This post is dedicated to just documenting the Terraform CLI commands as my original Terraform cheatsheet was getting too long. Please refer back to it if you are trying to learn about any other aspect of Terraform.
Related Posts / Resources
Table Of Contents
- Output Formatting
terraform plan command will tell you what changes are going to be made. Run this command before running terraform apply, which actually applies the changes.
Save To File
You can save the plan to disk with:
terraform plan -out=$PLAN_FILEPATH
... which you can then apply later with the apply command.
One can append the
-refresh-only flag to show what would happen if you were to perform an apply with the
-refresh-only flag enabled
terraform plan --refresh-only
You can run the following command to perform a plan, review the changes, and then confirm to apply them:
Alternatively, if you saved a terraform plan out to a file, you can apply it by providing the filepath:
terraform apply $PLAN_FILE
You can use the
-auto-approve flag to automatically approve the application. You probably only want to do this if you are applying a plan you already reviewed. E.g.
terraform apply -auto-approve $PLAN_FILE
Please read the online docs for more information.
- Sets up the area for terraform.
- Can be run multiple times without issue.
This command completely destroys/removes anything that Terraform set up.
One can use the following command to read the current settings from all of the managed remote objects and updates the terraform state to match.
Essentially, this command refreshes the state from how the infrastructure is actually deployed. This will sync down changes that may have occurred in the field. One such common factor is that AWS RDS instances may have automatically bumped up in minor versions.
You shouldn't need to use this command, because Terraform automatically performs the same refreshing actions as a part of creating a plan in both the terraform plan and terraform apply commands.
- Run the
terraform graphcommand to map out the dependencies in your terraform setup. This will be output in DOT language which you can visualize by using GraphvizOnline.
- Run the
terraform taintcommand to mark a resource as "tainted". This allows you to force it to be replaced the next time you run
- This is useful when you push an update to a docker image, which an EC2 image uses, but only fetches it when it is getting deployed etc.
- Example usage:
terraform taint aws_instance.my_compute_instance
Terraform can import existing infrastructure resources. This functionality lets you bring existing resources under Terraform management.
terraform import $RESOURCE $_ID
terraform import aws_instance.my_vm "i-0b9be609418aa0609"
One can use the following command to search for and remove a resource from the state file. This will mean that Terraform will no longer be tracking the corresponding remote objects. This is essentially the opposite of the import command.
terraform state rm $RESOURCE
terraform state rm aws_instance.my_vm
More can be found in the official docs.
By default, the commands above will output in the shell with colours to highlight things that will be added in green, and things that will be removed in red. If you need to send this output to someone in an email, you need to get it without all the codes for changing the terminal colour. Luckily, this can be achieved by adding the following flag:
terraform plan -no-color
- Terraform Docs - Types and Values
- Terraform Up & Running (Alternative Amazon link)
- Terraform Docs - Install Terraform
- Hashicorp Forum - Error: Error parsing : unexpected token while parsing list: IDENT
- Terraform - Command: taint
- learn.hashicorp.com - Output Data from Terraform
- Stack Overflow - Terraform not accepting AWS credentials from vars/tfvars files
- Stack Overflow - Is there a way where terraform ignores ResourceNotFoundException and destroys the other resources
- Terraform Docs - Use refresh-only mode to sync Terraform state
First published: 13th August 2023