Importing Existing Infrastructure into Terraform using Terraformer

Terraformer is a powerful tool for importing existing cloud infrastructure into Terraform configuration files. This tool helps automate and simplify the sometimes complex process of managing existing infrastructure with Infrastructure as Code (IaC) by converting your current cloud resources into Terraform code.

Terraformer Work Flow

What is Terraformer?

Terraformer, an open-source project by Google, allows you to generate Terraform configuration files for your existing cloud infrastructure across various providers like AWS, GCP, and Azure. It captures the current state of resources and translates them into a Terraform-readable format, enabling you to migrate or manage resources with Terraform.

Use Cases for Terraformer

1. Infrastructure Migration to Terraform: Organizations with resources provisioned outside of Terraform can use Terraformer to import these resources into Terraform, allowing for standardized IaC practices.
2. Resource State Consolidation: For infrastructures partially managed by Terraform, Terraformer can bring unmanaged resources into Terraform, consolidating all resources within a single tool.
3. Legacy Infrastructure Management: For older environments or inherited setups without IaC, Terraformer allows you to integrate resources seamlessly into Terraform code.

Problems Solved by Terraformer

• Complex Manual Conversion: Importing and managing existing resources in Terraform can be tedious. Terraformer automates this process by generating the configuration files for you.
• Reduced Human Error: Manual import can lead to errors in configuration files. Terraformer reduces these errors by automatically capturing the resource structure.
• Standardization and Automation: Allow teams to standardize infrastructure code across cloud providers and use Terraform as a central management tool.

Challenges with Terraformer

• Incomplete Imports: Not all resources may import perfectly, requiring manual adjustments or additional configuration.
• Provider Limitations: Terraformer may not fully support some providers or resource types, limiting its use for highly specialized infrastructures.
• State Management: Integrating imported resources into existing Terraform state files can be challenging and requires careful planning.

Terraformer Usage Guide

Here’s a breakdown of common Terraformer commands and configuration options for AWS.

1. Importing AWS Resources

To import AWS resources, use the following command. This example imports ECS, Security Groups (SG), ALB, and CodeDeploy resources from the us-east-1 region.

terraformer import aws --resources=ecs,sg,alb,codedeploy --regions="us-east-1" --compact --path-pattern="{output}/" --profile=""

• --resources: Specifies the resources to import, such as ECS, security groups, etc.
• --regions: Sets the AWS region to pull resources from.
• --compact: Generates Terraform code in a simplified format.
• --path-pattern: Defines the output path pattern for the Terraform configuration files.
• --profile: Allows you to specify the AWS CLI profile for authentication.

2. Migrating Terraform State Version

To migrate the Terraform state from versions prior to 0.13, use replace-provider. This command updates providers, necessary for Terraform compatibility and state management.

terraform state replace-provider -auto-approve "registry.terraform.io/-/aws" "hashicorp/aws"

• -auto-approve: Automatically approves the replacement of the provider.
• replace-provider: Specifies the migration from the old provider path (registry.terraform.io/-/aws) to the new one (hashicorp/aws).

3. Importing Additional AWS Resources

To add other AWS resources (like EC2, RDS, or VPC) to your Terraform configuration, use the following syntax:

terraformer import aws --resources=ec2,rds,vpc --regions="us-west-2" --path-pattern="{output}/" --profile=""

4. Customize Output Paths

The --path-pattern flag allows you to organize the output files:

terraformer import aws --resources=ec2,s3 --regions="us-east-1" --path-pattern="{output}/aws/{service}/" --profile=""

This will create a nested directory structure organized by service, which is helpful for larger infrastructures.

Pros and Cons of Terraformer

Here’s a comparison of the benefits and drawbacks of using Terraformer:

ProsConsAutomates ImportingRequires Manual Adjustments for Complex ImportsReduces Manual ErrorsMay Miss Some Resource AttributesSupports Multiple Cloud ProvidersLimited Resource Support for Some ProvidersHelps Standardize IaC for Existing SetupsNot All Providers Are Fully SupportedSaves Time on Large SetupsImported Code Can Be Verbose and Requires Cleanup

Tips for Effective Terraformer Usage

• Organize Output: Use --path-pattern to create structured directories, making it easier to find and manage resources.
• Check Resource Compatibility: Before importing, ensure that Terraformer supports your cloud provider's necessary resources.
• Edit and Test: Review the generated files and test configurations after importing to ensure accuracy.
• Integrate with State Files Carefully: Avoid overwriting existing resources by thoroughly understanding Terraform state management.

Conclusion

Terraformer offers significant advantages in adopting Terraform for existing cloud infrastructures, saving time and reducing manual configuration. Despite some limitations, it’s an invaluable tool for transitioning to Infrastructure as Code and managing existing resources. For anyone looking to standardize or migrate their cloud infrastructure to Terraform, Terraformer is a must-have in your toolkit.