terraform init
- initialize the working directory
- download and install provider plugins
- download modules
- create state file
- NOT create sample main.tf
terraform init -upgrade
- update new provider
terraform validate
- validates config syntax
terraform import <resource address> <resource id>
- import existing non-terraformed cloud environment to terraform state.
terraform plan
- check proposed configure compare to state file by +-
terraform plan -destroy
- show the resources that will be destroyed
terraform plan -out=FILE
- Put plan into a file
terraform plan -refresh-only
- only update the state file for the existing cloud environment
terraform apply
- apply config and do the terraform refresh
terraform destroy
terraform refresh
- make the state file same as existing cloud environment if there is a drift
terraform state mv <old_name> <new_name>
- rename resource name
terraform taint
- destroy and rebuild a resource
terraform fmt
- align the configuration codes
terraform state list
- list all tracked resources
terraform state show
- show a particular resources information
terraform.tfstate
- a state file
workspaces
- using different state files
local-exec provisioner
- invokes local executable
remote-exec provisioner
- invokes remote resource
Collection function: slice
String function: split, join, chomp
terraform force-unlock
- unlock state
Private Module Registry
Public Module Registry
Terraform Cloud by HashiCorp
- store remote state file
TF_LOG
- store log to stderr
Hidden .terraform directory
- cached provider plugins and modules
Connection block
- provider authentication
Data block
Provider block
Resource block
Local block
.terraform.lock.hcl
- track provider dependencies and versions
Sentinel enforce policy
- In terraform cloud, run before terraform apply
terraform console
- experiment with Terraform’s built-in functions