Managing Existing AWS Resources with Terraform Import

Imagine you've deployed some resources in AWS and now want to manage them using Terraform. Terraform uses a state file to keep track of resources, which can be stored locally, in an S3 bucket, or a database. When you create a Terraform configuration and execute the plan command for the first time, Terraform identifies the configurations as new deployments. If you proceed, the apply command will error out, stating that the resources already exist.

Understanding the Issue

This error occurs because Terraform generates and updates a state file on every deployment. During the first deployment, if there is no state file, Terraform considers the resources as newly created. However, there is a way to map the already created resources to the state file using the terraform import command.

Using terraform import

The terraform import command allows you to map existing resources to the Terraform state file. Here’s how to do it:

1. Create a Configuration: First, create a configuration for the resource you want to manage. For example, if you want to map a DynamoDB resource that already exists in AWS, you need to add resource snippet to your configuration file like this:

resource "aws_dynamodb_table" "your_table" {
  # Configuration will be populated after import
}

1. Import the Resource: In the command line, use the terraform import command to map the AWS DynamoDB resource to the Terraform state file. Replace 'aws_dynamodb_table.your_table' with your resource identifier and 'table-name-in-aws' with the name of your DynamoDB table in AWS:

terraform import 'aws_dynamodb_table.your_table' 'table-name-in-aws'

Example: Importing a DynamoDB Table

Here’s a step-by-step example of how to import a DynamoDB table into Terraform:

1. Create Configuration: Save the following configuration in a .tf file (e.g., main.tf):

provider "aws" {
  region = "us-west-2"  # Replace with your region
}

resource "aws_dynamodb_table" "my_table" {
  # The configuration will be added after import
}

1. Run the Import Command: Execute the following command in your terminal:

terraform import aws_dynamodb_table.my_table my-dynamodb-table

1. Verify the Import: After the import, check your state file to see that the DynamoDB table is now managed by Terraform. You can view the state file by running:

terraform show

1. Update Configuration: Now, update your main.tf file with the actual configuration of your DynamoDB table. This might involve adding attributes like hash key, read capacity, write capacity, etc.

2. Plan and Apply: Run the terraform plan command to see if your configuration matches the AWS resource. If everything looks good, you can proceed with terraform apply to apply any necessary changes:
   

terraform plan
terraform apply

Finding Resource-Specific Import Documentation

One of the great features of Terraform documentation is that it provides import instructions on the same page as the resource creation documentation. For example, for DynamoDB tables, you can find detailed import instructions here.

Conclusion

By using the terraform import command, you can map existing AWS resources to the Terraform state file, allowing you to manage them seamlessly with Terraform. This process involves creating a basic configuration, importing the resource, updating the configuration, and verifying it with the terraform plan command. With these steps, you can efficiently bring existing resources under Terraform management.