It can be tricky trying to maintain the state of your resources within the cloud. This is why lots of people are turning to Infrastructure as Code to help create, manage and maintain those resources in a DevOps manner.
Lots of people are turning to Terraform as their Infrastructure as Code (IaC) language/tool.
What happens if you’ve got a bunch of resources already created and you want to start to use Terraform to manage them?
This is where Microsoft Azure Export for Terraform can help. It’s worth noting that this tool has gone under a rebrand and used to be called Azure Terrafy.
Microsoft Azure Export for Terraform is a tool that makes it easy to import your existing Azure resources into Terraform modules.
In this blog post, I will show you how to install Microsoft Azure Export for Terraform, and important existing Azure resources and discuss some best practices and limitations of the tool.
- An Azure account and subscription
- Terraform installed on your machine
- Azure CLI installed on your machine
- Azure profile configured within Azure CLI to read resources in your Azure subscription
There are a few ways to install Microsoft Azure Export for Terraform onto your machine. You can use brew, Windows Package Manager, Go, Chocolatey or you can get the latest binaries from the releases in GitHub.
My preference is using Windows Package Manager, using the simple command:
winget install Microsoft.Azure.Aztfy
Once you have the tool installed you can specify the single resource or resource group you want to import into a Terraform file.
In this tutorial I am going to import an Azure resource group and all the resources inside it.
I want to import the resource group called “rg-speakingrecord”, so I need to issue the command:
aztfy rg rg-speakingrecord
Microsoft Azure Export for Terraform will now begin the import process.
Once the tool has scanned the resources within your resource group it will show you some options. These are at the bottom of the screen and sometimes difficult to see depending on your terminal settings.
We can show results, show errors or recommendations as well as initial the import.
Type _ w _ to import all the resources it has found. Microsoft Azure Export for Terraform will not start to generate the Terraform scripts for you. It will include any dependencies and also update the Terraform state file for you.
Once it has finished you can open up the files and folders it has created and view the newly generated Terraform files.
The best way to validate that the files are correct is to run _ terraform plan _ and it should confirm the files match the current configuration and there are no changes to be made.
- Be sure to review the generated Terraform configuration files carefully before you apply it.
- If you have a lot of resources it may take some time for the tool to scan it and then generate the relevant files, so be patient.
- Microsoft Azure Export for Terraform doesn’t generate variable files, everything is defined in a static way. So for reusability you need to manually edit and then declare variables before reusing elsewhere.
Currently there are some limits to using the tool:
- It can only import Azure resources, it can’t import resources from other cloud providers.
- Complex or customised infrastructure might not import well via this tool.
- The tool currently declares dependencies explicitly. You must know the mapping of the relationships between resources to refactor the code to include any implicit dependencies.
In conclusion, Microsoft Azure Export for Terraform is a very valuable tool.
It can save you time and effort configuring those existing Azure resources into Terraform files.
No tool is perfect and as long as you are aware of its limitations it is a great tool to have within your toolbox when dealing with existing resources and bringing them under management via Terraform.