Using Terraform to import existing resources on Azure

I have an existing resource group on Azure with a VM running on it and have been playing around with Terraform to try and import the resource to my state file.

I have set up a skeleton file, and as far as my understanding is once I import TF should populate this with the values on my resource group in Azure

resource "azurerm" "example" {
# ...instance configuration...
  name = "MyResourceGroup"

}

Command I am running from CLI:

terraform import azurerm_resource_group.MyResourceGroup/subscriptions/MySubscriptionNumber/resourceGroups/MyResourceGroup

Message from Terraform:

The import command expects two arguments.
Usage: terraform import [options] ADDR ID

  Import existing infrastructure into your Terraform state.

  This will find and import the specified resource into your Terraform
  state, allowing existing infrastructure to come under Terraform
  management without having to be initially created by Terraform.

  The ADDR specified is the address to import the resource to. Please
  see the documentation online for resource addresses. The ID is a
  resource-specific ID to identify that resource being imported. Please
  reference the documentation for the resource type you're importing to
  determine the ID syntax to use. It typically matches directly to the ID
  that the provider uses.

  The current implementation of Terraform import can only import resources
  into the state. It does not generate configuration. A future version of
  Terraform will also generate configuration.

  Because of this, prior to running terraform import it is necessary to write
  a resource configuration block for the resource manually, to which the
  imported object will be attached.

  This command will not modify your infrastructure, but it will make
  network requests to inspect parts of your infrastructure relevant to
  the resource being imported.

Options:

  -backup=path            Path to backup the existing state file before
                          modifying. Defaults to the "-state-out" path with
                          ".backup" extension. Set to "-" to disable backup.

  -config=path            Path to a directory of Terraform configuration files
                          to use to configure the provider. Defaults to pwd.
                          If no config files are present, they must be provided
                          via the input prompts or env vars.

  -allow-missing-config   Allow import when no resource configuration block exists.

  -input=true             Ask for input for variables if not directly set.

  -lock=true              Lock the state file when locking is supported.

  -lock-timeout=0s        Duration to retry a state lock.

  -no-color               If specified, output won't contain any color.

  -provider=provider      Specific provider to use for import. This is used for
                          specifying aliases, such as "aws.eu". Defaults to the
                          normal provider prefix of the resource being imported.

  -state=PATH             Path to the source state file. Defaults to the configured
                          backend, or "terraform.tfstate"

  -state-out=PATH         Path to the destination state file to write to. If this
                          isn't specified, the source state file will be used. This
                          can be a new or existing path.

  -var 'foo=bar'          Set a variable in the Terraform configuration. This
                          flag can be set multiple times. This is only useful
                          with the "-config" flag.

  -var-file=foo           Set variables in the Terraform configuration from
                          a file. If "terraform.tfvars" or any ".auto.tfvars"
                          files are present, they will be automatically loaded.

Any help much appreciated

James Thorpe

It looks like you need to fix your script file first - azurerm isn't a valid resource name, did you mean:

resource "azurerm_resource_group" "example" {
    # ...instance configuration...
    name = "MyResourceGroup"    
}

As seen in the output, import is expecting two parameters, ADDR and ID - you're only passing (what I assume is) the ID. You also need to tell terraform which resource in your script it maps to:

terraform import azurerm_resource_group.example \
  /subscriptions/MySubscriptionNumber/resourceGroups/MyResourceGroup

When I copy your CLI, I get the same result with you.

Between azurerm_resource_group.MyResourceGroup and /subscriptions/MySubscriptionNumber/resourceGroups/MyResourceGroup, it needs a space.

The correct format is below:

terraform import azurerm_resource_group.MyResourceGroup /subscriptions/MySubscriptionNumber/resourceGroups/MyResourceGroup

More information about this please refer to this link.

Using the Terraform Azure provider v1.16.0 I got a "Cannot parse Azure ID" error message:

terraform import azurerm_network_security_group.myterraformnsg "subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg"
azurerm_network_security_group.myterraformnsg: Importing from ID "subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg"...
azurerm_network_security_group.myterraformnsg: Import complete!
  Imported azurerm_network_security_group (ID: subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg)

azurerm_network_security_group.myterraformnsg: Refreshing state... (ID: subscriptions/ef37d4b2-686a-494a-9001-5.../networkSecurityGroups/test-nsg)
Error: azurerm_network_security_group.myterraformnsg (import id: subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg): 1 error(s) occurred:

* import azurerm_network_security_group.myterraformnsg result: subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg: azurerm_network_security_group.myterraformnsg: Cannot parse Azure ID: parse subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg: invalid URI for request

Looking into the Azure provider source code I found out that you need to enter the full URL to the Azure resource - like this:

terraform import azurerm_network_security_group.myterraformnsg "https://portal.azure.com/<id>/resource/subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg"
azurerm_network_security_group.myterraformnsg: Importing from ID "https://portal.azure.com/<id>/resource/subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg"...
azurerm_network_security_group.myterraformnsg: Import complete!
  Imported azurerm_network_security_group (ID: https://portal.azure.com/<id>/resource/subscriptions/<subscriptionId>/resourceGroups/test/providers/Microsoft.Network/networkSecurityGroups/test-nsg)
azurerm_network_security_group.myterraformnsg: Refreshing state... (ID: https://portal.azure.com/<id>/networkSecurityGroups/test-nsg)

Import successful!

The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.

Unfortunately, Import will only update the Terraform state.

It will not (yet) update the configuration file.

This makes the Import function less useful, IMO.

来源：https://stackoverflow.com/questions/47439848/using-terraform-to-import-existing-resources-on-azure

标签

azure

azure-virtual-machine

terraform

terraform-provider-azure