Terraform Cheatsheet
Practical Terraform cheatsheet covering essential CLI commands, state management, import, workspaces, and key HCL patterns for variables, locals, outputs, dynamic blocks, and more. Perfect for daily IaC workflows.
No commands found
Try adjusting your search term
Core CLI Commands
Essential Terraform commands for initialization, validation, planning, applying, and destroying infrastructure.
Initialization & Validation
Commands to set up your Terraform workspace and check configuration validity.
Initializes the working directory, downloads providers and modules.
terraform initTerraform has been successfully initialized!Checks whether the configuration is valid (run after init).
terraform validateSuccess! The configuration is valid.Upgrades modules and providers to the latest allowed versions.
terraform init -upgradePlan & Apply
Preview and execute infrastructure changes safely.
Shows what Terraform will create, change, or destroy.
terraform planSaves the plan to a file for later apply.
terraform plan -out=plan.tfplanApplies a saved plan without prompting.
terraform apply plan.tfplanApplies changes without confirmation (use in CI/CD).
terraform apply -auto-approveDestroy
Safely remove all managed infrastructure.
Destroys all resources managed by Terraform.
terraform destroyDestroys only the targeted resource.
terraform destroy -target=aws_instance.exampleState Management
Commands for inspecting, manipulating, and synchronizing Terraform state.
State Commands
Core operations on the Terraform state file.
Lists all resources currently tracked in state.
terraform state listShows detailed attributes of a specific resource in state.
terraform state show aws_instance.exampleMoves or renames a resource in state without recreating it.
terraform state mv aws_instance.old aws_instance.newRemoves a resource from state (does not delete the actual infrastructure).
terraform state rm aws_instance.exampleImport & Taint
Bring existing resources under management and force recreation.
Imports an existing EC2 instance into Terraform state.
terraform import aws_instance.example i-1234567890abcdef0Replaces (recreates) a resource on the next apply (preferred over taint).
terraform apply -replace=aws_instance.exampleState Pull & Push
Synchronize local and remote state files.
Downloads the current remote state.
terraform state pullUploads a local state file to the remote backend.
terraform state push state.tfstateWorkspaces
Manage multiple isolated state environments (dev, staging, prod) with the same code.
Workspace Commands
Create, switch, list, and delete workspaces.
Creates and switches to a new workspace named 'dev'.
terraform workspace new devLists all workspaces (* indicates current).
terraform workspace listSwitches to the 'prod' workspace.
terraform workspace select prodDeletes the 'dev' workspace (must not be current).
terraform workspace delete devHCL Essentials
Core HashiCorp Configuration Language patterns used in every Terraform project.
Variables, Locals & Outputs
Input variables, computed locals, and exposed outputs.
Defines a variable with default, a local for reuse, and an output.
variable "region" { type = string default = "us-east-1"}
locals { common_tags = { Environment = var.environment ManagedBy = "Terraform" }}
output "vpc_id" { value = aws_vpc.main.id description = "The ID of the VPC"}Data Sources
Read-only queries for external data.
Fetches the latest Ubuntu AMI for use in resources.
data "aws_ami" "ubuntu" { most_recent = true owners = ["099720109477"] # Canonical
filter { name = "name" values = ["ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*"] }}Dynamic Blocks & for_each
Advanced HCL patterns for repeatable configuration.
for_each & Dynamic Blocks
Create multiple resource instances and nested blocks dynamically.
Creates one IAM user per item in the set using for_each.
resource "aws_iam_user" "users" { for_each = toset(["alice", "bob"]) name = each.key}Generates multiple ingress blocks dynamically from a list/map.
resource "aws_security_group" "example" { name = "example"
dynamic "ingress" { for_each = var.ingress_rules content { from_port = ingress.value.from_port to_port = ingress.value.to_port protocol = ingress.value.protocol cidr_blocks = ingress.value.cidr_blocks } }}Provider Configuration
Common patterns for configuring Terraform providers.
Provider Patterns
Declaring and configuring providers, including aliases.
Required providers block and basic + aliased configuration.
terraform { required_providers { aws = { source = "hashicorp/aws" version = "~> 5.0" } }}
provider "aws" { region = var.region}
# Aliased provider for multi-regionprovider "aws" { alias = "west" region = "us-west-2"}Debugging
Tools and techniques for troubleshooting Terraform issues.
Logging & Terraform Console
Enable detailed logs and test expressions interactively.
Enables the most verbose logging (TRACE, DEBUG, INFO, WARN, ERROR).
TF_LOG=TRACE terraform planInteractive REPL to test expressions and functions.
terraform console> join(", ", ["a", "b"])"a, b"You might also enjoy
Check out some of our other posts on similar topics
6 related posts