Infrastructure as Code
Terraform provisions infrastructure using declarative code.
On this page
Use this page for fast recall. Use Full documentation when you want the complete end-to-end path.
A simple 5-step flow you can follow when using Terraform in real work.
1) Setup
Install/run the tool and confirm version. Create a minimal config.
2) Small change
Do one small action end-to-end to prove the workflow.
3) Validate
Check output, logs, and status. Catch mistakes early.
4) Automate
Convert it into a repeatable script or pipeline step.
5) Productionize
Add safety: secrets, rollback, observability, and docs.
These are practical sequences you can copy into your own checklist or runbook.
Goal: Keep infrastructure changes reviewable and safe.
- Use remote state with locking (S3+DynamoDB, etc.).
- Run fmt+validate on every PR.
- Always review `plan` output before apply.
- Apply from a controlled runner (CI/CD) with approvals for prod.
- Avoid `-target` except for emergency recovery.
- Resources
- State
- Modules
Learning path (high-level):
- Resource basics
- Module reuse
- Remote state and workflow
Initialize
Command
terraform initPlan
Command
terraform planApply
Command
terraform applyShort descriptions and practical intent. Search, filter, copy, and reuse.
Showing 22
terraform versionShow Terraform version.
terraform fmt -recursiveFormat all Terraform files.
terraform validateValidate configuration syntax.
terraform initInitialize providers and backend.
terraform init -upgradeUpgrade provider versions within constraints.
terraform planPreview changes.
terraform plan -out tfplanSave the plan for later apply.
terraform applyApply changes (interactive).
terraform apply tfplanApply a saved plan.
terraform destroyDelete managed infrastructure.
terraform showShow current state in human-readable form.
terraform outputPrint outputs (useful for wiring).
terraform state listList resources in state.
terraform state show <addr>Show a resource from state.
terraform state mv <from> <to>Move resources in state (refactor).
terraform state rm <addr>Remove a resource from state (danger).
terraform import <addr> <id>Bring existing resource under Terraform.
terraform taint <addr>Mark resource for recreation (legacy).
terraform plan -target=<addr>Plan only a specific resource (use carefully).
terraform workspace listList workspaces.
terraform workspace new devCreate a workspace.
terraform workspace select devSwitch workspaces.
Small blocks you can drop into your terminal, config, or runbook.
Safe local workflow
bash
terraform fmt -recursive
terraform validate
terraform plan -out tfplan
terraform apply tfplanWhen things break, follow this order to stay calm and move fast.
- If state is locked: confirm no active apply is running; unlock only when safe.
- If drift happens: re-run plan and reconcile with the smallest changes.
- If resources want replacement: read the diff; it may cause downtime.
The common mistakes that slow people down when using Terraform.
- Copy-pasting commands without understanding inputs/outputs and side effects.
- Not documenting defaults (ports, paths, credentials) and then getting stuck in prod.
- Skipping logs and metrics when troubleshooting; always collect evidence first.
Do these tasks in order. You will feel the tool instead of just reading about it.
- Create a small module with variables and outputs, then reuse it in a root config.
- Practice `plan`, `apply`, and `destroy` safely with a remote state backend (if possible).
- Introduce drift and reconcile using `refresh`/`plan` changes.
Use these to test if you truly understand the basics (and can explain them clearly).
- Explain the tool’s role in a real CI/CD pipeline from commit to production.
- Describe the most common failure you’ve seen with this tool and how you fixed it.
- What would you monitor/alert on for this tool in production?