Terraform Cheat Sheet

Updated 2026-04-27

Terraform is HashiCorp's open-source infrastructure as code (IaC) tool that provisions and manages cloud and on-premises resources using declarative configuration files written in HashiCorp Configuration Language (HCL). It works by building a dependency graph of your infrastructure, determining the optimal execution order, and applying changes through provider-specific APIs to AWS, Azure, GCP, Kubernetes, and hundreds of other platforms. Understanding Terraform's workflow—write configuration, initialize providers, plan changes, apply infrastructure—is essential, but the real power lies in mastering state management, modules, meta-arguments, and the growing set of ephemeral and lifecycle features (including removed, ephemeral, and write-only arguments) that enable you to build scalable, maintainable, and secrets-safe infrastructure with minimal manual intervention.

What This Cheat Sheet Covers

This topic spans 30 focused tables and 254 indexed concepts. Below is a complete table-by-table outline of this topic, spanning foundational concepts through advanced details.

Table 1: Core CLI CommandsTable 2: Configuration BlocksTable 3: Meta-ArgumentsTable 4: Lifecycle ArgumentsTable 5: Variable TypesTable 6: Variable Definition MethodsTable 7: Output ConfigurationTable 8: Backend TypesTable 9: State Management CommandsTable 10: String FunctionsTable 11: Collection FunctionsTable 12: Numeric and Type FunctionsTable 13: Encoding and Hash FunctionsTable 14: File and Path FunctionsTable 15: Date and Time FunctionsTable 16: IP and Network FunctionsTable 17: Conditional and Logic FunctionsTable 18: ExpressionsTable 19: ProvisionersTable 20: Special ResourcesTable 21: Workspace CommandsTable 22: Module SourcesTable 23: Version ConstraintsTable 24: Common Plan and Apply FlagsTable 25: Environment VariablesTable 26: Advanced State OperationsTable 27: Provider Configuration PatternsTable 28: Dependency Lock FileTable 29: Testing and ValidationTable 30: Best Practices and Patterns

Table 1: Core CLI Commands

Command	Example	Description
terraform init	`terraform init`	Initializes a working directory, downloads provider plugins, and sets up the backend.
terraform plan	`terraform plan -out=tfplan`	• Generates an execution plan showing what actions Terraform will take • use `-out` to save for apply.
terraform apply	`terraform apply tfplan`	Executes the actions proposed in a plan — creates, updates, or deletes resources to match configuration.
terraform destroy	`terraform destroy`	• Destroys all resources managed by the current configuration • use `-target` to destroy specific resources.
terraform validate	`terraform validate`	Validates the syntax and internal consistency of configuration files without accessing remote services.
terraform fmt	`terraform fmt -recursive`	• Formats configuration files to a canonical style • use `-recursive` to format all subdirectories.
terraform import	`terraform import aws_instance.web i-1234567890abcdef0`	Brings existing infrastructure under Terraform management by importing it into state.
terraform state	`terraform state list`	• Manages the state file • supports subcommands: `list`, `show`, `mv`, `rm`, `pull`, `push`.
terraform output	`terraform output vpc_id`	• Extracts the value of an output variable from the state file • useful for passing values between modules.

Table 1: Core CLI Commands

Command	Example	Description
terraform init	`terraform init`	Initializes a working directory, downloads provider plugins, and sets up the backend.
terraform plan	`terraform plan -out=tfplan`	• Generates an execution plan showing what actions Terraform will take • use `-out` to save for apply.
terraform apply	`terraform apply tfplan`	Executes the actions proposed in a plan — creates, updates, or deletes resources to match configuration.
terraform destroy	`terraform destroy`	• Destroys all resources managed by the current configuration • use `-target` to destroy specific resources.
terraform validate	`terraform validate`	Validates the syntax and internal consistency of configuration files without accessing remote services.
terraform fmt	`terraform fmt -recursive`	• Formats configuration files to a canonical style • use `-recursive` to format all subdirectories.
terraform import	`terraform import aws_instance.web i-1234567890abcdef0`	Brings existing infrastructure under Terraform management by importing it into state.
terraform state	`terraform state list`	• Manages the state file • supports subcommands: `list`, `show`, `mv`, `rm`, `pull`, `push`.
terraform output	`terraform output vpc_id`	• Extracts the value of an output variable from the state file • useful for passing values between modules.