import aws_security_group is importing aws_security_group_rules also

367 views
Skip to first unread message

John Parfitt

unread,
Sep 27, 2016, 3:17:00 PM9/27/16
to Terraform
is there anyway i can stop this behavior? my sg rules are defined within the aws_security_group themselves, not individually. i do not want my tfstate to have aws_security_group_rules as well. it is redundant. i currently have about 20 sgs that i need to import, to rectify my tfstate with my actual infrastructure. i'm currently running the import and then going into tfstate and manually removing all aws_security_group_rule sections.

Andrew Langhorn

unread,
Sep 28, 2016, 6:54:16 PM9/28/16
to terrafo...@googlegroups.com
Terraform treats an import of the aws_security_group resource as a complex import, because it has dependencies on other resources - in this case, aws_security_group_rule. Where no dependencies were found, it would be a simple import.

Hacking the statefile manually isn't the best thing to do; if you're using a modern version of Terraform, then you can make use of `terraform state rm` as documented at https://www.terraform.io/docs/commands/state/rm.html to remove individual resources from the state file in a safer way.

Whilst hacking the statefile manually may work, it's a little less safe than doing it through Terraform.

David Adams

unread,
Sep 28, 2016, 6:59:33 PM9/28/16
to terrafo...@googlegroups.com
Yeah if you have terraform import then you have `terraform state list` and `terraform state rm`. not sure if terraform will repopulate the rules within the security group resource, but seems like a terraform apply would fix that. But don't touch the tfstate file if you don't have to.

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/hashicorp/terraform/issues
IRC: #terraform-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Terraform" group.
To unsubscribe from this group and stop receiving emails from it, send an email to terraform-tool+unsubscribe@googlegroups.com.
 To view this discussion on the web visit https://groups.google.com/d/msgid/terraform-tool/CAEpa1DJDkTxVX289-inUaRERr3ocV8%2BoVe8AGNy__mBqN2QWJw%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

Reply all
Reply to author
Forward
Message has been deleted
0 new messages