Manipulating State

Terraform state manipulation#

It is important to understand how to manipulate Terraform states. Terraform state can be changed to enable you to do a number of operations such as import existing infrastructure into Terraform, move resources from one Terraform project to another, and correct Terraform if someone manually changes infrastructure behind Terraform’s back.

Create VPC#

Let’s learn how to import infrastructure into Terraform that was created outside of Terraform. First, log into AWS and go to VPC. Click the Create VPC button, enter example in the Name tag field and 10.0.0.0/16 as the CIDR block, then click the Create button. This will create the new VPC.

Manage VPC using Terraform#

To get Terraform to manage this VPC, we need to import it into Terraform:

The code above sets up the AWS Terraform provider and will create a new VPC with the CIDR block 10.0.0.0/16 and with the name tag example. This is the same as how we set it up in the UI.

If you click terminal and run terraform apply from this folder, then Terraform will create another VPC. Give it a try. The reason for this is that the VPC you created manually has nothing to do with Terraform.

Terraform only keeps track of and manages resources that it has created itself. It ignores everything else. To get Terraform to manage your existing infrastructure, you will need to import it. If you have run terraform apply and created a second VPC, then destroy it by running terraform destroy and confirm the destroy by typing yes when prompted.

Import VPC#

To import the VPC you created into Terraform, go to the AWS UI and copy the VPC ID. Go to the command line and type:

Make sure to use the ID of the VPC that you got from AWS. You should see Terraform say Import Successful. Now, if you run terraform apply, Terraform will report No changes. Infrastructure is up-to-date..

Terraform import command#

The terraform import command told Terraform to take ownership of (import) the VPC that we created in AWS. This causes Terraform to go up to AWS, read the resource and put it into its state. Remember, the state is Terraform’s store of what it created or which resources it manages. By doing an import, you are instructing Terraform to start managing that resource.

The terraform import command itself always takes the form:

Where <resource_type> is the type of resource you are importing, <resource_identifier> is the identifier you gave the resource. <value> can be an id or an identifier that Terraform can use to go and get the resource. The <value> field is different for every resource.

To find out what to use in the import command, consult the Terraform documentation for the resource that you are using. It is also worth noting that some resources cannot be imported. The provider author has to implement the import operation for the resource. However, pretty much all resources in the common providers (such as the AWS provider) have implemented import.