Step-by-Step Guide to Importing AWS Resources with Terraform
AWS with Terraform : Day - 25
Many teams start on AWS using the console. Over time, resources pile up. EC2 instances, S3 buckets, IAM roles, and security groups exist, but none of them are managed as code. This makes changes risky and audits difficult.
Terraform import helps solve this problem. It allows you to bring existing AWS resources under Terraform management without recreating them.
This blog explains what Terraform import is, how it works, and how to use it safely in real projects.
What Is Terraform Import
Terraform import maps an existing AWS resource to a Terraform resource block.
It does not create or modify the resource.
It only updates Terraform state.
In simple words, Terraform import tells Terraform:
“This resource already exists. Start tracking it.”
High Level Flow
Existing AWS Resource
|
| terraform import
v
Terraform State Updated
|
| terraform plan
v
Infrastructure Managed as Code
After import, Terraform knows the resource exists, but you still need to define it correctly in code.
When Terraform Import Is Useful
AWS resources were created manually
Migrating from console to Infrastructure as Code
Taking over legacy AWS accounts
Standardizing environments
Avoiding resource recreation in production
Terraform import is especially useful in brownfield environments.
What Terraform Import Does and Does Not Do
What it does:
Adds the resource to Terraform state
Links the resource to a Terraform block
What it does not do:
Generate Terraform code automatically
Change the resource configuration
Validate best practices
Writing correct Terraform code is still your responsibility.
Basic Import Syntax
terraform import <resource_type>.<resource_name> <aws_resource_id>
The resource must already exist in AWS.
Example 1: Import an EC2 Instance
Step 1: Write the Resource Block
resource "aws_instance" "app" {
ami = "ami-0abcd1234"
instance_type = "t3.micro"
}
Values do not need to be perfect yet. They will be adjusted later.
Step 2: Import the Instance
terraform import aws_instance.app i-0123456789abcdef0
Terraform now tracks this EC2 instance.
Step 3: Review the Plan
terraform plan
Terraform will likely show differences. This is expected.
Update the code until the plan shows no changes.
Example 2: Import an S3 Bucket
resource "aws_s3_bucket" "assets" {
bucket = "my-existing-bucket"
}
terraform import aws_s3_bucket.assets my-existing-bucket
After import, add related resources like versioning and encryption if they already exist.
Importing IAM Roles
IAM imports are common but require care.
resource "aws_iam_role" "app_role" {
name = "existing-app-role"
}
terraform import aws_iam_role.app_role existing-app-role
Policies attached to the role must be imported separately.
Handling Complex Resources
Some AWS services have multiple Terraform resources.
Examples:
Security groups with separate rule resources
IAM roles and policy attachments
Load balancers and listeners
Each part may need its own import command.
This takes time, but it gives clean and maintainable Terraform code.
Common Mistakes to Avoid
Importing without writing code first
Ignoring terraform plan after import
Importing directly into production branches
Mixing manual changes after import
Assuming Terraform will auto generate code
Terraform import is a starting point, not the final step.
Best Practices for Terraform Import
Import one resource at a time
Always run terraform plan after import
Fix drift immediately
Commit state changes carefully
Use a separate branch for imports
Document imported resources
Avoid importing unused or temporary resources
Limitations of Terraform Import
No automatic code generation
No bulk import support by default
Requires deep understanding of the resource
Easy to introduce drift if done carelessly
Despite these limitations, import is still the safest way to move to IaC.
Real World Use Case
A common scenario is a production EC2 instance running for months. Recreating it is not an option. Terraform import lets you safely bring it under code management and gradually improve its configuration.
This is how many teams adopt Terraform without downtime.
Final Thoughts
Terraform import is a powerful bridge between manual AWS setups and fully automated infrastructure. It helps teams transition to Infrastructure as Code without rebuilding everything.
Used carefully, it brings visibility, control, and confidence to existing AWS environments.
