There are many instances where you may create cloud infrastructure manually and later regret that decision, wondering why you did not use an Infrastructure as Code (IAC) tool like Terraform in the first place. At times you may inherit some legacy cloud architecture for which you would like to use IAC now.
In this article, I’ll show you how to import existing infrastructure into Terraform so that you can manage it like any other Terraform-managed infrastructure. We’ll be taking an example of AWS cloud.
What is terraform?
Terraform is a popular Infrastructure as Code (IAC) tool that enables you to define and manage cloud infrastructure in a declarative way. With Terraform, you can define your infrastructure as code using a simple and easy-to-read language, which makes it easy to version, collaborate, and audit your infrastructure changes.
Terraform Import
The terraform import command is a Terraform CLI command that allows you to import existing infrastructure resources into your Terraform state. When you import a resource, Terraform will create a resource state for it and add it to your Terraform state file.
Before you run terraform import you must manually write a resource configuration block for the resource. The resource block describes where Terraform should map the imported object. (https://developer.hashicorp.com/terraform/cli/import#terraform-cloud)
The terraform import command takes two arguments:
- The Terraform resource address: This is the name of the resource block in your Terraform configuration file. It should be in the format
<resource_type>.<resource_name>, where<resource_type>is the type of the resource and<resource_name>is the name you gave the resource block in your configuration file. - The resource identifier: This is the identifier for the existing resource that you want to import. The format of the resource identifier depends on the cloud provider and the specific resource you want to import. You can usually find the resource identifier in the cloud provider’s documentation.
Here is the syntax for the terraform import command:
terraform import <Terraform_resource_address> <resource_identifier>
For example, if you want to import an existing AWS EC2 instance with the ID i-0123456789abcdef0 into a Terraform aws_instance resource block named example, you would run the following command:
resource "aws_instance" "example" {
instance_id = "i-0123456789abcdef0"
}
terraform import aws_instance.example i-0123456789abcdef0
Once the resource has been imported, you can use Terraform to manage it like any other Terraform-managed resource. You can modify its attributes, update its configuration, and destroy it using Terraform commands.
Now, if you see in the above section, I have highlighted some parts of text.
Before you run terraform import you must manually write a resource
configuration block for the resource. The resource block describes
where Terraform should map the imported object.
This basically means that you would have to manually write a complete resource configuration block by examining the deployed resource. This can be a time-consuming and error-prone activity.
So, how to solve this???
Worry not, there is a tool called terraformer which can help you to just do that, however, you’ll have to use this tool carefully as its not managed by any cloud provider.
Terraformer
Terraformer is an open-source tool that helps convert cloud infrastructure resources into Terraform configuration files, making it easier to transition to Infrastructure as Code (IaC) using Terraform. It uses provider APIs to generate HCL files for different levels of infrastructure, from individual resources to entire environments.
How does terraformer solve our problem?
- Terraformer helps you to create a resource configuration block by importing the resources and its configuration.
terraformer import aws --resources=ec2_instance --filter=id=i-0123456789abcdef0 - The output of the above command is a terraform resource block looking like this:
resource "aws_instance" "tfer--i-0123456789abcdef0" { instance_id = "i-0123456789abcdef0" ....rest of the configuration } - Now you can use the terraform import command to track this block via terraform
terraform import aws_instance.tfer--i-0123456789abcdef0 i-0123456789abcdef0
You can modify the block name before importing the resource using terraform import , i.e tfer--0123456789abcdef0 with any meaning full name.
Voila!! So, now we have successfully imported an AWS resource using terraformer and terraform with minimum manual intervention.
Important links:
terraform: https://www.terraform.io
terraformer: https://github.com/GoogleCloudPlatform/terraformer
