Back to Details

terraform-azurerm-set-diff-analyzer

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Terraform AzureRM Set Diff Analyzer

Terraform AzureRM Set Diff 分析工具

A skill to identify "false-positive diffs" in Terraform plans caused by AzureRM Provider's Set-type attributes and distinguish them from actual changes.
一款用于识别由AzureRM Provider的Set类型属性导致的Terraform计划中“假阳性差异”,并将其与实际变更区分开的工具。

When to Use

使用场景

  • terraform plan
    shows many changes, but you only added/removed a single element
  • Application Gateway, Load Balancer, NSG, etc. show "all elements changed"
  • You want to automatically filter false-positive diffs in CI/CD
  • terraform plan
    显示大量变更,但你实际上只添加/删除了单个元素
  • 应用程序网关、负载均衡器、NSG等资源显示“所有元素已变更”
  • 你希望在CI/CD中自动过滤假阳性差异

Background

背景信息

Terraform's Set type compares by position rather than by key, so when adding or removing elements, all elements appear as "changed". This is a general Terraform issue, but it's particularly noticeable with AzureRM resources that heavily use Set-type attributes like Application Gateway, Load Balancer, and NSG.
These "false-positive diffs" don't actually affect the resources, but they make reviewing terraform plan output difficult.
Terraform的Set类型是按位置而非键进行比较的,因此当添加或删除元素时,所有元素都会显示为“已变更”。这是Terraform的一个普遍问题,但在大量使用Set类型属性的AzureRM资源(如应用程序网关、负载均衡器和NSG)中尤为明显。
这些“假阳性差异”实际上不会对资源产生影响,但会增加审核terraform plan输出的难度。

Prerequisites

前置条件

  • Python 3.8+
If Python is unavailable, install via your package manager (e.g., 
apt install python3
, 
brew install python3
) or from python.org.
  • Python 3.8+
若未安装Python,可通过包管理器安装(例如 
apt install python3
brew install python3
)或从python.org下载安装。

Basic Usage

基础使用方法

bash
undefined
bash
undefined

1. Generate plan JSON output

1. Generate plan JSON output

terraform plan -out=plan.tfplan terraform show -json plan.tfplan > plan.json
terraform plan -out=plan.tfplan terraform show -json plan.tfplan > plan.json

2. Analyze

2. Analyze

python scripts/analyze_plan.py plan.json
undefined
python scripts/analyze_plan.py plan.json
undefined

Troubleshooting

故障排除

  • python: command not found
    : Use 
    python3
    instead, or install Python
  • ModuleNotFoundError
    : Script uses only standard library; ensure Python 3.8+
  • python: command not found
    :使用
    python3
    替代,或安装Python
  • ModuleNotFoundError
    :脚本仅使用标准库,请确保使用Python 3.8+版本

Detailed Documentation

详细文档

  • scripts/README.md - All options, output formats, exit codes, CI/CD examples
  • references/azurerm_set_attributes.md - Supported resources and attributes
  • scripts/README.md - 包含所有选项、输出格式、退出码、CI/CD示例
  • references/azurerm_set_attributes.md - 支持的资源和属性