Terraform fails because tfstate (S3 backend) is lost

Question

I am creating AWS infrastructure using Terraform, and using S3 backend configuration. Now the issue is, someone deleted the S3 bucket storing the state, and now every time I run terraform it fails saying the resources already exist. The old tfstate is lost, and new has no information about existing resources. Note: I do not have write access to the AWS environment. I trigger terraform via Jenkins CD pipeline, so I cannot manually modify the infrastructure or run any terraform command.

Is there a way to cleanup existing resources or force recreating resources(if they already exist) with tf file? This is the only place I can make changes.

Answer 1

You really are in a mess. You need to restore the S3 bucket or make a new one and point your code at that. You then need to recreate the state you lost, that or delete every object you created via Terraform and start again. Most objects have the ability to import existing objects via the Terraform import command.

This could be a significantly large task.

And you'd be needing write access to the bucket? Terraform refresh is only going to help if you still had the state file. You don't. If you haven't got permission to do that, then maybe give up that or persist in getting sufficient privilege.

If you can't run Terraform locally then you are also wasting your time. Good luck.

However....

You don't want to be here again. How did you delete/lose the bucket? You really need that never to happen again as @ydaetskcoR said some MFA protection on the bucket - definitely do that and adding versioning to it is a REALLY good idea. Also if you haven't added DynamoDB locking to the bucket do so, its really worth it.

This may also be a good time to think/dwell about tagging your infrastructure, then you might be able to identify what infra belonged to the code. That would also help - well next time.