Mixing
how to update terraform state with manual change done on resources
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}
i had provisioned some resources over AWS which includes EC2 instance as well,but then after that we had attached some extra security groups to these instances which now been detected by terraform and it say's it'll rollback it as per the configuration file.
Let's say i had below code which attaches SG to my EC2
vpc_security_group_ids = ["sg-xxxx"]
but now my problem is how can i update the terraform.tfstate file so that it should not detach manually attached security groups :
I can solve it as below:
- i would refresh terraform state file with terraform refresh which will update the state file.
- then i have to update my terraform configuration file manually with security group id's that were attached manually
but that possible for a small kind of setup what if we have a complex scenario, so do we have any other mechanism in terraform which would detect the drift and update it
THanks !!
amazon-web-services terraform
asked Jan 3 at 7:35
Satyashil DeshpandeSatyashil Deshpande
94
add a comment |
i had provisioned some resources over AWS which includes EC2 instance as well,but then after that we had attached some extra security groups to these instances which now been detected by terraform and it say's it'll rollback it as per the configuration file.
Let's say i had below code which attaches SG to my EC2
vpc_security_group_ids = ["sg-xxxx"]
but now my problem is how can i update the terraform.tfstate file so that it should not detach manually attached security groups :
I can solve it as below:
- i would refresh terraform state file with terraform refresh which will update the state file.
- then i have to update my terraform configuration file manually with security group id's that were attached manually
but that possible for a small kind of setup what if we have a complex scenario, so do we have any other mechanism in terraform which would detect the drift and update it
THanks !!
amazon-web-services terraform
asked Jan 3 at 7:35
Satyashil DeshpandeSatyashil Deshpande
94
add a comment |
i had provisioned some resources over AWS which includes EC2 instance as well,but then after that we had attached some extra security groups to these instances which now been detected by terraform and it say's it'll rollback it as per the configuration file.
Let's say i had below code which attaches SG to my EC2
vpc_security_group_ids = ["sg-xxxx"]
but now my problem is how can i update the terraform.tfstate file so that it should not detach manually attached security groups :
I can solve it as below:
- i would refresh terraform state file with terraform refresh which will update the state file.
- then i have to update my terraform configuration file manually with security group id's that were attached manually
but that possible for a small kind of setup what if we have a complex scenario, so do we have any other mechanism in terraform which would detect the drift and update it
THanks !!
amazon-web-services terraform
asked Jan 3 at 7:35
Satyashil DeshpandeSatyashil Deshpande
94
i had provisioned some resources over AWS which includes EC2 instance as well,but then after that we had attached some extra security groups to these instances which now been detected by terraform and it say's it'll rollback it as per the configuration file.
Let's say i had below code which attaches SG to my EC2
vpc_security_group_ids = ["sg-xxxx"]
but now my problem is how can i update the terraform.tfstate file so that it should not detach manually attached security groups :
I can solve it as below:
- i would refresh terraform state file with terraform refresh which will update the state file.
- then i have to update my terraform configuration file manually with security group id's that were attached manually
but that possible for a small kind of setup what if we have a complex scenario, so do we have any other mechanism in terraform which would detect the drift and update it
THanks !!
amazon-web-services terraform
amazon-web-services terraform
asked Jan 3 at 7:35
Satyashil DeshpandeSatyashil Deshpande
94
asked Jan 3 at 7:35
Satyashil DeshpandeSatyashil Deshpande
94
asked Jan 3 at 7:35
Satyashil DeshpandeSatyashil Deshpande
94
asked Jan 3 at 7:35
Satyashil DeshpandeSatyashil Deshpande
94
asked Jan 3 at 7:35
Satyashil DeshpandeSatyashil Deshpande
94
94
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
There is no way Terraform will update your source code when detecting a drift on AWS.
The process you mention is right:
- Report manual changes done in AWS into the Terraform code
- Do a
terraform plan. It will refresh the state and show you if there is still a difference
answered Jan 3 at 8:27
Quentin RevelQuentin Revel
75539
Thanks Quentin ... i hope terraform will do something about it in future
– Satyashil Deshpande
Jan 3 at 9:02
add a comment |
This can be achieved by updating terraform state file manually but it is not best practice to update this file manually.
Also, if you are updating your AWS resources (created by Terraform) manually or outside terraform code then it defeats the whole purpose of Infrastructure as Code.
If you are looking to manage complex infrastructure on AWS using Terraform then it is very good to follow best practices and one of them is all changes should be done via code.
Hope this helps.
answered Jan 3 at 8:52
pradeeppradeep
1,21661835
can please explain manual update? i mean even if i fo change state file manually terraform will still detect the drift until i make changes to my configuration file
– Satyashil Deshpande
Jan 3 at 9:05
Yes, you need to update the code as well as state file. Code issource of truthwhen working withInfrastructure as Code
– pradeep
Jan 3 at 9:07
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54018128%2fhow-to-update-terraform-state-with-manual-change-done-on-resources%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
There is no way Terraform will update your source code when detecting a drift on AWS.
The process you mention is right:
- Report manual changes done in AWS into the Terraform code
- Do a
terraform plan. It will refresh the state and show you if there is still a difference
answered Jan 3 at 8:27
Quentin RevelQuentin Revel
75539
Thanks Quentin ... i hope terraform will do something about it in future
– Satyashil Deshpande
Jan 3 at 9:02
add a comment |
There is no way Terraform will update your source code when detecting a drift on AWS.
The process you mention is right:
- Report manual changes done in AWS into the Terraform code
- Do a
terraform plan. It will refresh the state and show you if there is still a difference
answered Jan 3 at 8:27
Quentin RevelQuentin Revel
75539
Thanks Quentin ... i hope terraform will do something about it in future
– Satyashil Deshpande
Jan 3 at 9:02
add a comment |
There is no way Terraform will update your source code when detecting a drift on AWS.
The process you mention is right:
- Report manual changes done in AWS into the Terraform code
- Do a
terraform plan. It will refresh the state and show you if there is still a difference
answered Jan 3 at 8:27
Quentin RevelQuentin Revel
75539
There is no way Terraform will update your source code when detecting a drift on AWS.
The process you mention is right:
- Report manual changes done in AWS into the Terraform code
- Do a
terraform plan. It will refresh the state and show you if there is still a difference
answered Jan 3 at 8:27
Quentin RevelQuentin Revel
75539
answered Jan 3 at 8:27
Quentin RevelQuentin Revel
75539
answered Jan 3 at 8:27
Quentin RevelQuentin Revel
75539
answered Jan 3 at 8:27
Quentin RevelQuentin Revel
75539
75539
Thanks Quentin ... i hope terraform will do something about it in future
– Satyashil Deshpande
Jan 3 at 9:02
add a comment |
Thanks Quentin ... i hope terraform will do something about it in future
– Satyashil Deshpande
Jan 3 at 9:02
Thanks Quentin ... i hope terraform will do something about it in future
– Satyashil Deshpande
Jan 3 at 9:02
Thanks Quentin ... i hope terraform will do something about it in future
– Satyashil Deshpande
Jan 3 at 9:02
add a comment |
This can be achieved by updating terraform state file manually but it is not best practice to update this file manually.
Also, if you are updating your AWS resources (created by Terraform) manually or outside terraform code then it defeats the whole purpose of Infrastructure as Code.
If you are looking to manage complex infrastructure on AWS using Terraform then it is very good to follow best practices and one of them is all changes should be done via code.
Hope this helps.
answered Jan 3 at 8:52
pradeeppradeep
1,21661835
can please explain manual update? i mean even if i fo change state file manually terraform will still detect the drift until i make changes to my configuration file
– Satyashil Deshpande
Jan 3 at 9:05
Yes, you need to update the code as well as state file. Code issource of truthwhen working withInfrastructure as Code
– pradeep
Jan 3 at 9:07
add a comment |
This can be achieved by updating terraform state file manually but it is not best practice to update this file manually.
Also, if you are updating your AWS resources (created by Terraform) manually or outside terraform code then it defeats the whole purpose of Infrastructure as Code.
If you are looking to manage complex infrastructure on AWS using Terraform then it is very good to follow best practices and one of them is all changes should be done via code.
Hope this helps.
answered Jan 3 at 8:52
pradeeppradeep
1,21661835
can please explain manual update? i mean even if i fo change state file manually terraform will still detect the drift until i make changes to my configuration file
– Satyashil Deshpande
Jan 3 at 9:05
Yes, you need to update the code as well as state file. Code issource of truthwhen working withInfrastructure as Code
– pradeep
Jan 3 at 9:07
add a comment |
This can be achieved by updating terraform state file manually but it is not best practice to update this file manually.
Also, if you are updating your AWS resources (created by Terraform) manually or outside terraform code then it defeats the whole purpose of Infrastructure as Code.
If you are looking to manage complex infrastructure on AWS using Terraform then it is very good to follow best practices and one of them is all changes should be done via code.
Hope this helps.
answered Jan 3 at 8:52
pradeeppradeep
1,21661835
This can be achieved by updating terraform state file manually but it is not best practice to update this file manually.
Also, if you are updating your AWS resources (created by Terraform) manually or outside terraform code then it defeats the whole purpose of Infrastructure as Code.
If you are looking to manage complex infrastructure on AWS using Terraform then it is very good to follow best practices and one of them is all changes should be done via code.
Hope this helps.
answered Jan 3 at 8:52
pradeeppradeep
1,21661835
answered Jan 3 at 8:52
pradeeppradeep
1,21661835
answered Jan 3 at 8:52
pradeeppradeep
1,21661835
answered Jan 3 at 8:52
pradeeppradeep
1,21661835
1,21661835
can please explain manual update? i mean even if i fo change state file manually terraform will still detect the drift until i make changes to my configuration file
– Satyashil Deshpande
Jan 3 at 9:05
Yes, you need to update the code as well as state file. Code issource of truthwhen working withInfrastructure as Code
– pradeep
Jan 3 at 9:07
add a comment |
can please explain manual update? i mean even if i fo change state file manually terraform will still detect the drift until i make changes to my configuration file
– Satyashil Deshpande
Jan 3 at 9:05
Yes, you need to update the code as well as state file. Code issource of truthwhen working withInfrastructure as Code
– pradeep
Jan 3 at 9:07
can please explain manual update? i mean even if i fo change state file manually terraform will still detect the drift until i make changes to my configuration file
– Satyashil Deshpande
Jan 3 at 9:05
can please explain manual update? i mean even if i fo change state file manually terraform will still detect the drift until i make changes to my configuration file
– Satyashil Deshpande
Jan 3 at 9:05
Yes, you need to update the code as well as state file. Code is
source of truth when working with Infrastructure as Code– pradeep
Jan 3 at 9:07
Yes, you need to update the code as well as state file. Code is
source of truth when working with Infrastructure as Code– pradeep
Jan 3 at 9:07
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54018128%2fhow-to-update-terraform-state-with-manual-change-done-on-resources%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
