• terraform init Initialize directory & pull down providers
  • terraform init -get-plugins=false Initialize directory, but do not download plugins
  • terraform init -verify-plugins=false Initialize directory, but do not verify plugins for Hashicorp signature
  • terraform init -upgrade Initialize directory & upgrade modules and plugins

Format & Validate

  • terraform fmt Format code per HCL canonical standard
  • terraform validate Validate validate code for syntax
  • terraform validate -backend=false Validate code skip

Plan, Apply & Destroy

  • terraform plan -out plan.out Output the deployment plan to plan.out
  • terraform apply plan.out Use the plan.out plan file to deploy infrastructure
  • terraform apply --auto-approve Apply changes without being prompted to enter “yes”
  • terraform plan -destroy Outputs a destroy plan
  • terraform apply -target=aws_instance.my_ec2 Only apply/deploy changes to the targeted resource
  • terraform apply -var my_region_variable=us-east-1 Pass a variable via command-line while applying a configuration
  • terraform apply -lock=true Lock the state file so it can’t be modified by any other Terraform apply or modification action
  • terraform apply refresh=false Do not reconcile state file with real-world resources
  • terraform apply --parallelism=5 Number of simultaneous resource operations
  • terraform refresh Reconcile the state in Terraform state file with real-world resources
  • terraform providers Get information about providers used in current configuration


  • terraform state show aws_instance.my_ec2 Show details stored in Terraform state for the resource
  • terraform state pull > terraform.tfstate Download and output terraform state to a file
  • terraform state mv aws_iam_role.my_ssm_role module.custom_module Move a resource tracked via state to different module
  • terraform state replace-provider hashicorp/aws registry.custom.com/aws Replace an existing provider with another
  • terraform state list List out all the resources tracked via the current state file
  • terraform state rm aws_instance.myinstace Unmanage a resource, delete it from Terraform state file

Import & Outputs

  • terraform import aws_instance.new_ec2_instance i-abcd1234 Import EC2 instance with id i-abcd1234 into the Terraform resource named “new_ec2_instance” of type “aws_instance”
  • terraform output List all outputs as stated in code
  • terraform output instance_public_ip List out a specific declared output
  • terraform output -json List all outputs in JSON format


  • terraform -install-autocomplete Set cli auto completion
  • terraform version Display Terraform binary version
  • terraform get -update=true Download and update modules in the “root” module
  • terraform graph | dot -Tpng > graph.png Produce a PNG diagrams showing relationship and dependencies between Terraform resource in your configuration/code
  • terraform taint aws_instance.my_ec2 Taints resource to be recreated on next apply
  • terraform untaint aws_instance.my_ec2 Remove taint from a resource
  • terraform force-unlock LOCK_ID Forcefully unlock a locked state file, LOCK_ID provided when locking the State file beforehand