How to display all the resources present in aws using terraform command?

Terraform show command will show all the resources in the state file.

But we need to display all the resources present in AWS (or region specific), not just the one in the state file.

How to do that using terraform?

From AWS CLI we can do like below.

aws resourcegroupstaggingapi get-resources --region us-east-1

But we want to acheive the same using terraform cli or any other hashicorp tool.

Hi @uday.globuslive,

Terraform only ‘knows’ about resources that it has under management (those in its state file) provisioned via a resource block, or where a data resource is used to query an ‘unmanaged’/external resource to get data from it. Terraform and the provider do not have a built-in method to retrieve the catalogue of resources in a given account/subscription.

Typically you will need to use either the cloud provider’s API or other such command (as you have shown) to get this information.

Detailing your use-case for you want this information and what you are planning to do with it within Terraform may help to inform further answers.

However - it is possible to run such commands and retrieve their output within a terraform using a local-exec provisioner or HTTP/ Restful API calls via the http provider or another published provider such as Mastercard/restapi. Which could enable you to get this data into your module for use.

No, it do have that feature, need to tweak more.

Here you can see below it will list all ec2 instances(not necessarily created by terraform) for a specific region.

provider “aws” {
region = “us-west-2” # Specify the desired region here

data “aws_instances” “stopped” {
instance_state_names = [“stopped”]

data “aws_instances” “running” {
instance_state_names = [“running”]

output “running_instances” {
#value = jsonencode(data.aws_instances.running.ids)
value = data.aws_instances.running.ids

output “stopped_instances” {
value = data.aws_instances.stopped.ids

But it is only giving one resources from one region.

As I stated:

Your example here is using a data resource here which is available via the provider to query the resources - specifically ec2 instances - but you asked for all resources present:

To do this using data resources you would need to create a module containing data resources for each and every resource type with the appropriate parameters to list all of that type of resource (which may not be possible with all resource types depending upon the provider)

Your example CLI command returns all the tagged or previously tagged resources that are located in the specified Amazon Web Services Region for the account. This command could be run in a provisioner and the JSON then returned can be manipulated via HCL expressions as needed.

Out of interest, what is your use-case for this? If it is to provide a ‘catalog’ of all existing resources in your AWS account/region after a terraform apply for some audit or logging purposes then is probably better to take this outside terraform and have it as a step or stage in your deployment pipeline to specifically extract the information and store/compare it as required.