Is it possible to analyse the incremental change with the statefile?
We are looking for incremental sync with terraofrm statefile. where we are planning for below scenario
Our azure resources already got created using terraform with remote-state file.
But some manual operations and CICD pipelines changed the Actual resources states in comparison with the state file.
Now we used Azure Terrafy to import the actual state of the resources, so that it will create terraform manifest and new statefile.
So we are looking for some ways to compare the old and new statefiles (as well as the generated terraform manifests), or merge the statefiles together.
Our Aim is to reuse the existing terraform code and sync the state files inclemently for further usage.
Is there a reason you don’t just call terraform plan, and review what it plans to do revert the manually applied changes, and update your configuration accordingly?
There are scenarios like w cant always use the existing terraform manifests for all the reource configurations, for example fixing issues my any configuration changes from the portal and those changes might not be added to the manifest. So that resulted the terraform sync issue here. So later also such issues may happen in our infra as resources are managed by different teams. So we are looking for some automated pipelines scheduled in weekends to get the statefiles and manifests are in sync regularly
As you are using Terraform to manage your Azure resources people should not be making changes using other tools (including the portal).
In general it isn’t possible to automatically update the state file to match reality, as you need someone to make intelligent decisions around what resources need importing or what code needs changing.
Thanks for quick response… So if we could generate new statefile by using Terraformer or Azure Terrafy, are we able to merge the statefiles in accordance with new statefile?
is there any automated way where we can compare 2 state file differences and understand the changes. Why we are trying for these tools is that, here we will get the terraform code for the new components which is created out of the terraform manifest and which will allow us to easily adding the terraform manifests than manual terraform import command for each resources.
If you have a full Terraform state file you want to use you can use the terraform state push command to replace what you currently have. However this is a dangerous command as Terraform won’t check what you are doing is sensible.
If you have two state files that you want to merge in some way, that is also possible - state files are just JSON documents, but also highly dangerous. The official supported way to inspect a state file is via the terraform state list and terraform state show commands. The official way to adjust state is via terraform import, terraform state rm and terraform state mv.