Azure Question posted in
The official documentation to get you started can be found here.

Can I manage my already created resources in Azure by Terraform

Can I manage my already created resources in Azure by Terraform, can I use terraform for using it as a tool to restore my backup files ( those RSV are already created)
One of my main requirement is to restore when DR happens and restore resources using their backup through terraform so that it will be automated

Just to have an overall understanding on how I can implement Terraform for future provisioning of resources in Azure and which are already provisioned

Tags:

2

Answers


  1. 0

    Manage my already created resources in Azure by Terraform

    Here to achieve the requirement we can use two ways

    Importing the resource:

    As Rui Jarimba suggested Managing existing resources with Terraform requires importing them into Terraform’s state first. This is done by using the terraform import command, accompanied by the resource’s address and its ID in Azure. You must also write a Terraform configuration that corresponds to the existing resources. Each resource has to be imported individually with the terraform import command.

    Future Provisioning

    For new resources, you can write Terraform configurations as usual and apply them with terraform apply. This approach allows you to define the desired state of your infrastructure and let Terraform handle the provisioning and configuration

    Terraform configuration:

    provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "rg" {
  name     = "vksbbtest-rg"
  location = "east us"
}

resource "azurerm_virtual_network" "vnet" {
  name                = "vksVNet"
  address_space       = ["10.0.0.0/16"]
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
}

resource "azurerm_subnet" "subnet" {
  name                 = "vksSubnet"
  resource_group_name  = azurerm_resource_group.rg.name
  virtual_network_name = azurerm_virtual_network.vnet.name
  address_prefixes     = ["10.0.1.0/24"]
}

resource "azurerm_network_interface" "nic" {
  name                = "vkNIC"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name

  ip_configuration {
    name                          = "internal"
    subnet_id                     = azurerm_subnet.subnet.id
    private_ip_address_allocation = "Dynamic"
  }
}

resource "azurerm_linux_virtual_machine" "vm" {
  name                = "testvkvm"
  resource_group_name = azurerm_resource_group.rg.name
  location            = azurerm_resource_group.rg.location
  size                = "Standard_DS1_v2"
  admin_username      = "adminvk"
  admin_password      = "INtel@19091994"
  disable_password_authentication = "false"
  network_interface_ids = [
    azurerm_network_interface.nic.id,
  ]

  os_disk {
    caching              = "ReadWrite"
    storage_account_type = "Premium_LRS"
  }

  source_image_reference {
    publisher = "Canonical"
    offer     = "UbuntuServer"
    sku       = "18.04-LTS"
    version   = "latest"
  }
}

resource "azurerm_recovery_services_vault" "rsv" {
  name                = "vksRecoveryServicesVault"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  sku                 = "Standard"
}

resource "azurerm_backup_policy_vm" "policy" {
  name                = "vmBackupPolicy"
  resource_group_name = azurerm_resource_group.rg.name
  recovery_vault_name = azurerm_recovery_services_vault.rsv.name

  backup {
    frequency = "Daily"
    time      = "23:00"
  }

  retention_daily {
    count = 30
  }
}

resource "azurerm_backup_protected_vm" "backupVm" {
  resource_group_name = azurerm_resource_group.rg.name
  recovery_vault_name = azurerm_recovery_services_vault.rsv.name
  source_vm_id        = azurerm_linux_virtual_machine.vm.id
  backup_policy_id    = azurerm_backup_policy_vm.policy.id
}

resource "azurerm_storage_account" "storage_account" {
  name                     = "vkstoraccvksbll"
  resource_group_name      = azurerm_resource_group.rg.name
  location                 = azurerm_resource_group.rg.location
  account_tier             = "Standard"
  account_replication_type = "LRS"
}

    Deployment succeeded:

    enter image description here

    Login or Signup to reply.
  2. 0

    Can I manage my already created resources in Azure by Terraform

    Yes. There are two methods. The first method would be to use the terraform import statement. The second method is to use the terraform block

    import {
  to = resource.name
  id = "id.12345"
}

    In either scenario you must have knowledge of the resource id from the resource provider prior to the import.

    Using import in code is usually preferred with a PR based CI/CD or Gitops style deployments. For example you are backfilling some resources managed by hand. You can evaluate a string for the id but it must be known at import plan time. So you can pass in a variable, I have not tried using a data source, but that seems feasible if the data source is available during planning.

    Using the terraform import via CLI is beneficial for by hand scripting or in a scenario (like yours) where you might need to fetch the id and simply want to use your existing code with a different set of resources in a DR scenario. (Presumably you want to fail back)

    One thing to consider in a DR secario is make sure you are use a different key for your terraform state.

    can I use terraform for using it as a tool to restore my backup files ( those RSV are already created)

    In theory you could pass the API calls via https://learn.microsoft.com/en-us/azure/developer/terraform/overview-azapi-provider, but I would not recommend it. This isn’t what terraform is designed to do. You really should have a runbook script for this day two type operations.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search