Terraform Commands

Spread the love

Link to install terraform: https://learn.hashicorp.com/tutorials/terraform/install-cli

1. Downloading terraform in linux:

—$ sudo wget https://releases.hashicorp.com/terraform/0.13.3/terraform_0.13.3_linux_amd64.zip  

Note: (The above link will be get from the terraform official documentation Link: https://www.terraform.io/downloads.html)

—-$ sudo unzip terraform_0.13.3_linux_amd64.zip -d /usr/local/bin

2. To know the version of the terraform

—–$ terraform –version /$ terraform -v /$ terraform version

3. To view a list of the available commands at any time, just run terraform with no arguments

—-$ terraform

4. Terraform is only a single command-line application: terraform.

To get help for any specific command, pass the -h flag to the relevant subcommand.

—-$ terraform taint -h

5. Command: Init

— $ terraform init command is used to initialize a working directory containing Terraform configuration files.

It’s the first command you need to execute. Unless  terraform plan , apply  , destroy   and import  will not work. The command terraform init   will install :

  • Terraform modules
  • Eventually a backend
  • Provider(s) plugins

Usage: terraform init [options] [DIR]

General Options:

-input=true Ask for input if necessary. If false, will error if input was required.

-lock=false Disable locking of state files during state-related operations.

-lock-timeout=0s Duration to retry a state lock.

-no-color  If specified, output won’t contain any color.

-reconfigure  Reconfigure the backend, ignoring any saved configuration

5.a> Init Terraform and Don’t Ask Any Input

            $ terraform init -input=false ———–>to initialize the working directory.

5.b> Change Backend Configuration During the Init

            $ terraform init -backend-config=cfg/s3.dev.tf -reconfigure —->Here s3.dev.tf is config file name.

Note: -reconfigure is used in order to tell Terraform to not copy the existing state to the new remote state location.

6. Command: get

>The terraform get command is used to download and update modules mentioned in the root module. This command is useful when you have defined some modules.

Usage: terraform get [options] PATH

>Modules are vendored, so when you edit them, you need to get again modules content.

—$ terraform get -update=true

>When you use modules, the first thing you’ll have to do is to do a  terraform get . This pulls modules into the .terraform directory. Once you do that, unless you do another terraform get -update=true, you’ve essentially vendored those modules.

The command-line flags are all optional. The list of available flags are:

-update – If specified, modules that are already downloaded will be checked for updates and the updates will be downloaded if present.

dir – Sets the path of the root module.

7. Command: plan

The terraform plan command is used to create an execution plan. Terraform performs a refresh, unless explicitly disabled, and then determines what actions are necessary to achieve the desired state specified in the configuration files.

Usage: terraform plan [options] [dir]

>The plan step check configuration to execute and write a plan to apply to target infrastructure provider.

$ terraform plan -out plan.out

>It’s an important feature of Terraform that allows a user to see which actions Terraform will perform prior to making any changes, increasing confidence that a change will have the desired effect once applied.

Note: The optional –out argument can be used to save the generated plan to a file for later execution with terraform apply, which can be useful when running Terraform in automation.

>When you execute terraform plan, Terraform will scan all *.tf files in your directory and create the plan.

8. Command: apply

Now you have the desired state so you can execute the plan.

Usage: terraform apply [options] [DIR-OR-PLAN]

$ terraform apply plan.out

> Since Terraform v0.11+, in an interactive mode (non CI/CD/autonomous pipeline), you can just execute terraform apply command which will print out which actions TF will perform.

> By generating the plan and applying it in the same command, Terraform can guarantee that the execution plan won’t change, without needing to write it to disk. This reduces the risk of potentially-sensitive data being left behind, or accidentally checked into version control.

——–$ terraform apply

8a. Apply and Auto Approve: Skip interactive approval of plan before applying.

———$ terraform apply -auto-approve

8b. Apply and Define New Variables Value: Defining new variable file using apply.

———$ terraform apply -auto-approve -var tags-repository_url=${GIT_URL}

8c. Apply Only One Module:

———-$ terraform apply -target=module.s3

-target=resource – A Resource Address to target. For more information, see the targeting docs from terraform plan.

Note: This –target option works with Terraform plan too.

9. Command: destroy

The terraform destroy command is used to destroy the Terraform-managed infrastructure.

Usage: terraform destroy [options] [dir]

$ terraform destroy

Delete all the resources!

A deletion plan can be created before: $ terraform plan –destroy

If –auto-approve is set, then the destroy confirmation will not be shown.


-target option allows to destroy only one resource, for example, an S3 bucket :

$ terraform destroy -target aws_s3_bucket.my_bucket

10. Command: console

The terraform console command provides an interactive console for evaluating expressions.

Usage: terraform console [options] [dir]

Expressions are used to refer to or compute values within a configuration. The simplest expressions are just literal values, like “hello”

Ex: run $ Terraform console

> “hello” 

hello #string: a sequence of Unicode characters representing some text

> 15*8

120  #a numeric value.

> 11>20

false  #it will give you either true or false. bool values can be used in conditional logic.

Note: You can close the console with the exit command or by pressing Control-C or Control-D.

11. Command: graph

The terraform graph command is used to generate a visual representation of either a configuration or execution plan. The output is in the DOT format, which can be used by GraphViz to generate charts.

Usage: terraform graph [options] [DIR]

Visual dependency graph of Terraform resources.

12. Command: validate

The terraform validate command validates the configuration files in a directory, referring only to the configuration and not accessing any remote services such as remote state, provider APIs, etc.

$ terraform validate

13. Command: providers

The terraform providers command prints information about the providers used in the current configuration.

Usage: terraform providers [config-path]

Pass an explicit configuration path to override the default of using the current working directory.

$ terraform providers


├── provider.aws ~> 1.24.0

├── module.my_module

   ├── provider.aws (inherited)

   ├── provider.null

   └── provider.template

└── module.elastic

    └── provider.aws (inherited)

14. Command: State

Terraform must store state about your managed infrastructure and configuration. This state is used by Terraform to map real world resources to your configuration, keep track of metadata, and to improve performance for large infrastructures.

Usage: terraform state <subcommand> [options] [args]

This state is stored by default in a local file named “terraform.tfstate”, but it can also be stored remotely, which works better in a team environment.

Pull Remote State in A Local Copy

$ terraform state pull > terraform.tfstate

Push State in a Remote Backend storage

$ terraform state push

Ex: How to Tell to Terraform You Moved a Resource in A Module?

If you moved an existing resource in a module, you need to update the state:

$ terraform state mv aws_iam_role.role1 module.mymodule

15. Command: import

The terraform import command is used to import existing resources into Terraform.

Usage: terraform import [options] ADDRESS ID

Import will find the existing resource from ID and import it into your Terraform state at the given ADDRESS.

How to Import Existing Resource in Terraform?

If you have an existing resource in your infrastructure provider, you can import it in your Terraform state:

$ terraform import aws_iam_policy.elastic_post


16. Command: login

The terraform login command can be used to automatically obtain and save an API token for Terraform Cloud, Terraform Enterprise, or any other host that offers Terraform services.

Usage: terraform login [hostname]

Note: If you don’t provide an explicit hostname, Terraform will assume you want to log in to Terraform Cloud at app.terraform.io.

17. Command: taint

The terraform taint command manually marks a Terraform-managed resource as tainted, forcing it to be destroyed and recreated on the next apply.

Usage: terraform taint [options] address

Note: The address argument is the address of the resource to mark as tainted. The address is in the resource address syntax syntax, as shown in the output from other commands, such as: aws_security_group.allow_all , aws_instance.foo , aws_instance.bar[1].

18. Command: fmt

Runs terraform fmt to validate all Terraform files in a directory are in the canonical format. If any files differ, this action will comment back on the pull request with the diffs of each file.

Usage: terraform fmt [options] [DIR]

This action succeeds if terraform fmt runs without error.

By default, fmt scans the current directory for configuration files. If the dir argument is provided then it will scan that given directory instead. If dir is a single dash (-) then fmt will read from standard input (STDIN).

19. Command: output

The terraform output command is used to extract the value of an output variable from the state file.

Usage: terraform output [options] [NAME]

With no additional arguments, output will display all the outputs for the root module. If an output NAME is specified, only the value of that output is printed.

20. Command: logout

The terraform logout command is used to remove credentials stored by terraform login. These credentials are API tokens for Terraform Cloud, Terraform Enterprise, or any other host that offers Terraform services.

Usage: terraform logout [hostname]

If you don’t provide an explicit hostname, Terraform will assume you want to log out of Terraform Cloud at app.terraform.io.

Leave a Reply

Your email address will not be published. Required fields are marked *