Don't destroy renamed resource

Worried I’ve gotten myself into a little pickle…

I have a resource (an aws_iam_group) which I renamed. For example:

resource "aws_iam_group" "foo"

to:

resource "aws_iam_group" "bar"

NOTE: Nothing about the AWS resource other than the Terraform name changed!

The group can’t be destroyed automatically because there are many users who are already members of that group.

So, I performed an import of the new resource name, which worked fine. Except now every plan operation is attempting to destroy the old resource, which I don’t want it to do; I just want it gone from the state tracking. Everything else is 100% correct.

Is there any easy way for me to correct this?

I guess additionally, is there an easy way for me to rename a resource in the future w/o TF attempting to completely nuke and re-create it?

Figured this out and noting the solution here for anyone else who searches this in the future:

terraform state rm aws_iam_group.foo
terraform init
terraform plan  # shows nothing to do

It appears my additional question “is there an easy way to rename a resource?” can be done with:

terraform state mv aws_iam_group.foo aws_iam_group.bar
1 Like

Thanks for sharing your solution, @massung!

Although it came too late to help you this time, it might interest you to know that we’ve been working on a specialized feature for renaming and moving resources which is currently in the v1.1 alpha releases and expected for Terraform v1.1.

Based on what you described here, I think this new feature would’ve given you a more direct path of just adding a moved block to your configuration to record that you renamed the resource:

moved {
  from = aws_iam_group.foo
  to   = aws_iam_group.bar
}

I’m sorry this feature is coming too late to help you with this particular situation, but hopefully if someone else finds this topic in future the new feature will either be already shipped or closer to shipping, and I hope it can also help you with similar refactoring efforts in the future!