidr_blocks:
- 172.0.0.0/16
from_port: '-1'
protocol: icmp
to_port: '-1'
name: private_to_private__any
processors:
aws_instance:
ami: ${lookup(var.base_ami, var.region)}
count: 1
instance_type: t2.micro
key_name: ${lookup(var.ssh_key_name, var.region)}
security_groups:
- ${aws_security_group.internet_to_any__ssh.name}
- ${aws_security_group.private_to_private__any.name}
rabbitmq:
aws_instance:
ami: ${lookup(var.base_ami, var.region)}
count: 1
instance_type: t2.micro
key_name: ${lookup(var.ssh_key_name, var.region)}
security_groups:
- ${aws_security_group.internet_to_any__ssh.name}
- ${aws_security_group.private_to_private__any.name}
symbolapi:
aws_instance:
ami: ${lookup(var.base_ami, var.region)}
count: 1
instance_type: t2.micro
key_name: ${lookup(var.ssh_key_name, var.region)}
security_groups:
- ${aws_security_group.internet_to_any__ssh.name}
- ${aws_security_group.internet_to_snowflakes__http.name}
- ${aws_security_group.private_to_private__any.name}
webheads:
aws_instance:
ami: ${lookup(var.base_ami, var.region)}
count: 1
instance_type: t2.micro
key_name: ${lookup(var.ssh_key_name, var.region)}
provisioner:
remote-exec:
connection:
key_file: ${lookup(var.ssh_key_file, var.region)}
port: ${var.alt_ssh_port}
user: centos
inline:
- sudo sh -c 'echo web_server > /var/www/html/index.html'
- sudo systemctl start httpd
security_groups:
- ${aws_security_group.elb_to_webheads__http.name}
- ${aws_security_group.internet_to_any__ssh.name}
- ${aws_security_group.private_to_private__any.name}
and from the above YAML to JSON..
{
"provider": {
"aws": {
"access_key": "${var.access_key}",
"region": "${var.region}",
"secret_key": "${var.secret_key}"
}
},
"resource": {
"admin_host": {
"aws_instance": {
"ami": "${lookup(var.base_ami, var.region)}",
"count": 1,
"instance_type": "t2.micro",
"key_name": "${lookup(var.ssh_key_name, var.region)}",
"security_groups": [
"${aws_security_group.internet_to_any__ssh.name}",
"${aws_security_group.private_to_private__any.name}"
]
}
},
"collectors": {
"aws_instance": {
"ami": "${lookup(var.base_ami, var.region)}",
"count": 1,
"instance_type": "t2.micro",
"key_name": "${lookup(var.ssh_key_name, var.region)}",
"provisioner": {
"remote-exec": {
"connection": {
"key_file": "${lookup(var.ssh_key_file, var.region)}",
"port": "${var.alt_ssh_port}",
"user": "centos"
},
"inline": [
"sudo sh -c 'echo collector > /var/www/html/index.html'",
"sudo systemctl start httpd"
]
}
},
"security_groups": [
"${aws_security_group.elb_to_webheads__http.name}",
"${aws_security_group.internet_to_any__ssh.name}",
"${aws_security_group.private_to_private__any.name}"
]
}
},
"crash-analysis": {
"aws_instance": {
"ami": "${lookup(var.base_ami, var.region)}",
"count": 1,
"instance_type": "t2.micro",
"key_name": "${lookup(var.ssh_key_name, var.region)}",
"security_groups": [
"${aws_security_group.internet_to_any__ssh.name}",
"${aws_security_group.internet_to_snowflakes__http.name}",
"${aws_security_group.private_to_private__any.name}"
]
}
},
"elasticsearch": {
"aws_instance": {
"ami": "${lookup(var.base_ami, var.region)}",
"count": 1,
"instance_type": "t2.micro",
"key_name": "${lookup(var.ssh_key_name, var.region)}",
"security_groups": [
"${aws_security_group.internet_to_any__ssh.name}",
"${aws_security_group.private_to_private__any.name}"
]
}
},
"elb_for_collectors": {
"aws_elb": {
"availability_zones": [
"${aws_instance.collectors.*.availability_zone}"
],
"instances": [
"${aws_instance.collectors.*.id}"
],
"listener": {
"instance_port": 80,
"instance_protocol": "http",
"lb_port": 80,
"lb_protocol": "http"
},
"name": "elb-for-collectors",
"security_groups": [
"${aws_security_group.internet_to_elb__http.id}"
]
}
},
"elb_for_webheads": {
"aws_elb": {
"availability_zones": [
"${aws_instance.webheads.*.availability_zone}"
],
"instances": [
"${aws_instance.webheads.*.id}"
],
"listener": {
"instance_port": 80,
"instance_protocol": "http",
"lb_port": 80,
"lb_protocol": "http"
},
"name": "elb-for-webheads",
"security_groups": [
"${aws_security_group.internet_to_elb__http.id}"
]
}
},
"elb_to_webheads__http": {
"aws_security_group": {
"description": "Allow HTTP(S) from ELBs to webheads.",
"ingress": {
"from_port": 443,
"protocol": "tcp",
"security_groups": [
"${aws_security_group.internet_to_elb__http.id}"
],
"to_port": 443
},
"name": "elb_to_webheads__http"
}
},
"internet_to_any__ssh": {
"aws_security_group": {
"description": "Allow (alt) SSH to any given node.",
"ingress": {
"cidr_blocks": [
"0.0.0.0/0"
],
"from_port": "${var.alt_ssh_port}",
"protocol": "tcp",
"to_port": "${var.alt_ssh_port}"
},
"name": "internet_to_any__ssh"
}
},
"internet_to_elb__http": {
"aws_security_group": {
"description": "Allow incoming traffic from Internet to HTTP(S) on ELBs.",
"ingress": {
"cidr_blocks": [
"0.0.0.0/0"
],
"from_port": 443,
"protocol": "tcp",
"to_port": 443
},
"name": "internet_to_elb__http"
}
},
"internet_to_snowflakes__http": {
"aws_security_group": {
"description": "Allow HTTP access to some oddball nodes.",
"ingress": {
"cidr_blocks": [
"0.0.0.0/0"
],
"from_port": 80,
"protocol": "tcp",
"to_port": 80
},
"name": "internet_to_snowflakes__http"
}
},
"middleware": {
"aws_instance": {
"ami": "${lookup(var.base_ami, var.region)}",
"count": 1,
"instance_type": "t2.micro",
"key_name": "${lookup(var.ssh_key_name, var.region)}",
"security_groups": [
"${aws_security_group.internet_to_any__ssh.name}",
"${aws_security_group.private_to_private__any.name}"
]
}
},
"postgres": {
"aws_instance": {
"ami": "${lookup(var.base_ami, var.region)}",
"count": 1,
"instance_type": "t2.micro",
"key_name": "${lookup(var.ssh_key_name, var.region)}",
"security_groups": [
"${aws_security_group.internet_to_any__ssh.name}",
"${aws_security_group.private_to_private__any.name}"
]
}
},
"private_to_private__any": {
"aws_security_group": {
"description": "Allow all private traffic.",
"ingress": {
"cidr_blocks": [
"172.0.0.0/16"
],
"from_port": "-1",
"protocol": "icmp",
"to_port": "-1"
},
"name": "private_to_private__any"
}
},
"processors": {
"aws_instance": {
"ami": "${lookup(var.base_ami, var.region)}",
"count": 1,
"instance_type": "t2.micro",
"key_name": "${lookup(var.ssh_key_name, var.region)}",
"security_groups": [
"${aws_security_group.internet_to_any__ssh.name}",
"${aws_security_group.private_to_private__any.name}"
]
}
},
"rabbitmq": {
"aws_instance": {
"ami": "${lookup(var.base_ami, var.region)}",
"count": 1,
"instance_type": "t2.micro",
"key_name": "${lookup(var.ssh_key_name, var.region)}",
"security_groups": [
"${aws_security_group.internet_to_any__ssh.name}",
"${aws_security_group.private_to_private__any.name}"
]
}
},
"symbolapi": {
"aws_instance": {
"ami": "${lookup(var.base_ami, var.region)}",
"count": 1,
"instance_type": "t2.micro",
"key_name": "${lookup(var.ssh_key_name, var.region)}",
"security_groups": [
"${aws_security_group.internet_to_any__ssh.name}",
"${aws_security_group.internet_to_snowflakes__http.name}",
"${aws_security_group.private_to_private__any.name}"
]
}
},
"webheads": {
"aws_instance": {
"ami": "${lookup(var.base_ami, var.region)}",
"count": 1,
"instance_type": "t2.micro",
"key_name": "${lookup(var.ssh_key_name, var.region)}",
"provisioner": {
"remote-exec": {
"connection": {
"key_file": "${lookup(var.ssh_key_file, var.region)}",
"port": "${var.alt_ssh_port}",
"user": "centos"
},
"inline": [
"sudo sh -c 'echo web_server > /var/www/html/index.html'",
"sudo systemctl start httpd"
]
}
},
"security_groups": [
"${aws_security_group.elb_to_webheads__http.name}",
"${aws_security_group.internet_to_any__ssh.name}",
"${aws_security_group.private_to_private__any.name}"
]
}
}
}
}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Oddly, this script (rev 9331932) fails to parse this TCF config: