top | item 26812787

(no title)

> we cannot manually fix some minor mistakes of ours when creating resources because that'll mess up terraform

In my opinion if you're doing manual fixes you're doing it wrong. Let's say you do your manual fix in your Dev environment. Do you remember to do it in Prod/whatever other environments you have? Are you sure you did the EXACT same thing? Did you change 5 other things trying to fix it first?

You end up with so many different deployment environments that are unique 'snowflakes', and when something breaks in one it might not affect the others cause they're in totally different states.

It's a nightmare.

In my opinion, infrastructure as code is the only way to do it in a serious environment.

discuss

kstrauser|4 years ago

I think there's a middle ground if you're not sure how to fix a mistake in Terraform but you know how to do it in the console:

* Make your changes by hand

* Right afterward, run "terraform plan" to see how Terraform would undo your changes

* Edit your Terraform config to reflect those changes, and run "terraform plan" again to make sure you caught everything. Repeat until it's a no-op.

Now you've got a log of what you've done in a Git-ready format, and you can repeat it elsewhere, and you've learned how to make that console change in code.

pm90|4 years ago

This. I’m surprised at how many folks don’t realize you can do this and capture your changes in terraform by looking at the plan and making tf code changes until the plan doesn’t show a diff

te_chris|4 years ago

You can also fetch cloud resource state with terraform, without running plan - I can’t remember the exact command. You can use this to import new resources into tf

matwood|4 years ago

You can do it that way, but I find the tf docs easier and more concise to use than clicking around the AWS UI.