Terraform.md

🧾 Terraform Cheat Sheet (Beginner → Advanced)

📘 Introduction

Terraform by HashiCorp is an open-source Infrastructure as Code (IaC) tool used to provision and manage cloud, on-prem, and SaaS infrastructure through configuration files written in HCL (HashiCorp Configuration Language).

With Terraform, you define infrastructure in a declarative format, allowing for versioning, reusability, automation, and consistency across environments.

🔹 Key Concepts

Term	Description
Providers	Plugin responsible for managing a specific cloud platform (e.g., AWS).
Resources	Infrastructure components like EC2, S3, etc.
Variables	Input values passed into configuration.
Outputs	Values that Terraform returns after execution.
State File	Keeps track of resources Terraform manages.

---

🌍 Terraform Commands

🟢 Beginner Commands (Click to Expand)

🔹 Check Version

terraform version

🔹 Initialize Working Directory

terraform init

🔹 Validate Configuration

terraform validate

🔹 Format Code

terraform fmt

🔹 Show Help

terraform -help
terraform plan -help

---

🟡 Intermediate Commands (Click to Expand)

🔹 Plan Infrastructure Changes

terraform plan

🔹 Apply Infrastructure Changes

terraform apply

🔹 Destroy Infrastructure

terraform destroy

🔹 Output Variables

terraform output
terraform output my_variable

🔹 Manage State

terraform state list
terraform state show <resource>

---

🔴 Advanced Commands (Click to Expand)

🔹 Target Specific Resources

terraform apply -target=aws_instance.example
terraform destroy -target=module.vpc

🔹 Work with Modules

terraform get
terraform init -upgrade

🔹 Backend Configuration

terraform init -backend-config="key=my-state.tfstate"

🔹 Import Existing Infrastructure

terraform import aws_instance.example i-12345678

🔹 Graph Dependency Tree

terraform graph | dot -Tpng > graph.png

---

🟢 Beginner Commands

🔹 terraform version

Shows the installed version of Terraform.

terraform version

---

🔹 terraform init

Initializes the working directory with provider plugins and backend config.

terraform init

💡 Run this once per project after writing your .tf files.

---

🔹 terraform validate

Validates your configuration files for syntax errors.

terraform validate

---

🔹 terraform plan

Shows what actions Terraform will take without applying them.

terraform plan

📌 Use before every apply to preview infrastructure changes.

---

🔹 terraform apply

Applies changes to reach the desired infrastructure state.

terraform apply

• You can auto-approve with:

terraform apply -auto-approve

---

🔹 terraform destroy

Removes infrastructure defined in the configuration files.

terraform destroy

• Auto-confirm with:

terraform destroy -auto-approve

---

🔹 terraform fmt

Automatically formats .tf files to canonical style.

terraform fmt

• Format all recursively:

terraform fmt -recursive

---

🟡 Intermediate Commands

🔹 terraform show

Displays human-readable output of the current or saved state.

terraform show
terraform show terraform.tfstate

---

🔹 terraform output

Prints the values of output variables after apply.

terraform output
terraform output instance_ip

---

🔹 terraform state list

Lists all resources tracked in the current state file.

terraform state list

---

🔹 terraform state show

Displays details about a specific resource in the state.

terraform state show aws_instance.example

---

🔹 terraform taint

Forces recreation of a resource on the next apply.

terraform taint aws_instance.example

---

🔹 terraform untaint

Removes taint from a resource.

terraform untaint aws_instance.example

---

🔹 terraform import

Brings existing infrastructure into Terraform state.

terraform import aws_instance.example i-0abcd1234efgh5678

---

🔹 terraform graph

Generates a dependency graph (in DOT format).

terraform graph | dot -Tpng > graph.png

---

🔹 terraform providers

Lists all providers used in the current configuration.

terraform providers

---

🔹 terraform workspace commands

Used to manage multiple workspaces (e.g., dev, staging, prod).

terraform workspace new dev
terraform workspace select dev
terraform workspace list

---

🔴 Advanced Commands

🔹 terraform plan -out=tfplan

Saves the execution plan to a file.

terraform plan -out=tfplan

Then apply it later:

terraform apply tfplan

---

🔹 terraform apply -target=resource

Apply only specific resources.

terraform apply -target=aws_instance.example

---

🔹 terraform state mv

Moves/renames resources in the state.

terraform state mv aws_instance.old aws_instance.new

---

🔹 terraform state rm

Removes resource from state (does NOT destroy it in the cloud).

terraform state rm aws_instance.example

---

🔹 terraform console

Opens an interactive console to evaluate HCL expressions.

terraform console
> var.instance_type

---

🔹 terraform login

Authenticates to Terraform Cloud or Enterprise.

terraform login

---

🔹 terraform logout

Logs out from Terraform Cloud.

terraform logout

---

🔹 terraform force-unlock

Force-unlocks a state file after a failed operation.

terraform force-unlock <LOCK_ID>

---

📌 Common Command Workflows

🛠 New Project

terraform init
terraform plan
terraform apply

🔁 Make a Change

terraform fmt
terraform validate
terraform plan
terraform apply

🧽 Destroy Infra

terraform destroy

Great — here’s the full version of the Terraform.md cheat sheet with introductory info at the top and additional learning resources at the bottom, perfect for your repo:

---

🧠 Tips & Best Practices

• Keep .tfstate files secure (use S3 + DynamoDB for remote locking)
• Use terraform.tfvars or .auto.tfvars for sensitive input variables
• Mark secrets using sensitive = true in outputs
• Use modules for reusable code
• Always run terraform plan before apply
• Version-lock providers in required_providers

---

📚 Learning Resources

• 🔗 Official Docs
• 📘 Terraform Registry
• 🎓 Learn Terraform (Free)
• 🧪 Checkov - IaC Scanning
• 📖 Terraform CLI Reference