I would like to import the pre-installed ELB which is not made by Terraform. As far as I know, provisioned EC2s (not created by Terraform) are modified with no problems.
Please refer to: https://www.youtube.com/watch?v=Abv3CHS4HTE
All I want to know is to enable provisioned ELB with the Access logs. (* I don't want to provision a new ELB)
Following is the code I run.
data "aws_elb_service_account" "main" {}
resource "aws_s3_bucket" "elb_logs" {
bucket = "<BucketName>"
acl = "private"
policy = <<POLICY
{
"Id": "Policy",
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:PutObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::<BucketName>/AWSLogs/*",
"Principal": {
"AWS": [
"${data.aws_elb_service_account.main.arn}"
]
}
}
]
}
POLICY
}
resource "aws_lb" "foobar" {
arn = "arn:aws:elasticloadbalancing:ap-northeast-1:<AccountName>:loadbalancer/app/<ELBName>/7c6a359c72a9a02e"
name = "<ELBName>"
internal = false
load_balancer_type = "application"
subnets = [
"<Subnet-1Name>",
"<Subnet-2Name>",
]
access_logs {
bucket = "${aws_s3_bucket.elb_logs.bucket}"
}
}
You need to import the existing load balancer into the terraform state:
$ terraform import aws_lb.foobar LB_ARN
(replace LB_ARN with the ARN of the load balancer).