import an azure vm into a terraform cloud workspace, so the resource become terraform managed


you already have git repo ready for the terraform cloud workspace


1 git clone the code for the terraform cloud workspace

2 create a remote backend file in the repo, something like this

terraform {
  backend "remote" {
    organization = "leaonow"
    hostname = "app.terraform.io"
    workspaces {
      name = "azureInfraTFCode"

3 do terraform login

4 create resource tf file for the vm so that you can import, for example

resource "azurerm_linux_virtual_machine" "leoVM" {
    name                  = "unknown"
    location              = "unknown"
    resource_group_name   = "unknown"
    network_interface_ids = ["unknown"]
    size                  = "unknown"
    admin_username        = "unknown"

    os_disk {
        name              = "myOsDisk"
        caching           = "ReadWrite"
        storage_account_type = "Standard_LRS"

please note: to be able to successfully import the resource you must define all the required parameter for the resource type

5 do terraform import

terraform import azurerm_linux_virtual_machine.leoVM /subscriptions/58blahe-blah-blah-blah-cblaha/resourceGroups/leoRG/providers/Microsoft.Compute/virtualMachines/leoVM

6 now, the resource is imported into the terraform state file, which means terraform is now know the existence of the vm resource, but you terraform code still need to include all details for the resource, otherwise by the next time you run the terraform plan/apply , it will remove the resource from the state file as it cannot find the same in terraform code (or replace if it believed it need to do that)
so , this step , we will need to modify the tf file created in step 4 to match the details in the state file

resource "azurerm_linux_virtual_machine" "leoVM" {
    name                  = "leoVM"
    location              = "australiaeast"
    resource_group_name   = "leoRG"
    network_interface_ids = ["/subscriptions/58shitshitshit12a/resourceGroups/leoRG/providers/Microsoft.Network/networkInterfaces/leoVmNetworkInterface"]
    size                  = "Standard_B1ls"
    admin_username        = "azureuser"
    disable_password_authentication = true
    computer_name         = "myvm"

    os_disk {
        name              = "myOsDisk"
        caching           = "ReadWrite"
        storage_account_type = "Standard_LRS"

    source_image_reference {
        publisher = "Canonical"
        offer     = "UbuntuServer"
        sku       = "18_04-lts-gen2"
        version   = "18.04.202107200"

    admin_ssh_key {
        username       = "azureuser"
        public_key     = azurerm_ssh_public_key.leoKP.public_key

    lifecycle {
    ignore_changes = [

as you can see we have added a lot of details in the tf file, this is because there are many parameters for a resource type will cause recreation of the resource, so you must provide all those details to convince terraform that the resource defined in this file match the vm which defined in the step file, so terraform will not replace the vm. (you can search "to be created" in the resource documentation to see the parameters which might cause recreation of the resource)

7 now, you just need to git add the new tf file which define the vm, and then commit to your repo, that will cause a terraform plan in terraform cloud, and in the plan session , you should see no change found, if you see replace/create then it mean you did it WRONG