Terraform Import with Storage account example
In this blog, I will deal about Terraform Import and as an example, we will import configuration of a storage account which is already provisioned in Azure portal.
Import
Terraform is able to import existing infrastructure.This allows you take resources you've created by some other means and bring it under Terraform management.
This is a great way to slowly transition infrastructure to Terraform, or to be able to be confident that you can use Terraform in the future if it potentially doesn't support every feature you need today.
Okay, lets assume you have storage account in azure portal and you want to write a terraform code file for this resource.
Lets create a folder and copy latest terraform.exe in the your local computer (F:\Terraformmain) and create a backend.tf.
Put below code in backend.tf and save the file in F:\Terraformmain.
For the above code in terraform backend file to run, it is important for us to preprovision the mentioned resources in azure portal. So create a Resource group and Storage account name and container with similar name.
Storage Account:-
Container:-
Now, create a file with name execute.ps1 and save this file to F:\TerraformMain folder.
go to powershell ISE and execute below command
#login to the portal
az login
# set the subscription name
az account set -s "Visual Studio Enterprise"
#Initialize the Terraform file with the backend configuration.
.\terraform.exe init -backend-config="access_key=$(az storage account keys list --resource-group "terraformstoragerg" --account-name "rakstorageabcd1234" --query '[0].value' -o tsv)"
output of Terraform init is as below
Now we have done the prerequisite for terraform to communicate with my azure subscription and manage the state file.
We are ready to import the storage configuration using Terraform import command.
I do not have a storage account already created in my susbscription to do the Import, so i will create one quickly. In real world you will alredy have the compoents for which you would like to extract the configuration using terraform import feature.
Go to portal and create another storage account.
Create a container inside it with any name.
Now create a new File in visual studio code and type the following for the import process.
First create a variable file. name variables.tf and store to F:\Terraformmain
and then create another file name as "importstorage.tf" which has main code for "azurerm_storage_account"
Now give a command Terraform state list
The terraform state list command is used to list resources within a Terraform state.
It will not give any output because there is nothing in state file.
Now we will import the property of storage account from below command
In order to do this:-
1. Go to portal and get the property of storage account.
Copy the storage account resource ID to the clip board and execute the below command
.\terraform.exe import azurerm_storage_account.value output of storageproperty
Now you will see Import is successful.
Now for storage account "storageimportlearn", you have to generate script with all its properties.
Execute below command
.\terraform.exe plan --target =azurerm_storage_account.storageimportlearn
Its output will be:-
Now based on above details adjust your terraform importstorage.tf file and ensure
gives 0 to add 0 to change and 0 destroy.
Hence change the importstorage.tf file based on suggestion provided.
I did some change as :-
and then executed command
.\terraform.exe plan --target=azurerm_storage_account.storageimportlearn
got an output similar like:-
Hence now i am successfully able to import existing infrastructure and bring it under Terraform management.
Thanks for reading..
Import
Terraform is able to import existing infrastructure.This allows you take resources you've created by some other means and bring it under Terraform management.
This is a great way to slowly transition infrastructure to Terraform, or to be able to be confident that you can use Terraform in the future if it potentially doesn't support every feature you need today.
Okay, lets assume you have storage account in azure portal and you want to write a terraform code file for this resource.
Lets create a folder and copy latest terraform.exe in the your local computer (F:\Terraformmain) and create a backend.tf.
Put below code in backend.tf and save the file in F:\Terraformmain.
terraform {
backend "azurerm" {
resource_group_name = "XXXXXXXX"
storage_account_name = "rakstorageabcd1234"
container_name = "myterraformstate"
key = "XX.yy.ZZ"
}
}
For the above code in terraform backend file to run, it is important for us to preprovision the mentioned resources in azure portal. So create a Resource group and Storage account name and container with similar name.
Storage Account:-
Container:-
Now, create a file with name execute.ps1 and save this file to F:\TerraformMain folder.
go to powershell ISE and execute below command
#login to the portal
az login
# set the subscription name
az account set -s "Visual Studio Enterprise"
#Initialize the Terraform file with the backend configuration.
.\terraform.exe init -backend-config="access_key=$(az storage account keys list --resource-group "terraformstoragerg" --account-name "rakstorageabcd1234" --query '[0].value' -o tsv)"
output of Terraform init is as below
Now we have done the prerequisite for terraform to communicate with my azure subscription and manage the state file.
We are ready to import the storage configuration using Terraform import command.
I do not have a storage account already created in my susbscription to do the Import, so i will create one quickly. In real world you will alredy have the compoents for which you would like to extract the configuration using terraform import feature.
Go to portal and create another storage account.
Create a container inside it with any name.
Now create a new File in visual studio code and type the following for the import process.
First create a variable file. name variables.tf and store to F:\Terraformmain
variable "ResourceGroupName" {
default = "loganalytics"
}
variable "ResourceGroupLocation" {
default = "East US"
}
and then create another file name as "importstorage.tf" which has main code for "azurerm_storage_account"
resource "azurerm_storage_account" "storageimportlearn" {
name = "terramformimportlearning"
resource_group_name = "${var.ResourceGroupName}"
location = "${var.ResourceGroupLocation}"
account_tier = "Standard"
account_replication_type = "GRS"
tags = {
environment = "staging"
}
}
Now give a command Terraform state list
The terraform state list command is used to list resources within a Terraform state.
It will not give any output because there is nothing in state file.
Now we will import the property of storage account from below command
In order to do this:-
1. Go to portal and get the property of storage account.
Copy the storage account resource ID to the clip board and execute the below command
.\terraform.exe import azurerm_storage_account.value output of storageproperty
Now you will see Import is successful.
Now for storage account "storageimportlearn", you have to generate script with all its properties.
Execute below command
.\terraform.exe plan --target =azurerm_storage_account.storageimportlearn
Its output will be:-
as per suggestion, if you will perform Terraform apply, your LRS will change to GRS as in code you have written GRS whereas in portal you have taken LRS. so do not perform Terraform Apply.
in portal you have selected enable_https_traffic_only is true, but in code you have not mentioned anything so default it will be null, so add this line in the code.
----
Now based on above details adjust your terraform importstorage.tf file and ensure
.\terraform.exe target =azurerm_storage_account.storageimportlearn
gives 0 to add 0 to change and 0 destroy.
Hence change the importstorage.tf file based on suggestion provided.
I did some change as :-
resource "azurerm_storage_account" "storageimportlearn" {
name = "terramformimportlearning"
resource_group_name = "${var.ResourceGroupName}"
location = "${var.ResourceGroupLocation}"
account_tier = "Standard"
account_replication_type = "LRS"
account_kind = "StorageV2"
account_type = "Standard_LRS"
enable_https_traffic_only = "true"
}
and then executed command
.\terraform.exe plan --target=azurerm_storage_account.storageimportlearn
got an output similar like:-
Hence now i am successfully able to import existing infrastructure and bring it under Terraform management.
Thanks for reading..
Without Terraform apply, if you want to import existing azure infrastructure resource to state file, you can do this using terraform import.
ReplyDelete