Terraform
Generating configuration
Experimental: Configuration generation is available in Terraform v1.5 as an experimental feature. Later minor versions may contain changes to the formatting of generated configuration and behavior of the terraform plan command using the -generate-config-out flag.
Terraform can generate code for the resources you define in import blocks that do not already exist in your configuration. Terraform produces HCL to act as a template that contains Terraform's best guess at the appropriate value for each resource argument.
Starting with Terraform's generated HCL, we recommend iterating to find your ideal configuration by removing some attributes, adjusting the value of others, and rearranging resource blocks into files and modules as appropriate.
To generate configuration, run terraform plan with the -generate-config-out flag and supply a new file path. Do not supply a path to an existing file, or Terraform throws an error.
$ terraform plan -generate-config-out=generated_resources.tf
If any resources targeted by an import block do not exist in your configuration, Terraform then generates and writes configuration for those resources in generated_resources.tf.
Workflow
The workflow for generating configuration is similar to the import block workflow, with the extra step of generating configuration during the planning stage. You can then review and modify the generated configuration before applying.
1. Add the import block
Add an import block to your configuration. This import block can be in a separate file (e.g., import.tf) or an existing configuration file.
import {
to = aws_iot_thing.bar
id = "foo"
}
The import block's to argument points to the address a resource will have in your state file. If a resource address in your state matches an import block's to argument, Terraform attempts to import into that resource. In future planning, Terraform knows it doesn't need to generate configuration for resources that already exist in your state.
The import block's id argument uses that resource's import ID.
If your configuration does not contain other resources for your selected provider, you must add a provider block to inform Terraform which provider it should use to generate configuration. Otherwise, Terraform displays an error if it can not determine which provider to use.
If you add a new provider block to your configuration, you must run terraform init again.
2. Plan and generate configuration
To instruct Terraform to generate configuration for the import blocks you defined, run terraform plan with the -generate-config-out= flag and a new file path. Terraform displays its plan for importing your resource and the file where Terraform generated configuration based on this plan.
$ terraform plan -generate-config-out=generated.tf
aws_iot_thing.bar: Preparing import... [id=foo]
aws_iot_thing.bar: Refreshing state... [id=foo]
Terraform will perform the following actions:
# aws_iot_thing.bar will be imported
# (config will be generated)
resource "aws_iot_thing" "bar" {
arn = "arn:aws:iot:eu-west-1:1234567890:thing/foo"
attributes = {}
default_client_id = "foo"
id = "foo"
name = "foo"
version = 1
}
Plan: 1 to import, 0 to add, 0 to change, 0 to destroy.
╷
│ Warning: Config generation is experimental
│
│ Generating configuration during import is currently experimental, and the generated configuration format may change in future versions.
╵
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Terraform has generated configuration and written it to generated.tf. Please review the configuration and edit it as necessary before adding it to version control.
3. Review generated configuration
The example above instructs Terraform to generate configuration in a file named generated.tf. The below code is an example of a generated.tf file.
resource "aws_iot_thing" "bar" {
name = "foo"
}
Review the generated configuration and update it as needed. You may wish to move the generated configuration to another file, add or remove resource arguments, or update it to reference input variables or other resources in your configuration.
4. Apply
Run terraform apply to import your infrastructure.
$ terraform apply
aws_iot_thing.bar: Preparing import... [id=foo]
aws_iot_thing.bar: Refreshing state... [id=foo]
Terraform will perform the following actions:
# aws_iot_thing.bar will be imported
resource "aws_iot_thing" "bar" {
arn = "arn:aws:iot:eu-west-1:1234567890:thing/foo"
attributes = {}
default_client_id = "foo"
id = "foo"
name = "foo"
version = 1
}
Plan: 1 to import, 0 to add, 0 to change, 0 to destroy.
aws_iot_thing.bar: Importing... [id=foo]
aws_iot_thing.bar: Import complete [id=foo]
Apply complete! Resources: 1 imported, 0 added, 0 changed, 0 destroyed.
Commit your new resource configuration to your version control system.
Limitations
Conflicting resource arguments
Terraform generates configuration for importable resources during a plan by requesting values for resource attributes from the provider. For certain resources with complex schemas, Terraform may not be able to construct a valid configuration from these values.
Terraform will display an error like the one below if it does not receive values for resource attributes while generating configuration.
$ terraform plan -generate-config-out=generated.tf
╷
│ Error: Conflicting configuration arguments
│
│ with aws_instance.ubuntu,
│ on g.tf line 20, in resource "aws_instance" "ubuntu":
│ 20: ipv6_address_count = 0
│
│ "ipv6_address_count": conflicts with ipv6_addresses
╵
In the example above, Terraform still generates configuration and writes it to generated.tf. This error stems from a conflict between the ipv6_address_count and ipv6_addresses arguments. The resource supports both of these arguments, but you must choose only one when configuring the resource. You could fix the error by removing one of these two arguments, then running terraform plan again to check that there are no further issues.