Nice, clear, direct and with a demo :D Thanks man !

Great video very informative and straight to the point. Always enjoy all your videos!

great job as always, love your channel

Such a gem! Great content, thank you. 🙏

This was a great help to me. Thanks!

It's not fair this guide has too few likes. It's definitely deserves much more likes!

That was super useful thankx !

Good explanation! thank you!!

Love your videos Ned, they have helped me immensely over the years. I don't know if you can fix the audio/video mismatch though, appears that the video lags behind the audio by about a second?

@NedintheCloud

Жыл бұрын

It's super weird. It looks fine when I'm editing, but the upload to KZread seems to be breaking something. I'll work on fixing any future videos.

Nice, can you do a video of a timeline of updates on each terraform version? Because most of us are still stuck on v1.2 😂

@NedintheCloud

Жыл бұрын

Interesting idea, I'll add it to the list. Do you just want a feature comparison from Terraform 1.0 till 1.5?

Thank you, Ned. Great presentation on "Testing Vault ACL policies with Python" in HashiConf 2023. Could you please github repo link for the code used in this example? Thank you.

@NedintheCloud

8 ай бұрын

Thanks! Here's the repo: github.com/ned1313/vault-policy-testing/

have you tested this feature to fix issues related to state file being out of sync? Like, for instance, deploying a new DB via terraform and later on pushing manual changes via the console (causing the sync problem). Will import blocks fetch all these new changes so you can grab these and update your original main terraform file?

@NedintheCloud

Жыл бұрын

If the resource already exists in your configuration, then import blocks won't really help. You either need to overwrite the changes with the current resource configuration or update the configuration to match the actual DB.

Hi I'm trying to use the new terraform import block but i get an error saying that import blocks are not expected. I'm running v1.7.2 on WSL

@sakshamawasthi6514

3 ай бұрын

Hi , the import block feature was introduced in Terraform v1.3.0, but there's a specific syntax and setup you need to follow to use it correctly. Since you're using Terraform v1.7.2, which supports import blocks, make sure you're placing the import block correctly within your configuration. resource "aws_instance" "test" { import { id = "i-8737839489" } }

Can the import block be used on an existing infrastructure that doesn’t have main and state files generated? I know using the TF export command it generates everything and expects the working directory to be empty.

@NedintheCloud

9 ай бұрын

The import block can be used with an existing configuration or a new empty one. Either is fine. It doesn't create a new instance of state, it uses the existing state backend.

@lakerfan4life308

9 ай бұрын

Thanks for replying and providing the info. I have some resources that will require import blocks. Used azexport which worked better than Terraformer but clean-up is required. @@NedintheCloud

where was this years ago ;) lol

Getting the following error: The parsed Resource ID was missing a value for the segment at position 2 (which should be the literal value "resourceGroups") on a kubernetes_cluster import block. Is there a fix for this? I get it after running a TF plan. Using the new "import block" method.

@NedintheCloud

8 ай бұрын

Most likely the generated configuration copied over too many values or an incompatible value from the actual resource. Try removing literal values that aren't needed for the resource configuration block.

@lakerfan4life308

8 ай бұрын

@@NedintheCloud thanks. I had to downgrade the tf provider version to 3.x to get it to work. The later versions would error out on the resource subscription tag.

Do you prefer aztfexport or Import Blocks ? :D

@NedintheCloud

Жыл бұрын

Why choose?! As I understand it, the aztfexport team is going to integrate import blocks into their tool soon.

@h2hern952

6 ай бұрын

@@NedintheCloud Sooo, does it means Aztexport is the way to go? :D

terraformer killer

@NedintheCloud

10 ай бұрын

Could be?! There's some more cool improvements coming down the pike that I can't talk about yet.

id does not support variables :(

@NedintheCloud

3 ай бұрын

The `to` argument doesn't, but starting in Terraform 1.6, the `id` field supports any expression that evaluates to a string. You can also use `for_each` with import blocks starting in Terraform 1.7.

@ventin75

3 ай бұрын

@@NedintheCloud Thanks for this update. Currently on v1.5.7, will check out v1.7.

Hi Ned, I am using the public registry EC2 module -> terraform-aws-modules/ec2-instance/aws to test out the import functionality of Terraform 1.5.x. I created an EC2 instance using the module for the testing. When I tried importing the EC2 instance using the same EC2 module (I deleted the terraform.tfstate to simulate), Terraform plan was showing 2 update in-place changes. I can't figure out where the change is coming from. I am expecting no changes as I have used the same EC2 module and main.tf config - no changes in parameters. I only deleted the terraform.tfstate to simulate the import. Did you encounter this previously? thanks. ---------------------- Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # module.ec2_private["0"].aws_instance.this[0] will be updated in-place # (imported from "i-0d9fc1c2d85639717") ~ resource "aws_instance" "this" { ami = "ami-0ee3dd41c47751fe6" arn = "arn:aws:ec2:us-east-1:163240833505:instance/i-0d9fc1c2d85639717" associate_public_ip_address = false availability_zone = "us-east-1a" cpu_core_count = 1 cpu_threads_per_core = 1 disable_api_stop = false disable_api_termination = false ebs_optimized = false get_password_data = false hibernation = false id = "i-0d9fc1c2d85639717" instance_initiated_shutdown_behavior = "stop" instance_state = "running" instance_type = "t2.micro" ipv6_address_count = 0 ipv6_addresses = [] key_name = "terraform-key-rc_is-lab_account" monitoring = false placement_partition_number = 0 primary_network_interface_id = "eni-0a025e9b1e5b4b948" private_dns = "ip-10-0-1-102.ec2.internal" private_ip = "10.0.1.102" secondary_private_ips = [] security_groups = [] source_dest_check = true subnet_id = "subnet-0ee9f8fc6fc759978" tags = { "Department" = "it" "Name" = "sandbox-vm-0" "Team" = "it-devops" "Terraform" = "true" "environment" = "sandbox" "owners" = "it" } tags_all = { "Department" = "it" "Name" = "sandbox-vm-0" "Team" = "it-devops" "Terraform" = "true" "environment" = "sandbox" "owners" = "it" } tenancy = "default" + user_data_replace_on_change = false + volume_tags = { + "Name" = "sandbox-vm-0" } vpc_security_group_ids = [ "sg-0b0776d70bd8c80c9", ] capacity_reservation_specification { capacity_reservation_preference = "open" } cpu_options { core_count = 1 threads_per_core = 1 } credit_specification { cpu_credits = "standard" } enclave_options { enabled = false } maintenance_options { auto_recovery = "default" } metadata_options { http_endpoint = "enabled" http_put_response_hop_limit = 1 http_tokens = "optional" instance_metadata_tags = "disabled" } private_dns_name_options { enable_resource_name_dns_a_record = false enable_resource_name_dns_aaaa_record = false hostname_type = "ip-name" } root_block_device { delete_on_termination = true device_name = "/dev/xvda" encrypted = false iops = 100 tags = { "Name" = "sandbox-vm-0" } throughput = 0 volume_id = "vol-0771f67580c18a268" volume_size = 8 volume_type = "gp2" } + timeouts {} } # module.private_sg.aws_security_group.this_name_prefix[0] will be updated in-place # (imported from "sg-0b0776d70bd8c80c9") ~ resource "aws_security_group" "this_name_prefix" { arn = "arn:aws:ec2:us-east-1:163240833505:security-group/sg-0b0776d70bd8c80c9" description = "Security group with HTTP & SSH port open for everybody (IPv4 CIDR), egress ports are all world open" egress = [ { cidr_blocks = [ "0.0.0.0/0", ] description = "All protocols" from_port = 0 ipv6_cidr_blocks = [] prefix_list_ids = [] protocol = "-1" security_groups = [] self = false to_port = 0 }, ] id = "sg-0b0776d70bd8c80c9" ingress = [ { cidr_blocks = [ "10.0.0.0/16", ] description = "HTTP" from_port = 80 ipv6_cidr_blocks = [] prefix_list_ids = [] protocol = "tcp" security_groups = [] self = false to_port = 80 }, { cidr_blocks = [ "10.0.0.0/16", ] description = "SSH" from_port = 22 ipv6_cidr_blocks = [] prefix_list_ids = [] protocol = "tcp" security_groups = [] self = false to_port = 22 }, ] name = "private-sg-20230716055903460900000001" name_prefix = "private-sg-" owner_id = "163240833505" + revoke_rules_on_delete = false tags = { "Department" = "it" "Name" = "private-sg" "Team" = "it-devops" "Terraform" = "true" "environment" = "sandbox" "owners" = "it" } tags_all = { "Department" = "it" "Name" = "private-sg" "Team" = "it-devops" "Terraform" = "true" "environment" = "sandbox" "owners" = "it" } vpc_id = "vpc-0c2e6db281af6595b" + timeouts { + create = "10m" + delete = "15m" } } Plan: 5 to import, 0 to add, 2 to change, 0 to destroy. Changes to Outputs: + ec2_private_instance_ids = [ + "i-xxxxxxxxxxxxxxxxxxxxxxxxxxxx", ] + ec2_private_ip = [ + "x.x.x.x", ] + private_sg_group_id = "sg-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + private_sg_group_name = "private-sg-xxxxxxxxxxxxxxx" + private_sg_group_vpc_id = "vpc-xxxxxxxxxxxxxx"

@NedintheCloud

11 ай бұрын

It could be properties that are being added by the AWS API. The '+' sign will tell you which properties are being set/updated. I'm guessing it's something weird about those attributes, the aws provider, and the actually API.