is there any code generator for Azure Terraform?
Actually i am trying to add Azure app service to existing resource group. For this we need a state configuration file, which can be generated only ( Terraform import ) if we have full Terraform code already written for that resource group.
I saw, Using Terraform to import existing resources on Azure and Update existing app service with Terraform ,but here i am talking about the thousands of resource groups.
Thanks
Gill
You would, to my knowledge, need to use terraform import against all of the existing resources that you have / want to consumse via terraform.
In saying that if you only want to manage the Azure App Service with Terraform and not everything else you can just simply pass all the requirements for the resource in and only manage this in the terraform state file.
Hi Lachie thanks for reply, I Found the solution using AZ2TF tool.
Thanks to Mr Agarciamiravet, who explained all the steps to use AZ2TF tool ( by using Docker) at
https://recetasdevops.com/migra-tu-infraestructura-actual-de-azure-a-terraform-con-py-az2tf/
this worked very well for me.
Thanks
Gill
Related
Initially resources in our authentication provider were created manually through the provider web console. It worked and things went to production this way. The problem is that the configuration is increasing in complexity and I'd like to manage it through terraform files instead of continuing through the provider Web console (no backup, no way to recreate everything easily , etc.)
I initially thought of modelling my configuration with data block for the existing resources and use new resources block for the new resources we need to create. Then I wanted to migrate from the data blocks to terraform managed resources (aka resource block). Is it possible through moved block or something else? Is it possible to do it without having to recreate a new managed resource and destroy the data resource which is most likely to cause down time or disruption to the end-user?
In order to manage the resources which were initially created manually or out of terraform scope by any means, Terraform cli offers import as a native solution by Hashicorp.
Every resource has its own way of importing syntax (starting with terraform import ) which you can find at the bottom of any terraform resource definition.
As an example:
Azurerm windows_virtual_machine Import
terraform import azurerm_windows_virtual_machine.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Compute/virtualMachines/machine1
Downside of Native import: You have to import all resources one by one and sometimes just for one resource(solution) you have to make multiple import calls
as an example for a windows virtual machine, you might import
azurerm_virtual_machine_extension
azurerm_managed_disk
azurerm_virtual_machine_data_disk_attachment
as separate. It strongly depends on how would you like them to manage them at the end.
BUT
There are few open-source tools available that help If you have lots of resources that you want to bring under terraform management in a lot easier and faster way.
If you working with Azure resources then aztfy is the recommended tool as it is natively from Azure.
It does generate the terraform code, additionally, it has a feature where you can import the azure resource group, it automatically imports and generates config for the resources that the resource group is holding. Not to mention but the tool gives you a nice terminal-based-UI experience.
For other hyperscalers, there are two choices.
terracognita: can generate modules too as per their docs.
terraformer: Developed by Google people but not an official product.
Learning Terraform, and in one of the tutorials for terraform with azure a requirement was to log in with the az client. Now my understanding is that this was to create a Service Princlple.
I was trying this with Github actions and my assumption was that the properties obtained for the Service Principle. When I tried running terraform plan everything worked out fine.
However, when I tried to do terraform apply it failed until I explicitly did an az login step in the github workflow job.
What am I missing here? Does terraform plan only compare the new configuration file against the state file, not the actual account? Or does it verify the state against the resource-group/subscription in Azure?
I was a little confused with the documentation on terraform plan
If I have existing cloudflare settings (using web console), how to import/download existing cloudflare resource(s),e.g DNS records using terraform?
So, I could use it as a starting point to modify/update it.
Thanks.
Each Terraform resource has an example of importing existing data. For example, the record import
$ terraform import cloudflare_record.default ae36f999674d196762efcc5abb06b345/d41d8cd98f00b204e9800998ecf8427e
You can use cf-terraforming tool to terraforming existing CF resources.
Your steps will look like this:
Describe a Terraform configuration that contains the resources you want to manage with Terraform.
Initialize the created configuration using terraform init and after (this is convenient) quickly get the addresses of the resources that you need for import using terraform plan.
Next, you need to get the IDs of existing resources, they will also be required for import. For the Cloudflare Zone resource, this is easy to do, just refer to this instruction, for other resources, for example, for Cloudflare record you will either need to use cf-terraforming or Cloudflare API.
Import your resources using the terraform import RESOURCE_ADDRESS RESOURCE_ID command.
Another way is to delete your resources and recreate them with Terraform instead of importing them. This can make your infrastructure unavailable for some time.
I highly recommend that you read these guides:
https://developers.cloudflare.com/terraform/advanced-topics/import-cloudflare-resources/.
https://github.com/alex-feel/terraform-cloudflare-zone/wiki/Migration (it is written for a module, but is equally applicable to "raw" resources).
When I run terraform apply -auto-approve I get the following error:
Error: A resource with the ID "/subscriptions/.../resourceGroups/RG-SCUSTFStorage" already exists - to be managed via Terraform this resource needs to be imported into the State. Please see the resource documentation for "azurerm_resource_group" for more information.
I underestand that I need to run terraform import to import the resource to my worksapce. The problem is that I need to specify the resource id for all of the missing resources one at a time.
Is any way to have terraform import import all of the "already exists " resources automatically witout entering the resource IDs one at a time?
Unfortunately, you only can import the existing resources one by one with the resource IDs manually:
The import command doesn’t automatically generate the configuration to
manage the infrastructure, though. Because of this, importing existing
infrastructure into Terraform is a multi-step process.
More details here. I will suggest you use remote state storage for all the Terraform scripts before deployment. If you do not have the state file that contains all the deployed resources, then you only can import them one by one.
If you are looking to import Azure resources then aztfy is the recommended tool as it is natively from Azure.
It does generate the terraform code, additionally, it has a feature where you can import the azure resource group, it automatically imports and generates config for the resources that the resource group is holding.
Not to mention but the tool gives you a nice terminal-based-UI experience.
For other hyperscalers, there are two choices.
terracognita : can generate modules too as per their docs.
terraformer : Developed by Google people but not official product.
There isn't a native way in Terraform to import already existing resources, however, there are a couple of tools available that allow you to not only import the resources but also generate Terraform code for them if it doesn't already exist.
For Azure, the best tool to use is Azure-built AZtfy. A tool to bring your existing Azure resources under the management of Terraform.
Another tool to that can be used to import Azure resources is Google Cloud Terraformer which supports Azure.
I am using Terraform scripts to create azure services, I am having some doubts regarding Terraform,
1) If I have one environment let say dev in azure having some azure resources how can I copy all the resources to new environment lest say prod using terraform script.
2)what are the impact of re-run the terraform file with additional azure resources, what it will do.
3)What if I want to create an app service with the same name from Terraform script that already present in the azure will it update the resource or do nothing after terraform execution completed.
Please feel free to answer the question, it will be great help.
To answer your questions:
You could create a new workspace with terraform workspace new and copy all configuration files (.tf) to the new environment, then run terraform init, plan, apply.
The terraform will compare the content in your current state file with your configuration file, then update the new attributes or creating new resources other than re-creating the existing resources.
You could run terraform import to import existing infrastructure into Terraform. For referencing existing resources in the portal, you can use data sources.