Terraform Mongo imported service account password challenge

We created service account in mongo by not using terraform.
We imported the user in terraform.
Challenge here is we want to keep the password in the terraform state file same as when it was created by hand.
If we run below resources, random_password resource will generate new password and assign it to password which will change in database and statefile.
We want to have the same password first time generated when the user was created to be in the state file.

resource “random_password” “mongoserviceaccount” {
length = 16
lower = true
upper = true
numeric = true
special = false
}

resource “mongodbatlas_database_user” “mongoserviceaccount” {
username = “mongoserviceaccount”
password = random_password.mongoserviceaccount.result
project_id = var.pid
auth_database_name = “admin”

roles {
database_name = “admin”
role_name = “read”
}
scopes {
name = var.cname
type = “CLUSTER”
}
}

output “key_mongoserviceaccount” {
value = mongodbatlas_database_user.mongoserviceaccount.username
}

output “secret_mongoserviceaccount” {
value = random_password.mongoserviceaccount.result
sensitive = true
}

Hi @Natarajan77,

I think you have 2 options here: you can use ignore_changes on the password field, so that the new random_password doesn’t override the current one, or you can also import the random_password using the password that you want it to be.

I tried with ignore changes it didn’t help.

Should we try like below?

terraform import random_password.mongoserviceaccount “test”

Or use the newer import block via the configuration. That way you can plan any changes before they are saved to the state.

You will need to ensure that resource type can be imported in that way at all (it should be implemented for that provider), and nothing in the config forces replacement of your random_password.