Skip to main content

Terraform Commands

  1. Terraform Init

It is used to initialize a working directory containing Terraform configuration files.

terraform init
  1. Terraform Plan

It is used to create an execution plan. It shows what Terraform will do when you call apply.

terraform plan
  1. Terraform Apply

It is used to apply the changes required to reach the desired state of the configuration.

terraform apply
  1. Terraform Validate

We can run this command before applying the changes to check whether the configuration is syntactically valid and internally consistent.

terraform validate

It will print the exact in the console if there is any error in the configuration file.

  1. Terraform Format

It is used to rewrite Terraform configuration files to canonical format and style.

terraform fmt
  1. Terraform Show

It is used to provide human-readable output of current state of the resources.

terraform show

We can also output the state in JSON format by using the following command:

terraform show -json
  1. Terraform Providers

To know the list of providers used in the configuration file, we can use the following command:

terraform providers

To mirror the provider configurations from the configuration file, we can use the following command:

terraform providers mirror ./path/to/new_local_file
  1. Terraform Output

It is used to extract the output variables from the state file.

terraform output
  1. Terraform Refresh

It is used to update the state file according to the real-world infrastructure.

terraform plan

or

terraform apply -refresh-only
  1. Terraform Graph

It is used to generate a visual representation of the configuration and state file.

terraform graph
  1. Terraform Destroy

It is used to destroy the Terraform-managed infrastructure.

terraform destroy

Terraform State Commands

  1. Terraform State List

It is used to list all the resources in the state file.

terraform state list

Or to get the list of resources of a specific type, we can use the following command:

terraform state list <resource-address>
terraform state list aws_instance.my_instance
  1. Terraform State Show

It is used to show the attributes of a single resource in the state file.

terraform state show <resource-address>
terraform state show aws_instance.my_instance
  1. Terraform State Move

It is used to move an item in the state file.

terraform state mv <resource-address> <new-resource-address>
terraform state mv aws_instance.my_instance aws_instance.my_instance_new

When we move the resource in the state file (technically renaming), we have to manually update the configuration file with the new resource name.

  1. Terraform State Pull

It is used to pull the state and output it to the console.

terraform state pull

Additionally, we can jq to get specific information from the state file.

terraform state pull | jq '.resources[] | select(.type == "aws_instance")'
  1. Terraform State Remove

It is used to remove an item from the state file.

terraform state rm <resource-address>
terraform state rm aws_instance.my_instance

One you remove the resource from the state file, we have manually delete the resource block from the configuration file and from the cloud provider.

Terraform Workspace Commands

  1. Terraform Workspace New

It is used to create a new workspace.

terraform workspace new <workspace-name>
terraform workspace new dev
  1. Terraform Workspace List

It is used to list all the workspaces.

terraform workspace list
  1. Terraform Workspace Select

It is used to select a workspace.

terraform workspace select <workspace-name>
terraform workspace select dev
  1. Terraform Workspace Show

It is used to show the current workspace.

terraform workspace show
  1. Terraform Workspace Delete

It is used to delete a workspace.

terraform workspace delete <workspace-name>
terraform workspace delete dev

AWS Commands

  1. AWS Help

It is used to get help for the AWS CLI.

aws help

Or to get help for a specific command, we can use the following command:

aws <command> help
aws iam help
  1. AWS Configure

It is used to configure the AWS CLI.

aws configure
  1. To create an IAM user
aws iam create-user --user-name <user-name>
aws iam create-user --user-name lucy

To break it down here iam is command, create-user is the subcommand, --user-name is the option and lucy is the value of the option.

And the output for the above command will be:

{
    "User": {
        "Path": "/",
        "UserName": "lucy",
        "Tags": [],
        "UserId": "AIDAJJQJH4K7E7EXAMPLE",
        "Arn": "arn:aws:iam::123456789012:user/lucy",
        "CreateDate": "2021-09-29T10:00:00+00:00"
    }
}
  1. To see the list of IAM users
aws iam list-users
  1. To delete an IAM user
aws iam delete-user --user-name <user-name>
aws iam delete-user --user-name lucy
  1. To add a user to an IAM group
aws iam add-user-to-group --user-name <user-name> --group-name <group-name>
aws iam add-user-to-group --user-name lucy --group-name developers
  1. To see attached policies to a user
aws iam list-attached-user-policies --user-name <user-name>
aws iam list-attached-user-policies --user-name lucy
  1. To attach a policy to a user
aws iam attach-user-policy --user-name <user-name> --policy-arn <policy-arn>
aws iam attach-user-policy --user-name lucy --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess
  1. To create an IAM group
aws iam create-group --group-name <group-name>
aws iam create-group --group-name developers
  1. To see the list of IAM groups
aws iam list-groups
  1. To see attached policies to a group
aws iam list-attached-group-policies --group-name <group-name>
aws iam list-attached-group-policies --group-name developers
  1. To attach a policy to a group
aws iam attach-group-policy --group-name <group-name> --policy-arn <policy-arn>
aws iam attach-group-policy --group-name developers --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess