Terraform is very powerful. It can do what CloudFormation or Bicep could not. Yes. We can create a Spotify playlist with Terraform. That’s a serious statment and not a joke 🙂 Terraform architecture consists of Terraform Core and it supports providers as plugins. There are 1000s of providers including AWS, GCP, Azure, Oracle Cloud. Their documentation and tutorials are great too. HCL – Hashicorp Configuration Language is easy to understand and VS Code has great tooling to use Terraform.There are some concerns about the BSL license and that’s how OpenTofu was born.
| Command | Purpose |
|---|---|
| terraform -h | Displays help information for Terraform commands. |
| terraform -install-autocomplete | Enables tab completion for Terraform commands. Restart your terminal or source your shell profile. Supports all major shells – zsh, bash, fish etc. |
| terraform version | Displays the current version of Terraform. |
| terraform init | Initializes a Terraform configuration directory. Downloads providers/modules and configures backend |
| terraform init -reconfigure | Reconfigures the backend settings for a Terraform configuration. This will not migrate the state |
| terraform init -migrate-state | Migrates the Terraform state to a new backend. |
| terraform init -upgrade | Upgrades all previously installed modules and plugins to the latest version. |
| terraform init -backend-config=prod.hcl -migrate-state | Initializes with a specific backend configuration file and migrates the state. |
| terraform get | Download or update modules specified in your configuration file. Only handles module dependencies |
| terraform providers | Lists the providers required by the configuration. |
| terraform fmt | Formats the Terraform configuration files to a canonical format. |
| terraform fmt -recursive | Formats Terraform configuration files recursively in the directory structure. |
| terraform validate | Validates the Terraform configuration for syntax and logical errors. |
| terraform validate -json | Outputs the validation result in JSON format. |
| terraform plan | Generates an execution plan showing what actions Terraform will take to achieve the desired state. |
| terraform plan -out my-aws-plan | Saves the generated execution plan to a file for later use with terraform apply. |
| terraform plan -var aws_region=us-east-1 | Overrides a variable value when creating the execution plan. |
| terraform plan -refresh-only | Creates a plan to update the state file with any changes from the infrastructure without modifying it. |
| terraform plan -destroy | Creates a plan to destroy all resources managed by the configuration. |
| terraform apply | Applies the changes required to reach the desired state of the configuration. |
| terraform apply -destroy | Applies the destruction of all resources managed by the configuration. |
| terraform apply my-aws-plan | Applies the changes specified in a saved execution plan file. |
| terraform apply -auto-approve | Applies changes without prompting for user confirmation. |
| terraform apply -lock-timeout=60s | Sets a timeout for locking the state file when applying changes. |
| terraform apply -replace=”aws_instance.web_server” | Forces Terraform to replace a specific resource during apply. |
| terraform apply -refresh=false | Skips state refresh so apply can be quick. Not recommended for production |
| terraform destroy | Destroys all resources managed by the Terraform configuration. |
| terraform state list | Lists all resources in the current Terraform state. |
| terraform state show aws_instance.web_server | Displays detailed information about a specific resource in the state. |
| terraform import aws_instance.aws_linux i-0e882c5d99743d145 | Imports an existing infrastructure resource into Terraform state. |
| terraform workspace show | Displays the name of the current workspace. |
| terraform workspace list | Lists all workspaces in the current directory. |
| terraform workspace select stage | Switches to a different workspace. In this case a workspace named “stage” |
| terraform workspace new uat | Creates a new workspace name “uat” |
| terraform workspace delete dev | Deletes an existing workspace |
| terraform state mv <source> <destination> | Moves an item in the Terraform state. |
| terraform state pull | Retrieves and outputs the state from a remote state backend. |
| terraform state push | Updates the remote state with the local state. |
| terraform state rm <resource> | Removes resources from the Terraform state. |
| terraform state show <resource> | Displays detailed information about a specific resource in the state. |
| terraform state replace-provider | Replaces provider references in the Terraform state. |
| terraform console | Opens an interactive console for evaluating Terraform expressions. Acquires lock for the state |
| terraform login | Authenticates the Terraform CLI with a Terraform Cloud or Enterprise account. |
| terraform output | Displays the outputs defined in the Terraform configuration. |
| terraform output public_ip | Displays the value of a specific output, such as public_ip. |
| terraform graph | Generates a visual graph (.DOT file) of the Terraform resources and their dependencies. Uses the state file to generate the dependencies. If state file is not available, it can use the configuration file. |
| terraform force-unlock LOCK_ID | Removes the lock from terraform state. Forcing an unlock can lead to state corruption, if another operation is still running. |
| terraform module list | Lists all modules used in the configuration |
| JSON Output | Most commands above support json output with -json . terraform state list -json terraform version -json terraform providers schema -json terraform show -json <planfile> terraform output -json |