I have taken over and environment create by terraform, its is a AWS environment, the state file is saved in S3. I was provided with the code repo as well, however when run the plan is states that there is quite a few modules missing from the repo that I have, how can i create these modules, in order to get a successful plan, apart from investigating each resource and creating them all manually in code first.
Hi @bobk81,
There is no real way to generate the config from the state, especially considering that any references between resources would not be known, making the config much harder to maintain.
The approach to recover here would be to look at the either the existing state or plan output, and start generating the config to match, updating things until you can get an empty plan.
If you want to try, v1.1 will have an experimental add command (included the current alpha release). This can be used to generate configuration stubs for resources, with an option is to fill in values from the existing state. It will still take manual work to adjust the resources to make a sensible configuration, but it may be worth trying out if you have a lot of resources to map out.
Thanks for the reply, will have to start cracking away at generating the modules then from scratch. On version 1.1, it might be a option, however the project is still on 13.0. The plan was to at least upgrade it, before making changes, but I cant do a apply or just a plan on the current one as the states doesn’t match. Is there another way to get to 1.1 from 0.13, if I cant do a plan currently?
I wouldn’t suggest trying to apply anything with v1.1 until you can make sure everything is working on the current version. However since the experimental add command only creates config stubs, there’s no reason you couldn’t try using it to generate parts of the config. Just be very sure to keep the cli versions straight so you don’t save any state with v1.1 which could make going back difficult. Might be a good idea to work from a copy of the state to avoid the possibility of corruption entirely.
I suggest something else to use in your plan:
Identify all the resources that are missing its Terraform code, and use Terraform Data Sources to “define” the missing object in your current Terraform code.
Example, imagine you are missing an EBS volume, then use the data source for aws_ebs_volume to replace the missing object.
data "aws_ebs_volume" "missing_volume" {
most_recent = true
filter {
name = "tag:Name"
values = "missing"
}
}
If it is a dependency for other resources, you can now use: data.aws_ebs_volume.missing_volume.id as input for that dependency.
Actually if you create modules for the missing modules, you can use data sources in those modules and avoid search & replace references.
Example for a module that “created” a security group, now converted to a module that “finds” an existing security group.
module "aws_sg_ec2_default" {
source = "../modules/aws/data/security/group"
vpc_id = module.aws_network_vpc.id
name = var.base_net["aws_sg_ec2_default_name"]
}
output "aws_sg_ec2_default" {value = module.aws_sg_ec2_default.id}
The “new” module uses a data source to find the security group, since the Terrraform resource will be have the same name: module.aws_sg_ec2_default.aws_security_group.default, you can either write the full module or write just the data source.
Later on you can replace the data source in the module with a resource.
Wouldn’t it be a good idea that the state file included a copy of the Terraform code used to produced it? at least you have the state file, I have had projects where no state was available.
Thank you, will have a look at that as well.