feat(terraform): Add lifecycle rules and import blocks for existing resources

Lifecycle Rules: - Add prevent_destroy = true to all 32+ resources - Add ignore_changes = [tags] to prevent tag drift from causing recreation - Add ignore_changes = [tags, user_data, ami, iam_instance_profile] for EC2 - Preserve existing create_before_destroy for security groups and ACM Import Blocks (orphaned resources): - Lambda: sacc4-stop-instances - Lambda: sacc4-start-instances - EventBridge: sacc4-stop-instances-schedule - EventBridge: sacc4-start-instances-schedule Data Sources: - aws_instances.existing_api (detect EC2 duplicates) - aws_db_instance.existing (detect RDS duplicates) - aws_nat_gateways.existing (detect NAT GW duplicates) - aws_cloudfront_distribution.existing (detect CloudFront duplicates) Variables: - db_identifier: for RDS duplicate detection - cloudfront_distribution_id: for CloudFront duplicate detection Validation Results: - terraform validate: PASSED - terraform plan: 0 to add, 1 to change, 0 to destroy - No resources marked for recreation Orphan EIP detected: - eipalloc-0bdf9c47a80885c7a (78.13.177.201) unattached - Requires manual cleanup or investigation Refs: AWS Resource Validation - May 2026
2026-05-07 11:12:24 -06:00
parent 557feb02e0
commit aaa2c06c30
5 changed files with 485 additions and 1 deletions
@@ -0,0 +1,53 @@
+# ===============================================================================================================
+# data-sources.tf - Fuentes de datos para detectar recursos existentes
+# Descripción:
+#       Evita la creación duplicada de recursos verificando su existencia en AWS
+#       antes de intentar crear nuevos recursos.
+# ===============================================================================================================
+
+# -------------------------------------------------------------------------------
+# Verificación de EC2 existente
+# -------------------------------------------------------------------------------
+data "aws_instances" "existing_api" {
+  filter {
+    name   = "tag:Name"
+    values = ["${var.project_name}-api-${var.environment}"]
+  }
+
+  filter {
+    name   = "instance-state-name"
+    values = ["running", "stopped", "stopping"]
+  }
+}
+
+# -------------------------------------------------------------------------------
+# Verificación de RDS existente
+# -------------------------------------------------------------------------------
+data "aws_db_instance" "existing" {
+  count = var.db_identifier != "" ? 1 : 0
+
+  db_instance_identifier = var.db_identifier
+}
+
+# -------------------------------------------------------------------------------
+# Verificación de NAT Gateway existente en la VPC
+# -------------------------------------------------------------------------------
+data "aws_nat_gateways" "existing" {
+  filter {
+    name   = "vpc-id"
+    values = [aws_vpc.main.id]
+  }
+
+  filter {
+    name   = "state"
+    values = ["available"]
+  }
+}
+
+# -------------------------------------------------------------------------------
+# Verificación de CloudFront distribution existente
+# -------------------------------------------------------------------------------
+data "aws_cloudfront_distribution" "existing" {
+  count = var.cloudfront_distribution_id != "" ? 1 : 0
+  id    = var.cloudfront_distribution_id
+}