aztfexport
aztfexport is an open-source tool that discovers and imports existing Azure resources into Terraform, generating corresponding HCL configuration and state files. It automates the process of bringing cloud infrastructure under Terraform management without requiring manual resource definition.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | Azure/aztfexport |
| Owner | Azure |
| Primary language | Go |
| License | MPL-2.0 — OSI-approved |
| Stars | 1.9k |
| Forks | 216 |
| Open issues | 46 |
| Latest release | v0.19.0 (2026-01-27) |
| Last updated | 2026-07-07 |
| Source | https://github.com/Azure/aztfexport |
What aztfexport is
Written in Go, aztfexport leverages aztft for resource type mapping and tfadd for HCL generation, executing terraform import commands to populate state while generating consistent Terraform configurations. It supports both AzureRM and AzAPI providers and requires Terraform ≥ v0.12.
Get the aztfexport source
Clone the repository and explore it locally.
git clone https://github.com/Azure/aztfexport.gitcd aztfexport# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Verify all Azure resource types you plan to import are supported by the AzureRM or AzAPI provider; check provider docs and aztft mappings before bulk operations.
- Ensure Terraform ≥ v0.12 is installed and in PATH; test aztfexport against a non-production subscription first to validate output quality and catch unsupported resources early.
- Plan for manual review and refinement of generated HCL; treat output as a starting point, not production-ready code, and validate against compliance/security policies.
- Configure telemetry settings (enabled by default) in `$HOME/.aztfexport/config.json` per organizational policy before widespread deployment.
- Establish version control for generated state and HCL; use Git or similar to track imports and facilitate team review of resource definitions.
When to avoid it — and what to weigh
- Comprehensive Infrastructure Reproduction Not Required — README explicitly states generated configurations are not comprehensive and cannot fully reproduce infrastructure from configuration alone—unsuitable if you need complete, runnable templates.
- Limited Resource Type Coverage — Tool only exports resources supported by AzureRM or AzAPI providers; unsupported Azure services will be skipped, requiring manual configuration for gaps.
- Terraform < v0.12 Environments — Requires Terraform version 0.12 or later; older environments will not work, and upgrade may not be feasible in legacy setups.
- High Configuration Post-Processing Sensitivity — Generated HCL may require significant manual refinement for production use; if your team cannot validate and modify generated code, adoption friction will be high.
License & commercial use
Licensed under Mozilla Public License 2.0 (MPL-2.0), an OSI-approved copyleft license requiring derivative works to be licensed under MPL-2.0 and providing patent protections.
MPL-2.0 permits commercial use, modification, and distribution with conditions: derivative modifications must be available under MPL-2.0, and original source must be disclosed. Consult legal counsel for specific commercial integration scenarios to ensure compliance with copyleft obligations.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Strong |
| License clarity | Clear |
| Deployment complexity | Moderate |
| DEV.co fit | Strong |
| Assessment confidence | High |
Tool accesses Azure credentials (CLI or Powershell auth) and generates state files containing sensitive data (passwords, keys, connection strings); restrict filesystem permissions on generated state and credentials. Telemetry is enabled by default—verify compliance with data residency/privacy policies. Source code review recommended for security-critical environments. No published security audit or vulnerability disclosure process information provided.
Alternatives to consider
Terraform Cloud/Enterprise Remote State + Manual HCL
Manual resource definition avoids import tooling but requires more effort; suitable if generated code quality is consistently insufficient or custom logic is required.
Pulumi (Python/TypeScript)
Offers similar import capabilities with multi-language support and broader cloud coverage, but introduces a different IaC language and ecosystem vs. Terraform.
HashiCorp Terraform Cloud Managed Import UI
Integrated Terraform Cloud UI for smaller-scale imports; lacks batch automation but may suit teams already on Terraform Cloud who prefer UI-driven workflows.
Build on aztfexport with DEV.co software developers
Evaluate aztfexport in a non-production environment first. Test resource coverage, review generated HCL quality, and plan for manual refinement before scaling to production.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
aztfexport FAQ
Will generated Terraform configurations be production-ready?
What happens if an Azure resource type is not supported?
Can I use aztfexport with Terraform Cloud?
Is my data safe with telemetry enabled?
Custom software development services
DEV.co helps companies turn open-source tools like aztfexport into production software. Our software development services cover the full lifecycle — architecture, web development, integration, and maintenance — delivered by software developers and web developers who ship. Engage our software development agency to implement or customize it for your open-source devops stack.
Ready to Bring Azure Resources Under Terraform?
Evaluate aztfexport in a non-production environment first. Test resource coverage, review generated HCL quality, and plan for manual refinement before scaling to production.