Don't Do That! RDS Terraform Import sans Pain 📊

2024-02-18
Geoff

Importing the RDS

You start the import like any other resource. Define an import block and then match the properties of the resource 1-1 with the existing resource.

1
2
3
4
import {
    to = aws_db_instance.my_rds
    id = "db-XXXX"
}

Then define the corresponding resource in the resource block.

1
2
3
4
5
6
7
resource "aws_db_instance" "my_rds" {
    family = "mysql5.7"
    engine = "mysql"
    .
    .
    .
}

Testing the Process

Examine your plans. In particular make sure the resource is updated in place and not destroyed and recreated. In the case of destroy on an RDS you could lose all your data.

1
terraform plan

Gotchyas

If your database is encrypted be sure to include the:

1
    storage_encrypted = true

argument as it defaults to false and will cause an encrypted RDS to be destroyed and recreated resulting in data loss.

If you are testing your process and you are using micro instances to save on costs, be aware that the smallest instance size that supports encryption is db.t2.small. If you are using a db.t2.micro instance you may not see the replacement issue since encryption is not available on the free tier RDSs.

Again always examine your plans.

Conclusion

Importing a database into terraform is a delicate process. Always be sure to examine your plans and be aware of the gotchyas that can cause data loss. Keep in mind the differences between testing resources and your production resources as differences in possible configuration can result in different outcomes.

📨 Contact GSPC ✉️

AWS Certified Certified Terraform Associate AWS Serverless AWS Certified Developer Associate GitHub Foundations Certification GitHub Actions Certification Certified SysOps Administrator Certified AWS Security Specialist Certified AWS DevOps Engineer Professional GCP: Cloud Digital Leader Certification Badge