Testing out Azure Terrafy

Please note: This tooling has been renamed and updated since this post was written – please see updated docs in the GitHub Repo here.

Azure Terrafy is a tool that allows us to bring existing Azure Infrastructure under management by Terraform – something those of us using Terraform have been hoping will exist for a long time. When we say “under management by Terraform”, we mean that an entry for the imported Resources would exist within our Terraform State File, and a Resource entry would exist within our Terraform code.

The tool has it’s own GitHub Repository, where you can examine, interact with, and download the code or installation binaries: https://github.com/Azure/aztfy 

✅There are so many use cases for a Tool like this, particularly around how it can reduce workload and provide more rapid testing and troubleshooting. Below are just a few use cases I can think of:

  • Bringing an existing environment under management with Terraform – to allow for testing or troubleshooting in an isolated environment (by redeploying the environment).
  • Labs / Testing / Demonstrations etc.
  • Learning Terraform – building an environment manually and then importing it to learn from the code
  • Moving from a manual build process to a Terraform based one
  • Changing tooling – e.g. Moving from ARM Templates or similar to Terraform

Getting setup

For the purposes of making the install simple, you can run the two below scripts to install everything you need for this article. As usual I’ve used Chocolatey to get things up and running:

Chocolatey script to setup VSCode, Terraform, Azure CLI, and Go:
#Chocolatey setup and installation script for using Terraform
#Set Execution Policy to allow script to run
Set-ExecutionPolicy Bypass -Scope Process -Force 
#Chocolatey install
iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
#Chocolatey apps
choco install vscode -y -no-desktopshortcuts
choco install terraform -y -no-desktopshortcuts
choco install azure-cli -y -no-desktopshortcuts
choco install go -y -no-desktopshortcuts
Go Installation of Azure Terrafy:
#Go Installation Script for Azure Terrafy
go install github.com/Azure/aztfexport@latest

✅ We are now setup and ready to start using Azure Terrafy!

Testing – Existing Infrastructure

To start my test, I’ve created some existing infrastructure within Azure – namely, two Virtual Networks (each with a Subnet), and a Key Vault. These are all within a Single Resource Group. Whilst this is a very simple example, it helps to demonstrate the concept and usage of Azure Terrafy.

Whilst this is only a few simple infrastructure items – it will help to demonstrate how useful Azure Terrafy is.

Using Azure Terrafy

To start my test, I have a simple Terraform configuration that I am working with, to deploy a basic Azure environment. For the purposes of the test, the infrastructure within my existing code is largely unimportant – it is the manually created infrastructure that is the focus for Azure Terrafy. Let’s assume that the manually created infrastructure above is something that I want to bring under Terraform management and integrate it into my configuration code.

With Azure Terrafy, the process is very simple when importing Resource Groups – we just run the following command (once authenticated to Azure within a CLI Session):

# AzTfy Resource Group
aztfy resource-group <resource group name>

When the above command is run, Azure Terrafy then runs an import process, whereby discovered Resources are shown first:

Once the discovery is completed, and we have selected to import, we can then see the import taking place:

Once the import process is completed, we are shown a message like the one below:

✅ We have now completed the import of Resources within my test Resource Group!

If you wish to import individual Resources, rather than a Resource Group, you can use the command below:

# AzTfy Individual Resource
aztfy resource [option] <resource id>

Confirming the Import

Now that the import process has been completed, we need to confirm the import has worked as expected. To do this, we will check two things – the State file, and the generated configuration. Firstly, lets examine the State file:

✅ As you can see, my “terrafy-import-rg” Resource Group now exists within the State File.

Next up, let’s examine the generated configuration from Azure Terrafy. The tool automatically generates a Terraform file based on the imported infrastructure, which is an awesome feature with many potential uses and benefits.

⚠ There are a few limitations currently, which you can read about here: https://github.com/Azure/aztfy#limitation.

Upon running Azure Terrafy, an additional file is created within our working directory – in my case, main.aztfy.tf:

Within this file, a Terraform configuration for the discovered Resources can be found:

✅ As you can see in the above screenshot, a Resource Group and Key Vault configuration have been generated.

Within my generated file there are also two VNETs and two Subnets (I’ve just cropped to save space!). With this generated configuration, we can continue to run Terraform commands, and manage the imported infrastructure elements within Terraform – exactly like we had created these within Terraform itself.

Conclusion

As you can see, Azure Terrafy is a great way to bring existing Resources under Terraform management, and also into your configuration files. Azure Terrafy provides the import in a simple approach that’s great for getting Resources into Terraform, with flexibility to tweak and adjust or import individual resources as required. Overall, an extremely useful tool which I certainly will be using.

Until next time – thanks for reading! ?

Skip to content