I've been reflecting on a project during my consulting career where we had to convert an existing system to Infrastructure as Code (IaC) using Terraform, which was quite the task. Our approach involved listing out existing services via AWS CLI or the web console, creating empty Terraform resources, and then importing the actual resources one by one using 'terraform import'. It ended up being a tedious process that took a lot of time. I'm curious to know: how do you tackle similar tasks? Have you tried using tools like Terraformer that are supposed to speed things up? I've heard mixed reviews about it.
5 Answers
When I backport resources to Terraform, I usually attach a few tags like 'Created by: Terraform' and 'GeneratedBy: path/to/file.tf' for traceability. This way, you can quickly see where everything came from in the AWS console. But regardless of using Terraformer or any custom scripts, you will likely need to refactor the output to maintain a proper configuration.
I tried Terraformer recently but found out it has a hard dependency on Terraform and doesn't work with OpenTofu. I ended up switching to Terracognita instead!
I think you should consider combining import blocks with some generated configuration. Use commands like 'terraform plan -generate-config-out' to create your resource blocks based on imports. It’s not flawless, but it gives you a starting point that's less tedious.
Tools like Terraformer can definitely help grab your infrastructure configurations quickly, but they tend to create standalone resource files. This means you still have to do a heavy lifting refactoring afterwards to organize everything into modules and loops. I've always found that migrating existing infrastructures to IaC is a bit messy, and while newer features like import blocks can ease the process, I think manual intervention is often still necessary.
I personally prefer to import stuff manually. It’s time-consuming, but doing so helps me understand how each part of the infrastructure is set up.
That's a great idea with the tagging! I’m managing various environments, and keeping track of resources can get tough. I might start using that system to make things less chaotic.