Getting Started with Terraform Pt->2: State Files and Commands

2022.06.15

We examined the building elements of a tf file in Part 1: providers and resources. In this blog, we will learn numerous commands that are essential for any terraform user.

We will also talk about and learn about the various state files in Terraform and their importance.

Apply, Create and Destroy

Let's make a first ec2.tf file that launches a basic EC2 instance.

provider "aws" {
  region     = "us-west-2"
  access_key = "your-access-key"
  secret_key = "your-secret-key"
}


resource "aws_instance" "myFirstEc2Instance" {
  ami           = "ami-0ca285d4c2cda3300"
  instance_type = "t2.micro"
}

terraform plan

Running the plan command before any creation is a mandatory and recommended practice. This command will inform us of the modifications that Terraform will make. It will either add, alter, or destroy resources. It is strongly advised to check the modifications made by Terraform in a production environment.

terraform apply

Terraform apply, as the name implies, will execute (create, alter) resources according on the code you have supplied.

Terraform is so smart and secure by nature that it will show us the plan again and ask for approval in the form of a yes or no to execute.

terraform destroy

This is the fascinating command since it contains several cautions.

To destroy the previously generated instance, simply run terraform destroy.

The tricky part in destroying

Let's add a bucket to the same file and run terraform apply

resource "aws_s3_bucket" "b" {
  bucket = "terraform-s3-devIOblog-2022-bucket"

  tags = {
    Name        = "for blog"
    Environment = "DevIO"
  }
}

resource "aws_s3_bucket_acl" "example" {
  bucket = aws_s3_bucket.b.id
  acl    = "private"
}

What if we only want to destroy our ec2 instance and not our s3 bucket? We cannot use terraform destroy for this since it would wipe all resources.

To remove a specific resource, we must use the -target flag, resource.local_resource_name, and the destroy command.

terraform destroy -target aws_instance.myFirstEc2Instance

Note:- If you run terraform plan again, it will add the ec2 instance again because it is still in the code.

Another method for deleting certain resources is to comment out the code of the resource that Terraform should ignore.

Terraform state file (terraform.tfstate)

When we selectively destroy the ec2 command and then run terraform plan, terraform attempts to re-create our ec2 instance.

This is due to the fact that Terraform stores a state of resources in a file named terraform.tfstate.

When Terraform discovers that the ec2 instance has no state, it attempts to build the resource and update the state file.

When you run terraform destroy, the data in the terraform .tfstate file is deleted.

Note:- The Terraform state file contains not just Terraform-related information, but also information from the environment, such as an EC2 IP address or a security group.

It is highly recommended to not edit (manually) or change terraform .tfstate or its backup file.

Conclusion

There are numerous situations when we need to selectively destroy resources rather than destroying all resources; in these cases, the -target flag comes in handy.

Understanding how terraform state maintains the state informs us about how infrastructure states are managed.