Codifying Infrastructure

Import unmanaged cloud resources into infrastructure code through the Bluebricks agent

Overview

The agent can identify unmanaged resources across your connected cloud providers, recommend which ones to bring under management, and handle the entire import process: generating the code, validating it against your live environment, and opening a pull request. You can also ask it to import specific resources directly.

How it works

Ask the agent to find unmanaged resources, or tell it what to import:

Codify the unmanaged S3 buckets in the production account

Which resources in my AWS account aren't managed by code?

The agent then:

Identifies resources in the context layer that match your request
Generates infrastructure code from the selected resources
Validates the configuration by running a plan and checking for errors
Iterates until the plan reaches a no-changes state, confirming the code matches your live infrastructure
Opens a pull request with the generated code for your review

Each step runs inline in the conversation. You see progress updates, generated code blocks, and a plan summary as the agent works. If it encounters an issue (for example, cross-resource dependencies it cannot resolve), it stops and explains what happened so you can adjust your request.

Once complete, the codified resources appear as managed in the context layer and a pull request is ready for your review on GitHub.

Grouping unrelated resources in the same request may cause the import to fail due to dependency conflicts. Stick to resources that belong together.

Reviewing the generated code

After a successful import, you can retrieve the full Terraform code locally using the Bricks CLI:

bricks blueprint fetch

Once fetched, you can review, modify, and push the code to your Git repositories.

Importing from the Cloud Graph

You can also start an import from the Cloud Graph by selecting unmanaged resources visually instead of through conversation.

Prerequisites

The collection must have both discovery permissions and orchestration permissions enabled. Without both, the agent cannot analyze existing resources or execute the generated code.

How to import from the Cloud Graph

Open the Cloud Graph
Select a collection with orchestration and discovery icons (O) (D)
In the explorer drawer, select one or more unmanaged resources
Add an environment name
Click Import

After the import begins:

The drawer switches to the agent tab
The agent codifies the selected resources, iterating until the code and state are synced
The agent publishes the blueprint and creates the environment

When complete:

The generated blueprint appears in the blueprints list
The created environment appears in the environments list
The Cloud Graph refreshes with the new managed nodes

Best practices

Import logically related resources together, for example resources that make up a single workload
Use clear and descriptive environment names
Review generated blueprints before applying further changes
Create smaller, focused blueprints over large, monolithic ones

Notes and limitations

Some resources may require manual adjustments after import
Import does not modify live infrastructure during the process

PreviousAgent Overview NextReading a Bluebricks PR

Last updated 29 days ago

Was this helpful?

Good night

hashtagOverview

hashtagHow it works

hashtagReviewing the generated code

hashtagImporting from the Cloud Graph

hashtagPrerequisites

hashtagHow to import from the Cloud Graph

hashtagBest practices

hashtagNotes and limitations