'Diagnostic Settings - Master" already exists - to be managed via Terraform this resource needs to be imported into the State
I have a Diagnostic setting configured on my master db. As shown below in my main.tf
resource "azurerm_monitor_diagnostic_setting" "main" {
name = "Diagnostic Settings - Master"
target_resource_id = "${azurerm_mssql_server.main.id}/databases/master"
log_analytics_workspace_id = azurerm_log_analytics_workspace.main.id
log {
category = "SQLSecurityAuditEvents"
enabled = true
retention_policy {
enabled = false
}
}
metric {
category = "AllMetrics"
retention_policy {
enabled = false
}
}
lifecycle {
ignore_changes = [log, metric]
}
}
If i dont delete it before in the resource group before i run the terraform. I get the error :
Diagnostic Settings - Master" already exists - to be managed via Terraform this resource needs to be imported into the State
I know that if i delete the sql server the diagnostic setting remains - but i dont know why that is a problem with terraform.
I have also noticed that IT IS in my tfplan.
So I dont know what could be the problem ?? Any ideas.
Solution 1:[1]
If i dont delete it before in the resource group before i run the terraform. I get the error :
Diagnostic Settings - Master" already exists - to be managed via Terraform this resource needs to be imported into the StateI know that if i delete the sql server the diagnostic setting remains but i dont know why that is a problem with terraform.
If you have created the resource in Azure from a different way (i.e. Portal/Templates/CLI/Powershell) , that means Terraform is not aware of resource already existing in Azure . So , during Terraform Plan , it shows you the plan what will be created from what you have written in main.tf . But when you run Terraform Apply the azurerm provider checks the resources names with the existing resources of the same resource providers and result in giving an error that it already exists and needs to be imported to be managed by Terraform.
Also If you have created everything from Terraform then doing a Terraform destroy deletes all the resources present on the main.tf.
well its in the .tfplan and also its in main.tf - so its imported right ?
If you mention the resource and its details in main.tf and .tfplan , it doesn't mean that you have imported the resource or Terraform gets aware of the resource. Terraform is only aware of the resources that are stored in the Terraform state file i.e. .tfstate.
So , to overcome the error that you get without deleting the resource from Portal , you will have to add the resource in the main.tf as you have already done and then use Terraform import command to import the Azure resource to Terraform State file like below :
terraform import azurerm_monitor_diagnostic_setting.example "{resourceID}|{DiagnosticsSettingsName}"
So , for you it will be like :
terraform import azurerm_monitor_diagnostic_setting.main "/subscriptions/<SubscriptionID>/resourceGroups/<ResourceGroupName>/providers/Microsoft.Sql/servers/<SQLServerName>/databases/master|Diagnostic Settings - Master"
After the Import is done , any changes you make from terraform to that resource will get reflected in portal as well and you will be able to destroy the resource from terraform as well.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Ansuman Bal |