## The Problem
When approaching the task of building a Terraform integration, there was a sense of trepidation. Building features that people would love to use is a primary motivation, but Terraform integrations are often not well-received. Common pitfalls include the tedious process of building resources by hand, the difficulty of importing and managing existing resources, and the potential for state drift when it’s unclear which resources are being Terraformed. This can lead to debugging discrepancies in parts of the state that are not immediately relevant.
## The Solution
Despite the challenges, a solution was developed that aims to make using Terraform for incident configuration a positive experience. Key features of the solution include:
### Resources have a visual builder
Complex resources can be easily created using a visual builder, leveraging familiarity with existing workflows and schedules UI. This simplifies the process of generating Terraform configuration and provides validation to ensure accuracy. Additionally, a preview feature allows for a visual representation of changes before committing them.
### Users can import and update existing resources using the visual builder
The ability to manage resources created with the visual builder is essential for making changes efficiently. Users can easily update and regenerate configurations as needed. Furthermore, existing resources can be migrated to Terraform management seamlessly, with automated updates to management information upon applying changes.
### It’s clear which resources are being Terraformed and where they’re being managed from
To prevent confusion and potential conflicts between Terraform-managed and UI-managed resources, clear indicators are provided for externally managed resources. Users can easily identify where resources are being managed and avoid unintentional changes to externally managed resources.
### There’s a “break glass in case of emergency” option
To safeguard against accidental mutations of externally managed resources, measures are in place to prevent unauthorized changes. This helps prevent issues and ensures a smooth operation of the Terraform integration. Adding Terraform support to your resources can be beneficial, but it does come with risks. One such risk is being unable to push changes during an incident or emergency due to the state being out of sync. This can hinder your ability to fix urgent issues, even if the conflicts are unrelated.
To address this issue, we have implemented an “un-claim” feature within the visual builder. This allows you to temporarily set aside your urgent changes and deal with the state cleanup after the incident has passed, providing you with an escape hatch in critical situations.
Furthermore, to future-proof our system, we have introduced a managed resource abstraction. This decouples a resource’s management information from the resource itself, making it easier to manage resources in the long run. Annotations enable us to store additional information related to the resource management, ensuring flexibility and scalability.
In summary, when incorporating Terraform support into your resources, consider providing a visual builder, facilitating the import of existing resources, ensuring readability in configuration generation, clearly defining Terraformed components, and offering an escape hatch for externally managed resources. By following these guidelines, you can effectively leverage Terraform in your resource management process.
