Back to Details

terraform-dependency-analyzer

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Terraform Dependency Analyzer

Terraform依赖分析工具

This skill helps analyze and optimize resource dependencies in Terraform configurations.
此技能可帮助分析和优化Terraform配置中的资源依赖关系。

When to Use

使用场景

Use this skill when:
  • Understanding resource relationships and dependencies
  • Troubleshooting circular dependency errors
  • Optimizing resource creation order
  • Refactoring complex configurations
  • Documenting infrastructure dependencies
以下场景可使用此技能:
  • 理解资源关系与依赖
  • 排查循环依赖错误
  • 优化资源创建顺序
  • 重构复杂配置
  • 记录基础设施依赖

Dependency Types

依赖类型

Implicit Dependencies

隐式依赖

Terraform automatically detects dependencies through resource attribute references:
  • Most common and preferred method
  • Created when one resource references another's attributes
  • Example: 
    subnet_id = aws_subnet.main.id
Terraform会通过资源属性引用自动检测依赖:
  • 最常见且推荐的方式
  • 当一个资源引用另一个资源的属性时自动创建
  • 示例:
    subnet_id = aws_subnet.main.id

Explicit Dependencies

显式依赖

Use 
depends_on
only when implicit dependencies aren't sufficient:
  • Cross-resource timing requirements
  • Dependencies not expressed through attributes
  • Ensuring proper creation/deletion order
  • Should be used sparingly
仅当隐式依赖无法满足需求时,才使用
depends_on
  • 跨资源的时序要求
  • 无法通过属性表达的依赖
  • 确保正确的创建/删除顺序
  • 应谨慎使用

Analysis Workflow

分析流程

1. Generate Dependency Graph

1. 生成依赖图

bash
undefined
bash
undefined

Create visual dependency graph

创建可视化依赖图

terraform graph | dot -Tpng > graph.png
terraform graph | dot -Tpng > graph.png

View as text

以文本形式查看

terraform graph
undefined
terraform graph
undefined

2. Identify Resource Relationships

2. 识别资源关系

Parse configuration to map dependencies:
  • Read through resource definitions
  • Note attribute references between resources
  • Identify explicit 
    depends_on
    declarations
  • Map out dependency chains
解析配置以映射依赖关系:
  • 通读资源定义
  • 记录资源间的属性引用
  • 识别显式的
    depends_on
    声明
  • 梳理依赖链

3. Check for Circular Dependencies

3. 检查循环依赖

Common causes:
  • Security groups with mutual ingress rules
  • Resources referencing each other's attributes
  • Module outputs creating circular references
Solution approaches:
  • Break cycles using separate rule resources
  • Restructure resource relationships
  • Use data sources to break circular references
常见原因:
  • 包含相互入站规则的安全组
  • 资源间互相引用属性
  • 模块输出导致的循环引用
解决方法:
  • 使用独立的规则资源打破循环
  • 重构资源关系
  • 使用数据源打破循环引用

Common Dependency Patterns

常见依赖模式

VPC Infrastructure

VPC基础设施

  1. VPC → Internet Gateway, Subnets
  2. Subnets → NAT Gateway, Route Tables
  3. Route Tables → Route Table Associations
  4. Security Groups → EC2/RDS instances
  1. VPC → 互联网网关、子网
  2. 子网 → NAT网关、路由表
  3. 路由表 → 路由表关联
  4. 安全组 → EC2/RDS实例

IAM Resources

IAM资源

  1. IAM Role → IAM Policy Attachments
  2. IAM Role → Resources using the role
  1. IAM角色 → IAM策略关联
  2. IAM角色 → 使用该角色的资源

Database Setup

数据库配置

  1. VPC, Subnets → DB Subnet Group
  2. Security Group → RDS Instance
  3. RDS Instance → Application resources
  1. VPC、子网 → 数据库子网组
  2. 安全组 → RDS实例
  3. RDS实例 → 应用资源

Troubleshooting

故障排查

Circular Dependency Errors

循环依赖错误

Process:
  1. Identify the resources in the cycle from error message
  2. Determine which reference creates the cycle
  3. Break the cycle by:
    • Using separate rule resources (for security groups)
    • Restructuring resource relationships
    • Using data sources instead of direct references
排查流程:
  1. 从错误信息中识别循环中的资源
  2. 确定是哪个引用导致了循环
  3. 通过以下方式打破循环:
    • 使用独立的规则资源(针对安全组)
    • 重构资源关系
    • 使用数据源替代直接引用

Slow Apply Times

执行速度缓慢

Analysis:
  • Check for unnecessary 
    depends_on
    statements forcing sequential creation
  • Identify resources that could be created in parallel
  • Look for bottleneck resources blocking multiple dependencies
Optimization:
  • Remove explicit dependencies when implicit ones exist
  • Group independent resources together
  • Use modules to organize related resources
分析:
  • 检查是否存在不必要的
    depends_on
    语句强制资源按顺序创建
  • 识别可并行创建的资源
  • 寻找阻塞多个依赖的瓶颈资源
优化方案:
  • 当存在隐式依赖时,移除显式依赖
  • 将独立资源分组
  • 使用模块组织相关资源

Optimization Guidelines

优化指南

Minimize Explicit Dependencies

减少显式依赖

  • Prefer implicit dependencies through attribute references
  • Only use 
    depends_on
    when absolutely necessary
  • Remove redundant explicit dependencies
  • 优先使用通过属性引用的隐式依赖
  • 仅在绝对必要时使用
    depends_on
  • 移除冗余的显式依赖

Maximize Parallelization

最大化并行化

  • Ensure independent resources have no unnecessary dependencies
  • Group related resources in modules
  • Avoid creating artificial dependency chains
  • 确保独立资源没有不必要的依赖
  • 将相关资源分组到模块中
  • 避免创建人为的依赖链

Use Modules Effectively

高效使用模块

  • Organize resources by logical grouping
  • Use module outputs to express dependencies
  • Keep module dependencies clear and minimal
  • 按逻辑分组组织资源
  • 使用模块输出表达依赖
  • 保持模块依赖清晰且精简

Analysis Checklist

分析检查清单

  • Generated dependency graph
  • Identified all resource relationships
  • Checked for circular dependencies
  • Verified implicit dependencies are sufficient
  • Removed unnecessary 
    depends_on
    statements
  • Identified opportunities for parallelization
  • Documented critical dependency chains
  • 生成依赖图
  • 识别所有资源关系
  • 检查循环依赖
  • 验证隐式依赖是否足够
  • 移除不必要的
    depends_on
    语句
  • 识别并行化的机会
  • 记录关键依赖链