liminfo

Terraform Reference

Free reference guide: Terraform Reference

43 results

About Terraform Reference

The Terraform Reference is a searchable cheat sheet covering HashiCorp Configuration Language (HCL) syntax for infrastructure as code. It includes resource blocks, provider configuration, data sources, output values, and local variable definitions -- the foundational building blocks you need to declare and manage cloud infrastructure declaratively with Terraform.

This reference organizes over 40 entries across eight categories: Basics, Resources, Variables, Modules, State, Provider, Functions, and CLI. The Resources section covers AWS services including EC2 instances, S3 buckets, security groups, VPCs, and Lambda functions. The Variables section details string, number, list, map, and object types along with validation rules for enforcing input constraints.

Beyond resource definitions, this cheat sheet covers critical operational topics such as S3 remote state backends with DynamoDB locking, state management commands (list, mv, import, rm), module creation and registry usage, lifecycle meta-arguments like create_before_destroy and prevent_destroy, and essential CLI workflows from terraform init through terraform destroy. Built-in functions including lookup(), cidrsubnet(), merge(), try(), and format() are documented with practical examples.

Key Features

  • Complete HCL syntax reference for resource, provider, data source, output, and locals blocks
  • AWS resource examples for EC2, S3, Security Groups, VPC, and Lambda with production-ready patterns
  • Variable type system covering string, number, list, map, object, and custom validation rules
  • Module patterns including local modules, Terraform Registry modules, and for_each iteration
  • State management guide with S3 backend configuration, DynamoDB locking, import, and state mv commands
  • Lifecycle meta-arguments: create_before_destroy, prevent_destroy, and ignore_changes explained
  • Built-in function reference for lookup(), cidrsubnet(), merge(), concat(), try(), and format()
  • Full CLI workflow from terraform init, plan, apply, destroy, fmt, to validate with common flags

Frequently Asked Questions

What Terraform version does this reference cover?

This reference covers Terraform 1.5+ syntax and conventions. It uses the modern required_providers block syntax inside the terraform block, HCL2 language features, and current best practices such as for_each over count for resource iteration. The examples use hashicorp/aws provider version 5.x.

How do I set up a remote state backend with S3?

Configure the backend block inside your terraform block with bucket name, key path, region, and a DynamoDB table for state locking. The reference includes a complete S3 backend example with encrypt = true and dynamodb_table for preventing concurrent modifications to your state file.

What is the difference between count and for_each?

Both create multiple resource instances, but count uses an integer index (count.index) while for_each iterates over a set or map using each.key and each.value. for_each is generally preferred because removing an item from the middle of a list does not force recreation of subsequent resources, unlike count which re-indexes.

How do I import existing infrastructure into Terraform?

Use terraform import <resource_address> <resource_id> to bring existing resources under Terraform management. For example, terraform import aws_instance.web i-1234567890abcdef0 imports an EC2 instance. After importing, run terraform plan to verify the configuration matches the actual resource state.

When should I use modules in Terraform?

Use modules to encapsulate reusable infrastructure patterns. Create a local module under modules/ with its own variables, resources, and outputs, then call it with the module block. For common patterns like VPCs or EKS clusters, use verified modules from the Terraform Registry with version pinning to ensure reproducibility.

What are lifecycle meta-arguments used for?

Lifecycle blocks control resource behavior during updates. create_before_destroy ensures a replacement is created before the old resource is destroyed, which is critical for zero-downtime deployments. prevent_destroy blocks accidental deletion of critical resources. ignore_changes tells Terraform to skip drift detection on specified attributes like tags managed externally.

How do variable validation rules work?

Add a validation block inside a variable definition with a condition expression and error_message. The condition must evaluate to true for the variable value to be accepted. For example, you can use contains() to restrict an environment variable to only "dev", "staging", or "prod" values, providing clear error messages when invalid values are supplied.

What built-in functions are most commonly used?

The most frequently used functions include lookup() for map value retrieval with defaults, merge() for combining tag maps, concat() for joining lists, cidrsubnet() for calculating subnet CIDR blocks from a VPC CIDR, format()/formatlist() for string interpolation, and try()/can() for graceful error handling in complex expressions.