Terraform Commands

This post is dedicated to just documenting the Terraform CLI commands as my original Terraform cheatsheet was getting too long. Please refer back to it if you are trying to learn about any other aspect of Terraform.

Related Posts / Resources

• Terraform Cheatsheet

Table Of Contents

• Commands
  • Plan
    • Refresh Only
  • Apply
    • Refresh Only
  • Init
  • Destroy
  • Refresh (Sync)
  • Graph
  • Taint
  • Import
  • State RM
• Output Formatting
  • No Color
• References

Commands

Plan

The terraform plan command will tell you what changes are going to be made. Run this command before running terraform apply, which actually applies the changes.

Save To File

You can save the plan to disk with:

terraform plan -out=$PLAN_FILEPATH

... which you can then apply later with the apply command.

Refresh Only

One can append the -refresh-only flag to show what would happen if you were to perform an apply with the -refresh-only flag enabled

terraform plan --refresh-only

Apply

You can run the following command to perform a plan, review the changes, and then confirm to apply them:

terraform apply

Alternatively, if you saved a terraform plan out to a file, you can apply it by providing the filepath:

terraform apply $PLAN_FILE

Auto Approve

You can use the -auto-approve flag to automatically approve the application. You probably only want to do this if you are applying a plan you already reviewed. E.g.

terraform apply -auto-approve $PLAN_FILE

Documentation Source

Please read the online docs for more information.

Init

terraform init

• Sets up the area for terraform.
• Can be run multiple times without issue.

Destroy

terraform destroy

This command completely destroys/removes anything that Terraform set up.

Refresh (Sync)

One can use the following command to read the current settings from all of the managed remote objects and updates the terraform state to match.

terraform refresh

Essentially, this command refreshes the state from how the infrastructure is actually deployed. This will sync down changes that may have occurred in the field. One such common factor is that AWS RDS instances may have automatically bumped up in minor versions.

You shouldn't need to use this command, because Terraform automatically performs the same refreshing actions as a part of creating a plan in both the terraform plan and terraform apply commands.

This command is deprecated as the default behaviour is unsafe if you have misconfigured credentials for any of your providers.

Graph

• Run the terraform graph command to map out the dependencies in your terraform setup. This will be output in DOT language which you can visualize by using GraphvizOnline.

Taint

• Run the terraform taint command to mark a resource as "tainted". This allows you to force it to be replaced the next time you run terraform plan and terraform apply.
  • This is useful when you push an update to a docker image, which an EC2 image uses, but only fetches it when it is getting deployed etc.
  • Example usage: terraform taint aws_instance.my_compute_instance

Import

Terraform can import existing infrastructure resources. This functionality lets you bring existing resources under Terraform management.

terraform import $RESOURCE $_ID

e.g.

terraform import aws_instance.my_vm "i-0b9be609418aa0609"

Spacelift have a great post on importing existing infrastructure step-by-step. Official documentation page.

State RM

One can use the following command to search for and remove a resource from the state file. This will mean that Terraform will no longer be tracking the corresponding remote objects. This is essentially the opposite of the import command.

terraform state rm $RESOURCE

e.g.

terraform state rm aws_instance.my_vm

More can be found in the official docs.

Output Formatting

No Colour

By default, the commands above will output in the shell with colours to highlight things that will be added in green, and things that will be removed in red. If you need to send this output to someone in an email, you need to get it without all the codes for changing the terminal colour. Luckily, this can be achieved by adding the following flag:

-no-color

e.g.

terraform plan -no-color

References

• Terraform Docs - Types and Values
• Terraform Up & Running (Alternative Amazon link)
• Terraform Docs - Install Terraform
• Hashicorp Forum - Error: Error parsing : unexpected token while parsing list: IDENT
• Terraform - Command: taint
• learn.hashicorp.com - Output Data from Terraform
• Stack Overflow - Terraform not accepting AWS credentials from vars/tfvars files
• Stack Overflow - Is there a way where terraform ignores ResourceNotFoundException and destroys the other resources
• Terraform Docs - Use refresh-only mode to sync Terraform state