Importing existing resources into a stack
This topic shows you how to import existing Amazon resources into an existing stack by describing them in a template. To instead scan for existing resources and automatically generate a template that you can use to import existing resources into CloudFormation or replicate resources in a new account, see Generate templates from existing resources with IaC generator.
Prerequisites
Before you begin, you must have the following:
-
A template that describes the entire stack, including both the resources that are already part of the stack and the resources to import. Save the template locally or in an Amazon S3 bucket.
To get a copy of a running stack's template
-
Open the CloudFormation console at https://console.amazonaws.cn/cloudformation/
. -
From the list of stacks, choose the stack you want to retrieve the template from.
-
In the stack details pane, choose the Template tab, and then choose Copy to clipboard.
-
Paste the code into a text editor to begin adding other resources to the template.
-
-
For each resource you want to import, include the following:
-
the properties and property values that define the resource's current configuration.
-
the unique identifier for the resource, such as the resource name. For more information, see Resource identifiers.
-
Topics
Example template
In this walkthrough, we assume you're using the following example template, called
TemplateToImport.json
, that specifies two DynamoDB tables. ServiceTable
is currently part of the stack, and GamesTable
is the table you want to
import.
Note
This template is meant as an example only. To use it for your own testing purposes, replace the sample resources with resources from your account.
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Import test",
"Resources": {
"ServiceTable": {
"Type": "AWS::DynamoDB::Table",
"Properties": {
"TableName": "Service",
"AttributeDefinitions": [
{
"AttributeName": "key",
"AttributeType": "S"
}
],
"KeySchema": [
{
"AttributeName": "key",
"KeyType": "HASH"
}
],
"ProvisionedThroughput": {
"ReadCapacityUnits": 5,
"WriteCapacityUnits": 1
}
}
},
"GamesTable": {
"Type": "AWS::DynamoDB::Table",
"DeletionPolicy": "Retain",
"Properties": {
"TableName": "Games",
"AttributeDefinitions": [
{
"AttributeName": "key",
"AttributeType": "S"
}
],
"KeySchema": [
{
"AttributeName": "key",
"KeyType": "HASH"
}
],
"ProvisionedThroughput": {
"ReadCapacityUnits": 5,
"WriteCapacityUnits": 1
}
}
}
}
}
Import an existing resource into a stack using the Amazon Web Services Management Console
Note
The Amazon CloudFormation console doesn't support the use of the intrinsic function Fn::Transform when importing resources. You can use the Amazon Command Line Interface to import resources that use the intrinsic function Fn::Transform.
Sign in to the Amazon Web Services Management Console and open the Amazon CloudFormation console at https://console.amazonaws.cn/cloudformation
. -
On the Stacks page, choose the stack you want to import resources into.
-
Choose Stack actions, and then choose Import resources into stack.
-
Review the Import overview page, and then choose Next.
-
On the Specify template page, provide your updated template using one of the following methods, and then choose Next.
-
Choose Amazon S3 URL, and then specify the URL for your template in the text box.
-
Choose Upload a template file, and then browse for your template.
-
-
On the Identify resources page, identify each target resource. For more information, see Resource identifiers.
-
Under Identifier property, choose the type of resource identifier. For example, the
AWS::DynamoDB::Table
resource can be identified using theTableName
property. -
Under Identifier value, type the actual property value. For example, the
TableName
for theGamesTable
resource in the example template is
.Games
-
Choose Next.
-
-
On the Specify stack details page, update any parameters, and then choose Next. This automatically creates a change set.
Note
The import operation fails if you modify existing parameters that initiate a create, update, or delete operation.
-
On the Review
stack-name
page, review the resources to import, and then choose Import resources. This automatically executes the change set created in the last step. Any stack-level tags are applied to imported resources at this time. For more information, see Configure stack options.The Events page for the stack displays.
-
(Optional) Run drift detection on the stack to make sure the template and actual configuration of the imported resources match. For more information about detecting drift, see Detect drift on an entire CloudFormation stack.
-
(Optional) If your imported resources don't match their expected template configurations, either correct the template configurations or update the resources directly. For more information about importing drifted resources, see Resolve drift with an import operation.
Import an existing resource into a stack using the Amazon CLI
-
To learn which properties identify each resource type in the template, run the get-template-summary command, specifying the S3 URL of the template. For example, the
AWS::DynamoDB::Table
resource can be identified using theTableName
property. For theGamesTable
resource in the example template, the value ofTableName
isGames
. You'll need this information in the next step.aws cloudformation get-template-summary \ --template-url
https://amzn-s3-demo-bucket.s3.us-west-2.amazonaws.com/TemplateToImport.json
For more information, see Resource identifiers.
-
Compose a list of actual resources to import and their unique identifiers in the following JSON string format.
[{"ResourceType":"AWS::DynamoDB::Table","LogicalResourceId":"GamesTable","ResourceIdentifier":{"TableName":"Games"}}]
Alternatively, you can specify the JSON-formatted parameters in a configuration file.
For example, to import
GamesTable
, you might create aResourcesToImport.txt
file that contains the following configuration.[ { "ResourceType":"AWS::DynamoDB::Table", "LogicalResourceId":"GamesTable", "ResourceIdentifier": { "TableName":"Games" } } ]
-
To create a change set, use the following create-change-set command and replace the placeholder text. For the
--change-set-type
option, specify a value ofIMPORT
. For the--resources-to-import
option, replace the sample JSON string with the actual JSON string you just created.aws cloudformation create-change-set \ --stack-name
TargetStack
--change-set-nameImportChangeSet
\ --change-set-typeIMPORT
\ --template-urlhttps://amzn-s3-demo-bucket.s3.us-west-2.amazonaws.com/TemplateToImport.json
\ --resources-to-import'[{"ResourceType":"AWS::DynamoDB::Table","LogicalResourceId":"GamesTable","ResourceIdentifier":{"TableName":"Games"}}]'
Note
--resources-to-import
doesn't support inline YAML. The requirements for escaping quotes in the JSON string vary depending on your terminal. For more information, see Using quotation marks inside strings in the Amazon Command Line Interface User Guide.Alternatively, you can use a file URL as input for the
--resources-to-import
option, as shown in the following example.--resources-to-import
file://ResourcesToImport.txt
-
Review the change set to make sure the correct resources will be imported.
aws cloudformation describe-change-set \ --change-set-name
ImportChangeSet
--stack-nameTargetStack
-
To initiate the change set and import the resources, use the following execute-change-set command and replace the placeholder text. Any stack-level tags are applied to imported resources at this time. For more information, see Configure stack options. On successful completion of the operation
(IMPORT_COMPLETE)
, the resources are successfully imported.aws cloudformation execute-change-set \ --change-set-name
ImportChangeSet
--stack-nameTargetStack
-
(Optional) Run drift detection on the
IMPORT_COMPLETE
stack to make sure the template and actual configuration of the imported resources match. For more information about detecting drift, see Detect drift on an entire CloudFormation stack.-
Run drift detection on the specified stack.
aws cloudformation detect-stack-drift --stack-name
TargetStack
If successful, this command returns the following sample output.
{ "Stack-Drift-Detection-Id" : "624af370-311a-11e8-b6b7-500cexample" }
-
View the progress of a drift detection operation for the specified stack drift detection ID.
aws cloudformation describe-stack-drift-detection-status \ --stack-drift-detection-id
624af370-311a-11e8-b6b7-500cexample
-
View drift information for the resources that have been checked for drift in the specified stack.
aws cloudformation describe-stack-resource-drifts --stack-name
TargetStack
-
-
(Optional) If your imported resources don't match their expected template configurations, either correct the template configurations or update the resources directly. For more information about importing drifted resources, see Resolve drift with an import operation.