import existing infrastructure into module-based configuration

[Florin Andrei]

I've a VPC with 3 public and 3 private subnets, 3 NAT gateways, and associated route tables. The VPC is already hosting RDS instances so I can't destroy/recreate from scratch.

I've built configuration following the best practices template on GitHub, based on modules. With this configuration I can duplicate the existing VPC in a different region, until it looks identical except the name tags.

Now I want to get back to the first VPC and import it. In the Terraform templates, I've created an environment that matches the existing VPC. I'm not entirely sure about the import syntax, so I tried this:

terraform import module.network.vpc.aws_vpc.vpc vpc-XXXXXXX

(because that's how the VPC replica is listed when I do test runs)

But it fails with:

Error importing: failed to parse resource address 'module.network.vpc.aws_vpc.vpc': Unexpected value for InstanceType field: "vpc"

Ok, then I try this:

terraform import aws_vpc.vpc vpc-XXXXXXX

This works, but the imported VPC is always marked for deletion.

It's matching the Name tag, the CIDR block, the DNS options. But it's still marked for deletion. The plan output provides no clue, it's simply marked for deletion and a new VPC would be created instead.

How should I approach this issue? What do I need to match to make sure the VPC is not deleted?

P.S.: This is how the resources for the test environment are listed when I destroy them (to give you a sense of the structure of the modules here):

- module.network.private_subnet.aws_route_table.private.0

- module.network.private_subnet.aws_route_table.private.1

- module.network.private_subnet.aws_route_table.private.2

- module.network.private_subnet.aws_route_table_association.private.0

- module.network.private_subnet.aws_route_table_association.private.1

- module.network.private_subnet.aws_route_table_association.private.2

- module.network.private_subnet.aws_subnet.private.0

- module.network.private_subnet.aws_subnet.private.1

- module.network.private_subnet.aws_subnet.private.2

- module.network.public_subnet.aws_internet_gateway.public

- module.network.public_subnet.aws_route_table.public

- module.network.public_subnet.aws_route_table_association.public.0

- module.network.public_subnet.aws_route_table_association.public.1

- module.network.public_subnet.aws_route_table_association.public.2

- module.network.public_subnet.aws_subnet.public.0

- module.network.public_subnet.aws_subnet.public.1

- module.network.public_subnet.aws_subnet.public.2

- module.network.vpc.aws_vpc.vpc

- module.network.aws_network_acl.acl

- module.network.nat.aws_eip.nat.0

- module.network.nat.aws_eip.nat.1

- module.network.nat.aws_eip.nat.2

- module.network.nat.aws_nat_gateway.nat.0

- module.network.nat.aws_nat_gateway.nat.1

- module.network.nat.aws_nat_gateway.nat.2

[MCraig]

Have you found a resolution to this? I'd like to know the pattern for importing resources when using a Module design.

[Thomas Manippadam]

Remove "vpc" folder name from the import command. You don't have to specify the module folder name in the import command. Try the below command.

terraform import module.network.aws_vpc.vpc vpc-XXXXXXX

[laxman Singh Rathore]

Hi, 

Execute terraform state list command to get the stat resources identifier. Follow same pattern as outputed by command.

Than use syntax  terraform import  <resources id> identifier 

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/hashicorp/terraform/issues
IRC: #terraform-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Terraform" group.
To unsubscribe from this group and stop receiving emails from it, send an email to terraform-too...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/terraform-tool/492efa34-a69f-4d60-ad79-89bc9f77bbdb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.