To Be a Terraform Expert
I was using AWS before I join the current company, but I don't even know terraform before I interview with the current company. I got hit by Terraform at first, it's really hard to deal with states.
Use -target
with plan
command to collaborate
When you work with your colleagues with same terraform project, sometimes they maybe need to apply some changes that haven't merged yet for testing, when you run the plan command, you will find that terraform want to destroy his resources. You can wait until his changes have merged. But actually, you can use the -target
to limit your resources for the plan command. So, you can run the plan command happily without destroying other people's resources.
Use remote state to collaborate with others
If you need to work on the same project with your colleagues, you need to set up a remote state. We use s3
as our state backend, it will use s3 bucket to store the state file, and a DynamoDB table to store the lock. If you encounter some problems, you maybe need to check these resources manually to confirm it's all working properly.
Use state rm
command to put resources outside terraform
You know, the state file includes the states terraform known about your resources, but what will happen if you delete some resources through other tools (e.g., make changes through AWS console)? Terraform didn't know those changes. We can use state rm
command to tell terraform not to manage these states in the feature. Beware that, the destroy
command will remove remote resources, and the state rm
will only remove from the state, if you haven't removed the remote resources through other tools, the resources will still there.
Use state mv
command after you rename resources
We may need to change the resource name in our codes, for example rename or put the resource under another module. After the rename the Terraform usually will create a plan that include destroy and create. We can use mv
to rename the resource names in the state file, so that Terraform will know the changes and create a correct plan.
Use import
command to import resources inside terraform
Sometimes, it's easy to create some resources through web UI. With import
command, we can create resources through the web UI, and then import them to terraform state.
Use fake modules to solve dependency
If you have use providers in your module when you delete that module, terraform will report an error, that it can't find providers. It's annoying when you use modules in modules. You can simply create some fake module, these modules only have the same names as the original modules, but didn't have any resources. After apply, you can safely remove these fake modules.
Use temporary workspace and console
to test terraform expressions
HCL for terraform was not a programming language, but we can't stop to do programming in terraform. When we write some expressions, we need to test it. I suggest creating a temporary project to test it. Think about that you have a big project with 20+ resources, you need to refresh the states every time you want to run terraform plan.
Simply put the expressions in a locals
block, and output the results in output
blocks, you will see the terraform plan command run very fast.