terraform-provider-tls icon indicating copy to clipboard operation
terraform-provider-tls copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

Add support to terraform import tls_private_key resource

Open ghost opened this issue 6 years ago • 4 comments

This issue was originally opened by @trajano as hashicorp/terraform#20729. It was migrated here as a result of the provider split. The original body of the issue is below.

Current Terraform Version

$ terraform -v
Terraform v0.11.11

Use-cases

I want to use Terraform as a replacement for XCA to manage the certificates, but I don't want to generate new keys. I do not want to use data as it refers to existing data files for the keys instead I want them to be managed within Terraform state itself.

Attempted Solutions

$ terraform import module.certificate-authority.tls_private_key.ca CA_key.pem
module.certificate-authority.tls_private_key.ca: Importing from ID "CA_key.pem"...

Error: module.certificate-authority.tls_private_key.ca (import id: CA_key.pem): import module.certificate-authority.tls_private_key.ca (id: CA_key.pem): resource tls_private_key doesn't support import

Proposal

References

ghost avatar Mar 18 '19 15:03 ghost

This would be super useful, but in the meantime, my work-around for terraform 0.11.13:

  1. terraform state pull >state
  2. edit state file in text editor, look for the tls_private_key object I want to import
  3. edit the object's values (algorithm, ecdsa_curve, private_key_pem, public_key_fingerprint_md5, public_key_openssh, public_key_pem, rsa_bits) making sure to properly JSON-encode each value correctly
  4. terraform state push state

This is obviously super tedious and could easily be simplified with a tiny script, but since I don't intend on doing this frequently, the time to write and test the script far exceeds the time it takes to edit a few JSON values by hand.

dossy avatar Jun 26 '19 18:06 dossy

Is this enhancement on the roadmap?

Marcus-James-Adams avatar Mar 24 '23 18:03 Marcus-James-Adams

Hi @Marcus-James-Adams 👋

The Terraform Core Team are actively developing a new and improved import workflow. We will revisit issues and PRs relating to modifying behaviour of import in the utility providers (including tls) once the new import workflow has been implemented in Terraform Core.

bendbennett avatar Mar 27 '23 15:03 bendbennett

Hello. It's now more than 1 year.

Is there any update on this? I would be happy to contribute if needed.

PPACI avatar May 16 '24 09:05 PPACI