Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support to terraform import tls_private_key resource #44

Open
ghost opened this issue Mar 18, 2019 · 5 comments
Open

Add support to terraform import tls_private_key resource #44

ghost opened this issue Mar 18, 2019 · 5 comments
Labels
enhancement

Comments

@ghost
Copy link

ghost commented Mar 18, 2019

This issue was originally opened by @trajano as hashicorp/terraform#20729. It was migrated here as a result of the provider split. The original body of the issue is below.

Current Terraform Version

$ terraform -v
Terraform v0.11.11

Use-cases

I want to use Terraform as a replacement for XCA to manage the certificates, but I don't want to generate new keys. I do not want to use data as it refers to existing data files for the keys instead I want them to be managed within Terraform state itself.

Attempted Solutions

$ terraform import module.certificate-authority.tls_private_key.ca CA_key.pem
module.certificate-authority.tls_private_key.ca: Importing from ID "CA_key.pem"...

Error: module.certificate-authority.tls_private_key.ca (import id: CA_key.pem): import module.certificate-authority.tls_private_key.ca (id: CA_key.pem): resource tls_private_key doesn't support import

Proposal

References
@ghost ghost mentioned this issue Mar 18, 2019
Closed
@dossy
Copy link

dossy commented Jun 26, 2019

This would be super useful, but in the meantime, my work-around for terraform 0.11.13:

  1. terraform state pull >state
  2. edit state file in text editor, look for the tls_private_key object I want to import
  3. edit the object's values (algorithm, ecdsa_curve, private_key_pem, public_key_fingerprint_md5, public_key_openssh, public_key_pem, rsa_bits) making sure to properly JSON-encode each value correctly
  4. terraform state push state

This is obviously super tedious and could easily be simplified with a tiny script, but since I don't intend on doing this frequently, the time to write and test the script far exceeds the time it takes to edit a few JSON values by hand.

@vadimkuznetsov vadimkuznetsov mentioned this issue Mar 30, 2020
Closed
@fcrespofastly fcrespofastly mentioned this issue Jun 14, 2022
Open
@bflad bflad mentioned this issue Oct 11, 2022
Closed
1 task
@Marcus-James-Adams
Copy link

Is this enhancement on the roadmap?

@bendbennett
Copy link
Contributor

Hi @Marcus-James-Adams 👋

The Terraform Core Team are actively developing a new and improved import workflow. We will revisit issues and PRs relating to modifying behaviour of import in the utility providers (including tls) once the new import workflow has been implemented in Terraform Core.

@PPACI
Copy link

PPACI commented May 16, 2024

Hello.
It's now more than 1 year.

Is there any update on this?
I would be happy to contribute if needed.

@eugercek
Copy link

eugercek commented Nov 8, 2024

Another good reason to implement this is terraform-aws-provider, currently aws_key_pair Required public key, it can't auto generate private key. Operator needs to use tls_private_key. If one will migrate all of their key_pairs to terraform there're lots of manual steps to import the private keys, or one will just use public_key=` and manage private key outside of terraform.

@eugercek eugercek mentioned this issue Nov 8, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@dossy @bendbennett @PPACI @hashibot @Marcus-James-Adams @eugercek