top of page
Writer's pictureBrett Borschel

Import existing Azure resources into Terraform with Aztfy


Import existing Azure resources into Terraform with Aztfy

You try and try to keep your infrastructure code clean but there was an emergency and another team went and created a whole application environment without going through standard process. Now your IaC is out of sorts with what is actually built... There's an app for that!


Microsoft has developed a new tool "Aztfy" (currently in preview) that will dig through preexisting resource groups, creating the necessary Terraform HCL, and import to Terraform state.



How does it work?


I downloaded the file from Github at: https://github.com/Azure/aztfy


Copied the file into my terraform root directory and ran it by typing "./aztfy -o <output directory> <azure resource group name>".


After a minute of scanning and initializing, aztfy comes back with a list of resources that it has found and gives you the option to import or ignore them. It also gives you the option to modify the resource name before importing.


Press "w" to start the import and wait while the magic happens.


How good does it work?


At the end of this process, I went to see what was in my output directory and to my surprise I found a mostly complete Terraform file structure.

Terraform State

The sandbox resource group I used for this test drive was full of a number of random resources. A rogues gallery of Azure cloud resources and features if you will.


This also makes it kind of perfect for this test. I can see this tool being used precisely when you do not know what or why resources exist in a resource group!


The Good:
  • Aztfy was able to build some complex inter-related resources with "depends on" statements. Things like NSGs that require the subnet to be built before it can be applied.

  • Out of the 20 or so resources in this RG, the tool was able to convert about 90% of them to HCL. This will absolutely 100% save time doing imports.

The Bad:
  • The tool does not make use of modules, which could be an issue when trying to add to or scale out the resources later.

  • Some relatively simple resources did not get imported. In my test run, a simple VM did not make the cut.

  • After importing, trying to 'init and plan' the configuration produced errors.

My takeaway from this is that this tool is useful but limited in its scope. It cannot be relied upon to blindly reproduce complete infrastructures as code. There is still manual work required and experienced eyes are needed to make sure that the resources are imported in a way that can reproduce the resource group as it was built.


That being said, I think it's an exciting idea and could potentially save some time when trying to import pre-existing resources into Terraform HCL.


More Reading:





2,283 views0 comments

Comments


Commenting has been turned off.
Post: Blog2_Post
bottom of page