module化したterraformをfor eachでリファクタリング →moved block で再作成防ぐ

前提：module化してある
概要：再作成防ぐ楽な方法ないのか模索
①for eachのリファクタリングで関連するリソースをすべてmoved blockで定義 → 王道
②module 名を無理やり変えてmoduleで作成されるリソースはすべてmovedで切り替えるといった手法を取る → 楽にできたら神
https://www.terraform.io/language/modules/develop/refactoring#enabling-count-or-for_each-for-a-module-call
結論：結局①に落ち着いた

本編

module側

変更前

変更後

resource "aws_efs_file_system" "a-efs" {
  for_each         = var.efs-list
  encrypted        = true
  performance_mode = "generalPurpose"
  throughput_mode  = "bursting"
  tags = {
    Name = "${var.project}-${var.environment}-efs-${each.key}"
  }
}
resource "aws_efs_mount_target" "efs-mount-a" {
  for_each        = var.efs-list
  file_system_id  = aws_efs_file_system.a-efs[each.key].id
  subnet_id       = lookup(each.value, "subnet_a_id")
  security_groups = [lookup(each.value, "security_group_id")]
}

main側

変更前

module "efs" {
  source = "../../module/efs"

  #システム/環境名
  project     = var.project
  environment = var.environment
  efs-list = {
    "Test1" = {
      "security_group_id" = module.vpc.sg["sg-efs"].id
      "subnet_a_id"         = module.vpc.subnet["pri-1a"].id
      "subnet_c_id"         = module.vpc.subnet["pri-1c"].id
      "subnet_d_id"         = module.vpc.subnet["pri-1d"].id
    }
    "Test2" = {
      "security_group_id" = module.vpc.sg["sg-efs-ProdJobWeb"].id
      "subnet_a_id"         = module.vpc.subnet["1a"].id
      "subnet_c_id"         = module.vpc.subnet["1c"].id
      "subnet_d_id"         = module.vpc.subnet["1d"].id
    }
  }
}

変更後

module "a-efs" {
  source = "../../module/efs"

  #システム/環境名
  project     = var.project
  environment = var.environment
  efs-list = {
    "Test1" = {
      "security_group_id" = module.vpc.sg["sg-efs-TestJobWeb"].id
      "subnet_a_id"         = module.vpc.subnet["pri-1a"].id
      "subnet_c_id"         = module.vpc.subnet["pri-1c"].id
      "subnet_d_id"         = module.vpc.subnet["pri-1d"].id
    }
    "Test2" = {
      "security_group_id" = module.vpc.sg["sg-efs-ProdJobWeb"].id
      "subnet_a_id"         = module.vpc.subnet["1a"].id
      "subnet_c_id"         = module.vpc.subnet["1c"].id
      "subnet_d_id"         = module.vpc.subnet["1d"].id
    }
  }
}

moved block パターン①→module名変えずにやったパターン→こっちは普通にできる

moved {  
  from = module.efs.aws_efs_file_system.efs-Test2
  to   = module.efs.aws_efs_file_system.efs["Test2"]
}
moved {  
  from = module.efs.aws_efs_file_system.efs-Test1
  to   = module.efs.aws_efs_file_system.efs["Test1"]
}
moved {  
  from = module.efs.aws_efs_mount_target.efs-Test2-mount-a
  to   = module.efs.aws_efs_mount_target.efs-mount-a["Test2"]
}
moved {  
  from = module.efs.aws_efs_mount_target.efs-Test2-mount-c
  to   = module.efs.aws_efs_mount_target.efs-mount-c["Test2"]
}
moved {  
  from = module.efs.aws_efs_mount_target.efs-Test2-mount-d
  to   = module.efs.aws_efs_mount_target.efs-mount-d["Test2"]
}
moved {  
  from = module.efs.aws_efs_mount_target.efs-Test1-mount-a
  to   = module.efs.aws_efs_mount_target.efs-mount-a["Test1"]
}
moved {  
  from = module.efs.aws_efs_mount_target.efs-Test1-mount-c
  to   = module.efs.aws_efs_mount_target.efs-mount-c["Test1"]
}
moved {  
  from = module.efs.aws_efs_mount_target.efs-Test1-mount-d
  to   = module.efs.aws_efs_mount_target.efs-mount-d["Test1"]
}

module block パターン②→module名を変えるだけでできたら神パターン

moved {  
  from = module.efs
  to   = module.a-efs
}

結果（一部）

  # module.a-efs.aws_efs_file_system.efs-Test1 will be destroyed
  # (because aws_efs_file_system.efs-Test1 is not in configuration)
  # (moved from module.efs.aws_efs_file_system.efs-Test1)

movedブロックが無視されているわけではないけど再作成は発生している（バタン