Terraform - Commands

In this post we will see what will happen when each command is executed and possibly explore the changes that happen under the hood  
  • terraform version - to know the version of the Terraform
  • terraform fmt to adjust the formatting of the code when not indented or spaced properly. This will also print name of file on which it took action. If the code/file is properly indented/formatted, then no action will be taken. The code would still work even if code is not properly formatted/indented.
  • terraform fmt -recursive to adjust the formatting of the code in current and subdirectories as well.
  • terraform init - short for initialization, This command will 
    • check the configuration file(.tf files), initialize backend and provider plugins. 
    • It will also create a ".terraform" directory and ".terraform.lock.hcl" file (contains the details of provider selections and it will be managed only by Terraform. DO NOT edit it manually and it is recommended to store this file in your VCS) and 
    • download plugins into this ".terraform" directory. 
    • Directory structure would be  like ".terraform/providers/registry.terraform.io/hashicorp/<provider_name ...aws>/version/.." 
    • Using these plugins Terraform will access/communicate with Cloud providers API
    • In addition to this, Community based provider plugins are downloaded automatically from TF registry
  • terraform validate will validate the code/configuration by checking the syntax. 
    • Will display a "Success!" message if everything is good.
    • Will display possible suggestions if something is wrong
  • terraform plan 
    • can be run only after init command is run
    • will act like a dry run of the code and shows step by step changes (execution plan) Terraform will do and how but doesn't make any changes to Infra. This command will also display the default or optional arguments which are not specified in the code
    • + in Terraform plan indicate that resource will be created
    • -/+ in Terraform plan indicate that resource will be deleted and created
    • - in Terraform plan indicate that resource will be deleted
    • line with comment "# forces replacement" is responsible for deletion and creation
    • ~ - in Terraform plan indicate that resource will be updated/modified in place
  • terraform plan --refresh=false - By default, when you run terraform plan, Terraform will attempt to refresh the state of the infrastructure before creating the plan. This means Terraform will query the actual state of resources in the cloud (or other provider) and compare them to what's described in the Terraform state and configuration. Using --refresh=false skips this refresh step. This refresh=false is set when we need to,
    1. improve the speed of Terraform plan process
    2. Debugging
    3. Avoid external changes
  • terraform graph - to display dependencies in execution plan graphically. It will be displayed in dot format. Using a software like graphviz, this output can be dep
  • terraform apply - 
    • will display the execution plan again seeking confirmation from the user. 
    • User has to type yes in the prompt to proceed with execution. 
    • Creates/modifies the Infrastructure as per the code in configuration files. 
    • Upon successful execution of apply command, and a state file called "terraform.tfstate" will be created in the working directory
    • -auto-approve flag skips the manual confirmation of "yes" and applies all changes
    • -replace flag would mark the resource for replacement/redeployment. This used to be "terraform taint"earlier

  • terraform destroy -
    • will display the execution plan again with - symbol against the resource and it's arguments seeking confirmation from the user.
    • User has to type yes in the prompt to proceed with execution. 
    • destroys the Infrastructure as per the code and a state file called "terraform.tfstate.backup" will be created. destroy command will also show the plan. All of 
  • terraform show - to see the details of .tf file in the configuration directory or the details of the resource that just got created. This displays state file
  • terraform taint <resouce_name> - marks a resource for taint, it will recreate the resource
  • terraform untaint <resouce_name> - marks a resource for untaint, resource will not get recreated
  • terraform import <resouce_type>.<resource_name> <resourceID> - this will import the manually created Resources in Terraform managed resources. However, we will have to create a resource block before running import 
  • terraform output - to see the output of variables
  • terraform output <variablename> - to see the output of specific variables
  • terraform providers  - to see all the providers used in the configuration directory
  • terraform providers mirror <targetpath> - to copy all the providers used in the current configuration directory to another directory
  • terraform get - 
    • to download the Modules (local or remote) that are referenced in the current configuration files. 
    • "terraform get" can also be used to update the modules to latest version if any changes have occurred
    • From Terraform 0.13 and later, terraform init automatically handles module download/update
  • terraform workspace - 
    • terraform workspace new <workspace_name> - this will create a new workspace and Terraform will switch to this new workspace by setting it as current workspace
    • terraform workspace list - this will all the available workspaces, in the output you will see a workspace with name "default" and it is created by default. A workspace with "*" prefixed against it's name is current workspace.
    • terraform workspace show - to see the current workspace
    • terraform workspace delete <workspace_name>  - to delete given workspace
    • terraform.workspace - this will give name of current workspace, this command works only in Terraform console
    • terraform workspace select <workspace_name> - this will allow us to switch from current workspace to new workspace
    • When using Workspaces, Terraform will create a  "terraform.tfstate.d" directory and store state files corresponding to each workspace, in a separate sub directory with  name of workspace as sub directory's name and state file as "terraform.tfstate"

Terraform state related commands

  • terraform state- 
    • terraform state list - to list the Resources in Terraform state file
    • terraform state list - to list the Resources in Terraform state file
  • terraform show -json - to see the details in JSON format
  • terraform force-unlock - used to unlock a Terraform state file that is locked by another process
  • terraform refresh - to refresh the contents of state file with current infrastructure by reading the current settings from all managed remote objects and updates the Terraform state file to match.
  • Sub commands of terraform state are list, pull, show, mv, rm
    • terraform state list - to list/show the details of resources from state file with out details
    • terraform state show <resource_type.resourcename> - to show the details of single resource from state file with current infrastructure.                                          E.g. terraform state show aws_s3_bucket.buckename
provider --> resource type --> arguments
aws      --> aws instance    --- instance_type, ami

No comments:

Post a Comment

Subscribe to: Posts (Atom)