jprdonnelly/opentf
1
0
Fork 0
mirror of https://github.com/opentffoundation/opentf.git synced 2025-12-21 10:47:34 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
enabled-nested-variable
opentf/website/docs/language/import/generating-configuration.mdx
Andrei Ciobanu 57057aef27 Add docs for all ephemeral constructs (#3209) 
Signed-off-by: Andrei Ciobanu <andrei.ciobanu@opentofu.org>
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
Co-authored-by: Christian Mesh <christianmesh1@gmail.com>
Co-authored-by: Diógenes Fernandes <diofeher@opentofu.org>
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
2025-09-10 07:45:23 -04:00

161 lines
7.3 KiB
Plaintext
Raw Permalink Blame History

---
description: >-
Generate configuration and manage existing resources with OpenTofu using configuration-driven import.
---
# Generating configuration
:::warning Experimental
Configuration generation is available in OpenTofu v1.6 as an experimental feature. Later minor versions may contain changes to the formatting of generated configuration and behavior of the `tofu plan` command using the `-generate-config-out` flag.
:::
OpenTofu can generate code for the resources you define in [`import` blocks](../../language/import/index.mdx) that do not already exist in your configuration. OpenTofu produces HCL to act as a template that contains OpenTofu's best guess at the appropriate value for each resource argument.
Starting with OpenTofu's generated HCL, we recommend iterating to find your ideal configuration by removing some attributes, adjusting the value of others, and rearranging `resource` blocks into files and modules as appropriate.
To generate configuration, run `tofu plan` with the `-generate-config-out` flag and supply a new file path. Do not supply a path to an existing file, or OpenTofu throws an error.
```shell
$ tofu plan -generate-config-out=generated_resources.tf
```
If any resources targeted by an `import` block do not exist in your configuration, OpenTofu then generates and writes configuration for those resources in `generated_resources.tf`.
## Workflow
The workflow for generating configuration is similar to the [`import` block workflow](../../language/import/index.mdx#plan-and-apply-an-import), with the extra step of generating configuration during the planning stage. You can then review and modify the generated configuration before applying.
### 1. Add the `import` block
Add an `import` block to your configuration. This `import` block can be in a separate file (e.g., `import.tf`) or an existing configuration file.
```hcl
import {
to = aws_iot_thing.bar
id = "foo"
}
```
The import block's `to` argument points to the address a `resource` will have in your state file. If a resource address in your state matches an `import` block's `to` argument, OpenTofu attempts to import into that resource. In future planning, OpenTofu knows it doesn't need to generate configuration for resources that already exist in your state.
The import block's `id` argument uses that resource's [import ID](../../language/import/index.mdx#import-id).
If your configuration does not contain other resources for your selected provider, you must add a `provider` block to inform OpenTofu which provider it should use to generate configuration. Otherwise, OpenTofu displays an error if it can not determine which provider to use.
If you add a new `provider` block to your configuration, you must run `tofu init` again.
### 2. Plan and generate configuration
To instruct OpenTofu to generate configuration for the `import` blocks you defined, run `tofu plan` with the `-generate-config-out=` flag and a new file path. OpenTofu displays its plan for importing your resource and the file where OpenTofu generated configuration based on this plan.
```shell
$ tofu plan -generate-config-out=generated.tf
aws_iot_thing.bar: Preparing import... [id=foo]
aws_iot_thing.bar: Refreshing state... [id=foo]
OpenTofu will perform the following actions:
# aws_iot_thing.bar will be imported
# (config will be generated)
resource "aws_iot_thing" "bar" {
arn = "arn:aws:iot:eu-west-1:1234567890:thing/foo"
attributes = {}
default_client_id = "foo"
id = "foo"
name = "foo"
version = 1
}
Plan: 1 to import, 0 to add, 0 to change, 0 to destroy.
│ Warning: Config generation is experimental
│ Generating configuration during import is currently experimental, and the generated configuration format may change in future versions.
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
OpenTofu has generated configuration and written it to generated.tf. Please review the configuration and edit it as necessary before adding it to version control.
```
### 3. Review generated configuration
The example above instructs OpenTofu to generate configuration in a file named `generated.tf`. The below code is an example of a `generated.tf` file.
```hcl
resource aws_iot_thing "bar" {
name = "foo"
}
```
Review the generated configuration and update it as needed. You may wish to move the generated configuration to another file, add or remove resource arguments, or update it to reference input variables or other resources in your configuration.
#### Generated hints
In specific cases, the attributes of the generated blocks can be suffixed with a comment. That comment may contain hints as to why
a value was omitted.
For example, the following will be generated if the generated `resource` block contains sensitive and write-only attributes:
```hcl
resource "test_resource" "test" {
attr1 = null # sensitive
attr2 = null # write-only
attr3 = null # sensitive write-only
}
```
### 4. Apply
Run `tofu apply` to import your infrastructure.
```shell
$ tofu apply
aws_iot_thing.bar: Preparing import... [id=foo]
aws_iot_thing.bar: Refreshing state... [id=foo]
OpenTofu will perform the following actions:
# aws_iot_thing.bar will be imported
resource "aws_iot_thing" "bar" {
arn = "arn:aws:iot:eu-west-1:1234567890:thing/foo"
attributes = {}
default_client_id = "foo"
id = "foo"
name = "foo"
version = 1
}
Plan: 1 to import, 0 to add, 0 to change, 0 to destroy.
aws_iot_thing.bar: Importing... [id=foo]
aws_iot_thing.bar: Import complete [id=foo]
Apply complete! Resources: 1 imported, 0 added, 0 changed, 0 destroyed.
```
Commit your new resource configuration to your version control system.
## Limitations
### Conflicting resource arguments
OpenTofu generates configuration for importable resources during a plan by requesting values for resource attributes from the provider. For certain resources with complex schemas, OpenTofu may not be able to construct a valid configuration from these values.
OpenTofu will display an error like the one below if it does not receive values for resource attributes while generating configuration.
```shell
$ tofu plan -generate-config-out=generated.tf
│ Error: Conflicting configuration arguments
│ with aws_instance.ubuntu,
│ on g.tf line 20, in resource "aws_instance" "ubuntu":
│ 20: ipv6_address_count = 0
│ "ipv6_address_count": conflicts with ipv6_addresses
```
In the example above, OpenTofu still generates configuration and writes it to `generated.tf`. This error stems from a conflict between the `ipv6_address_count` and `ipv6_addresses` arguments. The resource supports both of these arguments, but you must choose only one when configuring the resource. You could fix the error by removing one of these two arguments, then running `tofu plan` again to check that there are no further issues.
Reference in New Issue View Git Blame Copy Permalink