When importing existing infrastructure into Terraform, you must write configuration that matches the imported resources. This process ensures Terraform can manage these resources going forward.
After running 'terraform import', Terraform adds the resource to its state file but does not automatical…When importing existing infrastructure into Terraform, you must write configuration that matches the imported resources. This process ensures Terraform can manage these resources going forward.
After running 'terraform import', Terraform adds the resource to its state file but does not automatically generate configuration. You must manually create the corresponding resource block in your .tf files that accurately represents the imported resource's attributes.
The workflow involves several steps:
1. **Identify the resource**: Determine the resource type and its provider. For example, an AWS EC2 instance uses 'aws_instance' as the resource type.
2. **Create the resource block**: Write a basic resource block with a logical name:
hcl
resource "aws_instance" "imported_server" {
# configuration will go here
}
3. **Run terraform import**: Execute the import command with the resource address and cloud provider ID:
terraform import aws_instance.imported_server i-1234567890abcdef0
4. **Inspect the state**: Use 'terraform state show' to view all attributes Terraform captured during import. This reveals the current configuration of the resource.
5. **Complete the configuration**: Add required and desired attributes to your resource block based on the state output. Include arguments like AMI ID, instance type, tags, and networking settings.
6. **Validate with plan**: Run 'terraform plan' to compare your written configuration against the actual state. The goal is achieving no changes, indicating your configuration matches reality.
7. **Iterate as needed**: Adjust your configuration until the plan shows no differences. Some attributes may be read-only or computed, so focus on configurable arguments.
Starting with Terraform 1.5, the 'import' block provides a declarative approach, allowing you to define imports within configuration files and generate configuration using 'terraform plan -generate-config-out'. This streamlines the process of bringing existing infrastructure under Terraform management while maintaining accurate, version-controlled configuration files.
Writing Configuration for Imported Resources - Terraform Associate Exam Guide
Why Writing Configuration for Imported Resources is Important
When working with existing infrastructure that wasn't originally created by Terraform, you need to bring those resources under Terraform management through the import process. However, importing a resource only adds it to the state file - it does not automatically generate the configuration code. Writing accurate configuration for imported resources is essential for maintaining infrastructure consistency, enabling future modifications, and preventing Terraform from attempting to recreate or modify resources unexpectedly.
What is Writing Configuration for Imported Resources?
Writing configuration for imported resources is the process of creating Terraform configuration blocks that accurately represent the current state of resources that have been imported into Terraform state. This configuration must match the actual resource attributes to ensure Terraform recognizes the resource as properly managed and doesn't propose unwanted changes during subsequent plan operations.
How the Process Works
1. Import the Resource: Use terraform import resource_type.resource_name resource_id to add the existing resource to your state file.
2. Create an Empty Resource Block: Write a basic resource block in your configuration file with the correct resource type and name.
3. Run Terraform Plan: Execute terraform plan to see what attributes Terraform detects as different between your configuration and the actual resource state.
4. Examine the State: Use terraform state show resource_type.resource_name to view all attributes of the imported resource stored in state.
5. Populate Configuration: Add the required and optional arguments to your configuration block to match the current state values.
6. Iterate Until Clean: Repeat running terraform plan and adjusting configuration until the plan shows no changes.
Key Commands for This Process
- terraform import - Imports existing resources into state - terraform state show - Displays attributes of a resource in state - terraform plan - Reveals differences between configuration and state - terraform show - Shows the current state or a saved plan
Terraform 1.5+ Import Block Feature
Starting with Terraform 1.5, you can use import blocks in configuration:
import { to = aws_instance.example id = "i-abcd1234"}
Combined with terraform plan -generate-config-out=generated.tf, Terraform can generate configuration for imported resources automatically.
Exam Tips: Answering Questions on Writing Configuration for Imported Resources
Tip 1: Remember that terraform import only updates the state file - you must still write the configuration manually (or use the newer generate-config feature in Terraform 1.5+).
Tip 2: The command terraform state show is your primary tool for viewing the attributes of an imported resource that need to be reflected in configuration.
Tip 3: After importing, running terraform plan helps identify which attributes are missing or incorrect in your configuration.
Tip 4: Know that imported resources must have a corresponding resource block in configuration before the import command succeeds.
Tip 5: Understand that if configuration doesn't match the imported resource's actual state, Terraform will propose changes to make the real resource match your configuration.
Tip 6: Be familiar with the import block syntax introduced in Terraform 1.5 and the -generate-config-out flag for automatic configuration generation.
Tip 7: Questions may test whether you understand that importing is a two-step process: importing to state AND writing matching configuration.