Terraform Import Example – AWS EC2 Instance

Do you need to import an EC2 instance into Terraform? Learn how to do this the right way without accidentally deleting your resources.

Video

Below is a video explanation and demo.

Video Chapters

This video lecture has been taken from my course:
Terraform 101 – Certified Terraform Associate which will help you pass the Terraform Associate exam.

You can skip to the relevant chapters below:

• 00:00 – Introduction
• 02:22 – Terraform Import Docs
• 04:30 – Create EC2 Instance from Console
• 07:18 – Run Terraform Import Command
• 08:26 – Create the Terraform Configuration
• 11:39 – Wrap-up

Overview

Terraform is able to import existing infrastructure. In this blog post, you’ll learn how to use Terraform import the right way. You will import existing AWS resources into Terraform. You will see a sample terraform script for AWS.

Suppose a DevOps engineer on your team decided to create an EC2 instance in AWS directly via the console and without using Terraform. Terraform doesn’t know anything about this resource and therefore won’t know to add it to its state file.

Now there is a way to terraform import this resource into our state file, but you’ll still need to manually write the configuration for it. If you don’t, you could delete that resource!

You can see this in the documentation.

Code

Pre-requisites

The following is required to follow along:

• Terraform
• Access to an AWS account to build the AWS infrastructure. We’ll be running within the 12 months free tier

Create an EC2 Instance with Terraform

First, go ahead and run the terraform sample code to create an EC2 instance with terraform. Take a look at the main.tf file. You can find the code here.

Make sure you have your AWS credentials defined in the ~/.aws/credentials file. You can also run aws configure if you have the aws cli installed.

Run the following commands

terraform init
terraform apply --auto-approve

Check the AWS console to see the VM instance.

Create a new EC2 Instance via the Console

Now go ahead and create a new EC2 instance via the AWS console. Use Amazon Linux to be a bit different. You can find how to do this in the video.

Import the new EC2 Instance to Terraform

Now check the documentation for the import command for aws_instance resources

Then run the terraform import command below replacing the <instance_id> below with the one you created from the AWS console and you can find it in the image below:

terraform import aws_instance.console <instance_id>
terraform plan

Notice that you get an error message that we’re missing the configuration. This is good so we don’t accidentally delete the resource. Take a look at the Terraform State Scenarios table below and notice the fourth one highlighted with a red box. This is our import scenario where we import the aws_instance into the state file. Now if we don’t have the configuration, we’re telling Terraform that we don’t want the aws_instance and Terraform will go out and delete it from AWS and remove it from the state file.

Uncomment the resource block below in the main.tf file to add the proper configuration. Notice that the ami below corresponds to Amazon Linux.

resource "aws_instance" "console" {
  ami           = "ami-0cff7528ff583bf9a"
  instance_type = "t2.micro"
}

Now run terraform import again:

terraform import aws_instance.console <instance_id>

This time the aws_instance resource will be imported successfully. You can now run the following:

terraform plan
terraform apply --auto-approve

You should see that there are no changes to the infrastructure so Terraform won’t apply. Finally, run terraform state list and notice we have two aws_instances in the state file. This shows you that Terraform is now managing both EC2 instances.

Cleanup

Go ahead and clean up the environment with the following command:

terraform destroy --auto-approve

Check the AWS console to verify that the AWS instances are terminated.

Conclusion

In this post, we learned how to correctly import terraform resources. Terraform as of today doesn’t have a mechanism to create the configuration for the resource we want to import. The terraform import command only imports the resource to the state file. If you forget to create the resource, you may risk deleting that resource when running the terraform apply command.

You can learn other Terraform commands and much more in my Terraform 101 course called Terraform 101 – Certified Terraform Associate. This course is designed to help you achieve your Terraform Associate Certification and become HashiCorp certified in Terraform.

If Infrastructure as Code (Iac) is of interest to you, then I recommend you take a look at building a Ubuntu 20.04 image in vSphere. Then another post to use this image to Build a Kubernetes k3s Cluster in vSphere with Terraform and Packer.

References

• Code for this post that contains the Terraform code examples
• Terraform Import Documentation
• EC2 Instance Import Documentation

Suggested Reading

• AWS Lambda – Terraform Example with API Gateway
• HashiCorp Vault PKI Secrets Engine Demo for Certificate Management
• HashiCorp Packer for VMware Ubuntu Templates and Terraform for building VMs