The Terraformer might be handy for your IAC toolbelt
Terraform now is pretty much one of the most widely used tools if not industry standard for Cloud configuration. No matter if it is AWS, GCP, or Azure. Unfortunately its resource import feature is tedious to use. If you want to move the existing cloud setup to terraform, there is a better way to do it.
I have worked with a few companies which migrated to the cloud and alongside adopting the Infrastructure As Code approach. What I noticed is that a lot of engineers working with Terraform don’t know about one great open-source tool which tremendously saves time. The tool is called Terraformer. It provides a way to import existing cloud-config to Terraform including the corresponding tfstate.
To use it the existing setup just needs to be present on the cloud. It doesn’t matter if it was previously created manually in the UI, or via API calls, AWS Cloudfomation, gcloud CLI, or other ways.
Of course, there is a minor caveat with this solution. It is still beta, not everything is supported in Terraformer, but this mostly applies more to exotic parts of Cloud offering like security tools (AWS Inspector for example, or Google Cloud IDS), than the basic components which are used almost everywhere like IAM (or AD in Azure), EC2 instances, AKS/EKS/GKE and etc.
Friend asked me for example usage, so I’m including it here.
# Import all Cloudwatch and IAM resource from selected aws profile terraformer import aws -r cloudwatch,iam --profile=your_aws_profile_name # List supported resources in google cloud, make sure you have your gcloud context set terraformer import google list # Make a plan for importing all of Grafana resources. terraformer plan grafana -r=*