When I use terraform import -lock=false against a Terraform Cloud workspace it fails with
Error writing state file: Error uploading state: Conflict
I’ve checked the workspace in Terraform Cloud is unlocked.
I’m trying to avoid locking state to speed things up when running multiple import commands.
That’s the problem - it needs to be locked to permit state uploads.
So the pattern to do multiple operations with one lock is:
-lock=false so each command doesn’t try to lock what’s already lockedHOWEVER given your goal, I think you’ll still find it’s rather slow, as running multiple terraform import commands in this way will download modify and re-upload the state for each command.
A better option is:
backend configurationterraform init -migrate-state -lock=false to bring your state from Cloud to localbackend configurationterraform init -migrate-state -lock=false to send your modified state back to Cloud - onceThat last point needs some more explanation…
It might be unsafe to unlock your workspace, because if you use Terraform incorrectly, it might decide to delete all the resources that you just imported!
If, either because other people committed to the Git repository whilst you were working on it, or you committed multiple times, there might be queued runs waiting for the lock to be released, which were created using a version of your Git repository from before you added the resource blocks you just imported. If Terraform were to run with your current uploaded state, but an older configuration version, that would instruct it to delete the newly imported objects!
Review pending runs in the workspace and cancel some if needed.
If you ran your imports using resource blocks that you added locally, but did not Git commit and push yet, Terraform Cloud may not have the same configuration as you do. If Terraform were to run with the uploaded state but without those uncommitted or unpushed resource blocks, that would instruct it to delete the newly imported objects!
Make sure you really have pushed the Git changes that go with your imports to the proper Git branch.
If there was a bug in a Terraform provider, it might not handle imports quite right, leading to unforeseen unwanted changes - possibly including resource replacements - on the next run.
Either trigger a speculative plan (run terraform plan) and review it before unlocking, or set your workspace mode to manual apply before unlocking, then after trigger a run, and review the plan before confirming it.
@maxb I assume to move TFC state to local I have to use the API manually State Versions - API Docs - Terraform Cloud | Terraform by HashiCorp
Migrating from Terraform Cloud to local state.
╷
│ Error: Migrating state from Terraform Cloud to another backend is not yet implemented.
│
│ Please use the API to do this: https://www.terraform.io/docs/cloud/api/state-versions.html
│
│
╵
Oh… that’s a rather glaring omission I was not aware of in the new cloud backend.
Personally, I still use the remote backend to work with Terraform Cloud, because the cloud backend didn’t exist back when I learnt Terraform first.
Now that I know the cloud backend is missing important features, I have even less reason to change.
You might find reconfiguring using the remote backend a convenient way to complete this operation.