No video
Exploring the Import Block in Terraform 1.5
Рет қаралды 14,241
Күн бұрынTerraform 1.5 includes the new import block, and it's a game changer! This new feature makes importing existing infrastructure far easier than the older import command. Let's dig into how it works, why it's better, and what gaps still exist.
When you first start using Terraform, there's a non-zero chance you already have infrastructure deployed and you may want to bring that existing infrastructure under management with Terraform. While that was possible with the older import command, it was quite painful.
The import command didn't show an execution plan before making changes to state, it was limited to a single resource at a time, and it wouldn't create the configuration block for you. The new import block solves all these problems and more!
In the video we'll cover the following:
🌮 The old import command process and limitations
🌮 Syntax and workflow for the import block
🌮 Importing a single resource to an existing configuration
🌮 Creating a new configuration with the generate-config-out flag
Thank you so much for watching! Subscribe if you think I’ve earned it. Hit the bell as well if you’re feeling swell.❤️&🌮
✅🔔 Subscribe ► nedinthecloud.com/SubscribeYT
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
🌮 Other videos to check out:
📽️ Moved blocks in Terraform: • Using Moved Blocks in ...
📽️ Azure Terrafy: • Azure Terrafy - Import...
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
🌮 Timestamps:
⌚ 0:00 Intro
⌚ 0:56 Import Command Workflow
⌚ 2:03 Import Command Problems
⌚ 4:29 Import Block Workflow and Syntax
⌚ 6:17 Generate Config Out Flag
⌚ 7:20 Basic Import Example
⌚ 12:47 Using the Generate Config Out Flag
⌚ 20:51 Existing Problems and Challenges with Import
⌚ 22:51 Final Thoughts
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
#terraform #hashicorp #devops #cloudengineer #techlearning
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
⭐ CONNECT WITH ME 🏃🦖
🌐 Day Two Cloud: daytwocloud.io
🌐 Chaos Lever: chaoslever.com
🌐 Visit my Website ► nedinthecloud.com
🗳 Pluralsight ► app.pluralsight.com/profile/a...
🐙 Find the code at GitHub► github.com/ned1313
🐧 Twitter ► / ned1313
👨💼 LinkedIn► / ned-bellavance
For collaboration or any queries: ned@nedinthecloud.com
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
🌮 About Me 🌮
Ned is a curious human with a knack for creating entertaining and informative content. With over 20 years in the industry, Ned brings real-world experience to all his creative endeavours, whether that's pontificating on a podcast, delivering live instruction, writing certification guides, or producing technical training videos. He has been a helpdesk operator, systems administrator, cloud architect, and product manager. In his newest incarnation, Ned is the Founder of Ned in the Cloud LLC. As a one-man-tech juggernaut, he develops courses for Pluralsight, runs two podcasts (Day Two Cloud and Chaos Lever, and creates original content for technology vendors.
Ned has been a Microsoft MVP since 2017 and a HashiCorp Ambassador since 2020, and he holds a bunch of industry certifications that have no bearing on anything beyond his exceptional ability to take exams and pass them. When not in front of the camera, keyboard, and microphone, you can find Ned running the scenic trails of Pennsylvania or rocking out to live music in his hometown of Philadelphia. Ned has three guiding principles: Embrace discomfort, Fail often, and Be kind.
@awstherapy Жыл бұрын
Nice, clear, direct and with a demo :D Thanks man !
@JoseLemus68 Жыл бұрын
Great video very informative and straight to the point. Always enjoy all your videos!
@George-mk7lp Жыл бұрын
great job as always, love your channel
@jon31394 Жыл бұрын
This was a great help to me. Thanks!
@zehph 8 ай бұрын
Such a gem! Great content, thank you. 🙏
@loicvolle6840 Жыл бұрын
That was super useful thankx !
@liamray2010 7 ай бұрын
It's not fair this guide has too few likes. It's definitely deserves much more likes!
@GM-qv1ql 10 ай бұрын
Good explanation! thank you!!
@oleksandrlytvyn532 7 күн бұрын
Thanks
@mcalnd Жыл бұрын
Love your videos Ned, they have helped me immensely over the years. I don't know if you can fix the audio/video mismatch though, appears that the video lags behind the audio by about a second?
@NedintheCloud Жыл бұрын
It's super weird. It looks fine when I'm editing, but the upload to KZfaq seems to be breaking something. I'll work on fixing any future videos.
@ronaldonazo6961 Жыл бұрын
Nice, can you do a video of a timeline of updates on each terraform version? Because most of us are still stuck on v1.2 😂
@NedintheCloud Жыл бұрын
Interesting idea, I'll add it to the list. Do you just want a feature comparison from Terraform 1.0 till 1.5?
@sanjam3708 9 ай бұрын
Thank you, Ned. Great presentation on "Testing Vault ACL policies with Python" in HashiConf 2023. Could you please github repo link for the code used in this example? Thank you.
@NedintheCloud 8 ай бұрын
Thanks! Here's the repo: github.com/ned1313/vault-policy-testing/
@jebc88 Жыл бұрын
have you tested this feature to fix issues related to state file being out of sync? Like, for instance, deploying a new DB via terraform and later on pushing manual changes via the console (causing the sync problem). Will import blocks fetch all these new changes so you can grab these and update your original main terraform file?
@NedintheCloud Жыл бұрын
If the resource already exists in your configuration, then import blocks won't really help. You either need to overwrite the changes with the current resource configuration or update the configuration to match the actual DB.
@maliktdr5261 Жыл бұрын
Do you prefer aztfexport or Import Blocks ? :D
@NedintheCloud Жыл бұрын
Why choose?! As I understand it, the aztfexport team is going to integrate import blocks into their tool soon.
@h2hern952 6 ай бұрын
@@NedintheCloud Sooo, does it means Aztexport is the way to go? :D
@freibuis Жыл бұрын
where was this years ago ;) lol
@lakerfan4life308 9 ай бұрын
Can the import block be used on an existing infrastructure that doesn’t have main and state files generated? I know using the TF export command it generates everything and expects the working directory to be empty.
@NedintheCloud 9 ай бұрын
The import block can be used with an existing configuration or a new empty one. Either is fine. It doesn't create a new instance of state, it uses the existing state backend.
@lakerfan4life308 9 ай бұрын
Thanks for replying and providing the info. I have some resources that will require import blocks. Used azexport which worked better than Terraformer but clean-up is required. @@NedintheCloud
@hassanmahmood6584 6 ай бұрын
Hi I'm trying to use the new terraform import block but i get an error saying that import blocks are not expected. I'm running v1.7.2 on WSL
@sakshamawasthi6514 3 ай бұрын
Hi , the import block feature was introduced in Terraform v1.3.0, but there's a specific syntax and setup you need to follow to use it correctly. Since you're using Terraform v1.7.2, which supports import blocks, make sure you're placing the import block correctly within your configuration. resource "aws_instance" "test" { import { id = "i-8737839489" } }
@lakerfan4life308 9 ай бұрын
Getting the following error: The parsed Resource ID was missing a value for the segment at position 2 (which should be the literal value "resourceGroups") on a kubernetes_cluster import block. Is there a fix for this? I get it after running a TF plan. Using the new "import block" method.
@NedintheCloud 8 ай бұрын
Most likely the generated configuration copied over too many values or an incompatible value from the actual resource. Try removing literal values that aren't needed for the resource configuration block.
@lakerfan4life308 8 ай бұрын
@@NedintheCloud thanks. I had to downgrade the tf provider version to 3.x to get it to work. The later versions would error out on the resource subscription tag.
@KicoRox 11 ай бұрын
terraformer killer
@NedintheCloud 11 ай бұрын
Could be?! There's some more cool improvements coming down the pike that I can't talk about yet.
@ventin75 4 ай бұрын
id does not support variables :(
@NedintheCloud 3 ай бұрын
The `to` argument doesn't, but starting in Terraform 1.6, the `id` field supports any expression that evaluates to a string. You can also use `for_each` with import blocks starting in Terraform 1.7.
@ventin75 3 ай бұрын
@@NedintheCloud Thanks for this update. Currently on v1.5.7, will check out v1.7.
@leoestrada1073 Жыл бұрын
Hi Ned, I am using the public registry EC2 module -> terraform-aws-modules/ec2-instance/aws to test out the import functionality of Terraform 1.5.x. I created an EC2 instance using the module for the testing. When I tried importing the EC2 instance using the same EC2 module (I deleted the terraform.tfstate to simulate), Terraform plan was showing 2 update in-place changes. I can't figure out where the change is coming from. I am expecting no changes as I have used the same EC2 module and main.tf config - no changes in parameters. I only deleted the terraform.tfstate to simulate the import. Did you encounter this previously? thanks. ---------------------- Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # module.ec2_private["0"].aws_instance.this[0] will be updated in-place # (imported from "i-0d9fc1c2d85639717") ~ resource "aws_instance" "this" { ami = "ami-0ee3dd41c47751fe6" arn = "arn:aws:ec2:us-east-1:163240833505:instance/i-0d9fc1c2d85639717" associate_public_ip_address = false availability_zone = "us-east-1a" cpu_core_count = 1 cpu_threads_per_core = 1 disable_api_stop = false disable_api_termination = false ebs_optimized = false get_password_data = false hibernation = false id = "i-0d9fc1c2d85639717" instance_initiated_shutdown_behavior = "stop" instance_state = "running" instance_type = "t2.micro" ipv6_address_count = 0 ipv6_addresses = [] key_name = "terraform-key-rc_is-lab_account" monitoring = false placement_partition_number = 0 primary_network_interface_id = "eni-0a025e9b1e5b4b948" private_dns = "ip-10-0-1-102.ec2.internal" private_ip = "10.0.1.102" secondary_private_ips = [] security_groups = [] source_dest_check = true subnet_id = "subnet-0ee9f8fc6fc759978" tags = { "Department" = "it" "Name" = "sandbox-vm-0" "Team" = "it-devops" "Terraform" = "true" "environment" = "sandbox" "owners" = "it" } tags_all = { "Department" = "it" "Name" = "sandbox-vm-0" "Team" = "it-devops" "Terraform" = "true" "environment" = "sandbox" "owners" = "it" } tenancy = "default" + user_data_replace_on_change = false + volume_tags = { + "Name" = "sandbox-vm-0" } vpc_security_group_ids = [ "sg-0b0776d70bd8c80c9", ] capacity_reservation_specification { capacity_reservation_preference = "open" } cpu_options { core_count = 1 threads_per_core = 1 } credit_specification { cpu_credits = "standard" } enclave_options { enabled = false } maintenance_options { auto_recovery = "default" } metadata_options { http_endpoint = "enabled" http_put_response_hop_limit = 1 http_tokens = "optional" instance_metadata_tags = "disabled" } private_dns_name_options { enable_resource_name_dns_a_record = false enable_resource_name_dns_aaaa_record = false hostname_type = "ip-name" } root_block_device { delete_on_termination = true device_name = "/dev/xvda" encrypted = false iops = 100 tags = { "Name" = "sandbox-vm-0" } throughput = 0 volume_id = "vol-0771f67580c18a268" volume_size = 8 volume_type = "gp2" } + timeouts {} } # module.private_sg.aws_security_group.this_name_prefix[0] will be updated in-place # (imported from "sg-0b0776d70bd8c80c9") ~ resource "aws_security_group" "this_name_prefix" { arn = "arn:aws:ec2:us-east-1:163240833505:security-group/sg-0b0776d70bd8c80c9" description = "Security group with HTTP & SSH port open for everybody (IPv4 CIDR), egress ports are all world open" egress = [ { cidr_blocks = [ "0.0.0.0/0", ] description = "All protocols" from_port = 0 ipv6_cidr_blocks = [] prefix_list_ids = [] protocol = "-1" security_groups = [] self = false to_port = 0 }, ] id = "sg-0b0776d70bd8c80c9" ingress = [ { cidr_blocks = [ "10.0.0.0/16", ] description = "HTTP" from_port = 80 ipv6_cidr_blocks = [] prefix_list_ids = [] protocol = "tcp" security_groups = [] self = false to_port = 80 }, { cidr_blocks = [ "10.0.0.0/16", ] description = "SSH" from_port = 22 ipv6_cidr_blocks = [] prefix_list_ids = [] protocol = "tcp" security_groups = [] self = false to_port = 22 }, ] name = "private-sg-20230716055903460900000001" name_prefix = "private-sg-" owner_id = "163240833505" + revoke_rules_on_delete = false tags = { "Department" = "it" "Name" = "private-sg" "Team" = "it-devops" "Terraform" = "true" "environment" = "sandbox" "owners" = "it" } tags_all = { "Department" = "it" "Name" = "private-sg" "Team" = "it-devops" "Terraform" = "true" "environment" = "sandbox" "owners" = "it" } vpc_id = "vpc-0c2e6db281af6595b" + timeouts { + create = "10m" + delete = "15m" } } Plan: 5 to import, 0 to add, 2 to change, 0 to destroy. Changes to Outputs: + ec2_private_instance_ids = [ + "i-xxxxxxxxxxxxxxxxxxxxxxxxxxxx", ] + ec2_private_ip = [ + "x.x.x.x", ] + private_sg_group_id = "sg-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + private_sg_group_name = "private-sg-xxxxxxxxxxxxxxx" + private_sg_group_vpc_id = "vpc-xxxxxxxxxxxxxx"
@NedintheCloud 11 ай бұрын
It could be properties that are being added by the AWS API. The '+' sign will tell you which properties are being set/updated. I'm guessing it's something weird about those attributes, the aws provider, and the actually API.
TechWorld with Nana
Рет қаралды 198 М.