terraform state file seems corrupted

Question

I have added a backend block to store the terraform.state file in azure storage account.

terraform.tfstate file contains data also.

terraform {
# Configure Terraform State Storage
    backend "azurerm" {
    resource_group_name   = "azure-rg"
    storage_account_name  = "azure-rg-sa"
    container_name        = "azure-rg-sacon"
    key                   = "terraform.tfstate"
  }
}

When i run terraform plan , terraform tries to recreate what is already created.

Seems terraform state file got corrupted, terraform plan doses not referring the statefile.

how to fix the same, is there is any way i can import the state of my resources to terraform state present in Azure Storage account.

Thanks

Answer 1

If you want to move the state file from one remote to another then you can just change storage account name (if required) and container name , then do a terraform init -migrate-state or you can follow the steps mentioned here in this SO thread by ShawnC.

OR

If You want to create a new state file with your existing resource present on Azure . After changing the required details from terraform backend configuration , you will have to perform import operation on every resource present on that main.tf file with command terrafrom import <terraform resource> <Azure resource ID>. As you can't perform bulk import using terraform , you will have to do individual operation for individual resources.

ex:

terraform {
  backend "azurerm" {
    resource_group_name = "myresourcegroup"
    storage_account_name = "ansumanterraformtest12" ## change to new storage account
    container_name       = "terraform" ## change to new Container
    key                  = "terraform.tfstate"
  }
required_providers {
    azurerm = {
      source = "hashicorp/azurerm"
      version = "2.90.0"
    }
  }
}
provider "azurerm" {
  features {}
}

data "azurerm_resource_group" "example"{
  name = "myresourcegroup"
}

resource "azurerm_virtual_network" "example" {
  name                = "ansuman-network"
  address_space       = ["10.0.0.0/16"]
  location            = data.azurerm_resource_group.example.location
  resource_group_name = data.azurerm_resource_group.example.name
}

resource "azurerm_subnet" "example" {
  name                 = "internal"
  resource_group_name  = data.azurerm_resource_group.example.name
  virtual_network_name = azurerm_virtual_network.example.name
  address_prefixes     = ["10.0.2.0/24"]
}

resource "azurerm_network_security_group" "example" {
  name                = "example-nsg"
  location            = data.azurerm_resource_group.example.location
  resource_group_name = data.azurerm_resource_group.example.name

  security_rule {
    name                       = "test123"
    priority                   = 100
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "*"
    source_address_prefix      = "*"
    destination_address_prefix = "*"
  }
}

resource "azurerm_subnet_network_security_group_association" "example" {
  subnet_id                 = azurerm_subnet.example.id
  network_security_group_id = azurerm_network_security_group.example.id
}

resource "azurerm_network_interface" "example" {
  name                = "ansuman-nic"
  location            = data.azurerm_resource_group.example.location
  resource_group_name = data.azurerm_resource_group.example.name

  ip_configuration {
    name                          = "testconfiguration1"
    subnet_id                     = azurerm_subnet.example.id
    private_ip_address_allocation = "Dynamic"
  }
}

Run Command after terraform init:

terraform import azurerm_subnet_network_security_group_association.example /subscriptions/<subid>/resourceGroups/<rgname>/providers/Microsoft.Network/virtualNetworks/<vnetname>/subnets/<subnetname>

Output:

Note: As I have run the command for subnet and NSG association resource block , We have to run the same command for each resource block present on the main.tf file in my case it will be vnet, subnet, NSG and NIC.