Yesterday I attended HashiDays London, which was an awesome day of sessions covering numerous HashiCorp Products. In particular, the Terraform, Boundary, Vault and Consul updates and sessions were really interesting, and I left with a huge list of things that I’ll be testing out in my lab in the coming weeks! You can catch up on sessions on-demand if you missed the event here: https://live.hashidays.com/on-demand.
One of the new features announced was the ability to use config driven import within Terraform, allowing resources to be imported into Terraform State and then managed using Terraform moving forward. This is something that will be extremely useful for organisations who adopt Terraform midway through an application or environment lifecycle and wish to bring existing resources under management.
In this post I’ll run through a quick test of the import feature using some Azure Resources!
Config Driven Import
To start this process, I have two Public IP Addresses in an Azure Resource Group:
Next, I will start with a blank configuration in VSCode, with just a Provider block for the AzureRM Provider – as this is what I’ll be using to manage these Resources:
We can now start to define the import blocks, which will define the Resource that our existing (non-Terraform) Resources will be imported to. For this we need to define the resource type to import into, and the Resource ID from Azure:
If you wish to try this sample the code is available below – just update your Subscription:
import { to = azurerm_resource_group.rg1 id = "/subscriptions/xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/rg-import-test" } import { to = azurerm_public_ip.pip1 id = "/subscriptions/xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/rg-import-test/providers/Microsoft.Network/publicIPAddresses/pip-a" } import { to = azurerm_public_ip.pip2 id = "/subscriptions/xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/rg-import-test/providers/Microsoft.Network/publicIPAddresses/pip-b" }
Now that we are setup and ready to import, we can run the following command to generate a TF file for us to inspect:
terraform plan -generate-config-out new.tf
We will then see the plan that confirms resources will be imported if we run apply:
Warning! At the current time, config generation is experimental!
We will also have a new file called “new.tf” that lists out the configuration for resources to be imported:
We can now check this file and ensure we are happy. Once we are ready to proceed – we simply run apply, and these Resources will then be imported:
✅ We have now imported Resources created outside of Terraform! As a test – you can try changing Resource specific elements (names/SKUs for example) within Terraform, and then see these changes reflected back during an apply phase – which demonstrates Terraform now managing imported resources.