📘 Terraform Series – Day 11

Terraform State Management & Import

📝 Abstract

Terraform works by maintaining a record of infrastructure in a state file. This state file acts as the bridge between your Terraform configuration and real-world resources (like AWS EC2, Security Groups, etc.).

In this blog, we will understand how Terraform manages state, why it is important, how to handle state manually, and how to import existing resources into Terraform.

🎯 Objectives

After completing this blog, you will be able to:

• Understand what Terraform state is

• Know why state management is important

• Sync Terraform state with real infrastructure

• Use important state commands

• Understand terraform import

• Handle real-world interview scenarios

🔷 Step 1: What is Terraform State?

Terraform maintains a file called:

terraform.tfstate

---

🧠 This file stores:

• All created resources (EC2, Security Groups, etc.)

• Current status of resources (running, stopped, IDs, etc.)

• Mapping between Terraform config ↔ real infrastructure

🔷 Step 2: Why State Management is Required

Terraform uses the state file to:

• Know what resources are already created ✅

• Track infrastructure changes ✅

• Avoid recreating resources unnecessarily ✅

• Compare desired state vs actual state ✅

🔷 Step 3: Important Scenario (Very Important)

🔹 Situation:

• EC2 is running in Terraform state

• You manually stop it from AWS Console

❓ Will Terraform automatically update state?

👉 ❌ NO

Terraform does not auto-detect manual changes.

🔷 Step 4: How to Sync State

To update Terraform state:

terraform refresh

OR

terraform apply

✔ Result

• Terraform reads real infrastructure

• Updates state file

👉 Example:
running → stopped

🔷 Step 5: State Management Commands

1️⃣ List All Resources

terraform state list

2️⃣ Show Resource Details

terraform state show aws_instance.my_instance

3️⃣ Remove Resource from State

terraform state rm aws_key_pair.my_key

🔷 Step 6: Important Interview Question

❓ What happens if you run:

terraform state rm aws_key_pair.my_key

🔥 Answer

• ❌ Resource is NOT deleted from AWS

• ✅ Only removed from Terraform state

👉 The actual resource still exists in AWS

🔷 Step 7: How to Restore Resource (Import Back)

If you removed resource from state by mistake:

terraform import aws_key_pair.my_key <key-Name-in aws>

✔ Result

• Resource is added back to Terraform state

• Terraform starts managing it again

🔷 Step 8: Importing Existing EC2 Instance

🧩 Step 1: Create Resource Block

resource "aws_instance" "my_instance" {
  ami           = "ami-xxxx"   # placeholder
  instance_type = "t2.micro"
}

👉 Values can be temporary/dummy

🧩 Step 2: Run Import Command

terraform import aws_instance.my_instance <instance-id>

👉 Example:

terraform import aws_instance.demo-instance i-1234567890abcdef0

🧩 Step 3: Verify

terraform state show aws_instance.my_instance

🧩 Step 4: Fix Configuration (Important)

After import:

terraform plan

👉 Then:

• Update .tf file with correct values

• Match actual AWS configuration

⚠️ Important Notes

• Import updates only state, not Terraform code

• You must manually update .tf files

• If configuration does not match → Terraform will try to modify resource

🚀 Conclusion

• Terraform state is the core of infrastructure tracking

• Manual changes are not auto-detected

• Use terraform refresh/apply to sync

• terraform state commands help manage resources

• terraform import is useful for existing infrastructure

👨‍💻 About the Author

“A complete Terraform series covering everything from fundamentals to advanced real-world infrastructure automation in a DevOps environment.”

📬 Let's Stay Connected

• 📧 Email: gujjarapurv181@gmail.com

• 🐙 GitHub: github.com/ApurvGujjar07

• 💼 LinkedIn: linkedin.com/in/apurv-gujjar