Search code examples
azureterraformterraform-provider-azureterraform-modules

Getting Error while trying to do Terraform Import of Azure Disk Encryption Sets

While doing Terraform Apply i am getting the below error :

Error: A resource with the ID "/subscriptions/0386xx61-41b1-xxx-9658-8cxxxx6c0829/resourceGroups/rg-identity-prd-cus-001/providers/Microsoft.Compute/diskEncryptionSets/des-prd-cus-001" already exists - to be managed via Terraform this resource needs to be imported into the State. Please see the resource documentation for "azurerm_disk_encryption_set" for more information.
│ 
│   with module.identity_subscription[0].azurerm_disk_encryption_set.de_identity["key1"],
│   on subscriptions/identity/identity.tf line 578, in resource "azurerm_disk_encryption_set" "de_identity":
│  578: resource "azurerm_disk_encryption_set" "de_identity" {

I have created an Azure disk encryption set resource in identity.tf file with the below code :

resource "azurerm_disk_encryption_set" "de_identity" {
  for_each            = local.kv_keys
  name                = format("des-%s-%s-%s", var.environment,var.location_short_name,var.instance_number)
  resource_group_name = module.resource_group.rg_name_subs 
  location            = var.location
  key_vault_key_id    = azurerm_key_vault_key.kv_key[each.key].id 
  identity {
    type = "SystemAssigned"
  }
}

Now i run this command below and it is throwing error :

terraform import --var-file=centralus.tfvars  module.identity_subscription[0].azurerm_disk_encryption_set.de_identity "/subscriptions/xxxx61-41xx-451x-xxxx-8c25546c0829/resourceGroups/rg-identity-prd-cus-001/providers/Microsoft.Compute/diskEncryptionSets/des-prd-cus-001"

Error Message :

 Error: Configuration for import target does not exist
│
│ The configuration for the given import module.identity_subscription[0].azurerm_disk_encryption_set.de_identity does not exist. All target instances  
│ must have an associated configuration to be imported.

The structure of my folder is shown in screenshot

enter image description here

Solution

  • Getting Error while trying to do Terraform Import of Azure Disk Encryption Sets

    Continution from the comment discussion the errors mentioned was in general occurs due to two things

    As Matthew-Schuchard mentioned whenever youre using the for_each configuration inside the plugin we should always need to provide literal quotes

    Lets say in this format

    terraform import --var-file=centralus.tfvars 'module.identity_subscription[0].azurerm_disk_encryption_set.de_identity["key2"]' /subscriptions/038xxxx-4xx1-4xx-9658-8c25546c0829/resourceGroups/rg-identity-prd-cus-001/providers/Microsoft.Compute/diskEncryptionSets/des-prd-cus-001

    The use of escaped quotes ["key2"] is correct and required here.

    Second thing as per the error discription

    The invlovement of C:/Users/... before subscriptions/... this states that shell misinterpreted the second argument as path instead of resource id

    Always make sure you have the quotes for keys in this manner "key2" or 'key2'

    Make sure you have the valid key inputs inside tfvars.

    Refer:

    https://developer.hashicorp.com/terraform/language/import#import-multiple-instances-with-for_each

    https://github.com/hashicorp/terraform/issues/33114