Terraform-Commands-Cheatsheet
3 min readJun 8, 2021
No need to run in terror from Terraform. Close that search engine tab and check out ultimate Terraform Cheatsheet.
Terraform Command Lines
- Terraform CLI tricks
markdown terraform -install-autocomplete
#Setup tab auto-completion, requires logging back in
Format and Validate Terraform code
terraform fmt
#format code per HCL canonical standardterraform validate
#validate code for syntaxterraform validate -backend=false
#validate code skip backend validation
Initialize your Terraform working directory
terraform init
#initialize directory, pull down providersterraform init -get-plugins=false
#initialize directory, do not download pluginsterraform init -verify-plugins=false
#initialize directory, do not verify plugins for Hashicorp signature
Plan, Deploy and Cleanup Infrastructure
terraform apply --auto-approve
#apply changes without being prompted to enter “yes”terraform destroy --auto-approve
#destroy/cleanup deployment without being prompted for “yes”terraform plan -out plan.out
#output the deployment plan to plan.outterraform apply plan.out
#use the plan.out plan file to deploy infrastructureterraform plan -destroy
#outputs a destroy planterraform apply -target=aws_instance.my_ec2
#only apply/deploy changes to the targeted resourceterraform apply -var my_region_variable=us-east-1
#pass a variable via command-line while applying a configurationterraform apply -lock=true
#lock the state file so it can’t be modified by any other Terraform apply or modification action(possible only where backend allows locking)terraform apply refresh=false
# do not reconcile state file with real-world resources(helpful with large complex deployments for saving deployment time)terraform apply --parallelism=5
#number of simultaneous resource operationsterraform refresh
#reconcile the state in Terraform state file with real-world resourcesterraform providers
#get information about providers used in current configuration
Terraform Workspaces
terraform workspace new mynewworkspace
#create a new workspaceterraform workspace select default
#change to the selected workspaceterraform workspace list
#list out all workspaces
Terraform State Manipulation
terraform state show aws_instance.my_ec2
#show details stored in Terraform state for the resourceterraform state pull > terraform.tfstate
#download and output terraform state to a fileterraform state mv aws_iam_role.my_ssm_role module.custom_module
#move a resource tracked via state to different moduleterraform state replace-provider hashicorp/aws registry.custom.com/aws
#replace an existing provider with anotherterraform state list
#list out all the resources tracked via the current state fileterraform state rm aws_instance.myinstace
#unmanage a resource, delete it from Terraform state file
Terraform Import And Outputs
terraform import aws_instance.new_ec2_instance i-abcd1234
#import EC2 instance with id i-abcd1234 into the Terraform resource named “new_ec2_instance” of type “aws_instance”terraform import 'aws_instance.new_ec2_instance[0]' i-abcd1234
#same as above, imports a real-world resource into an instance of Terraform resourceterraform output
#list all outputs as stated in codeterraform output instance_public_ip
# list out a specific declared outputterraform output -json
#list all outputs in JSON format
Terraform Miscelleneous commands
terraform version
#display Terraform binary version, also warns if version is oldterraform get -update=true
#download and update modules in the “root” module.
Terraform Console(Test out Terraform interpolations)
echo 'join(",",["foo","bar"])' | terraform console
#echo an expression into terraform console and see its expected result as outputecho '1 + 5' | terraform console
#Terraform console also has an interactive CLI just enter “terraform console”echo "aws_instance.my_ec2.public_ip" | terraform console
#display the Public IP against the “my_ec2” Terraform resource as seen in the Terraform state file
Terraform Graph(Dependency Graphing)
terraform graph | dot -Tpng > graph.png
#produce a PNG diagrams showing relationship and dependencies between Terraform resource in your configuration/code
Terraform Taint/Untaint(mark/unmark resource for recreation -> delete and then recreate)
terraform taint aws_instance.my_ec2
#taints resource to be recreated on next applyterraform untaint aws_instance.my_ec2
#Remove taint from a resourceterraform force-unlock LOCK_ID
#forcefully unlock a locked state file, LOCK_ID provided when locking the State file beforehand
Terraform Cloud
terraform login
#obtain and save API token for Terraform cloudterraform logout
#Log out of Terraform Cloud, defaults to hostname app.terraform.io