Are you looking to get certified in DevOps, SRE and DevSecOps?
Get Certified!
Ahead from others!
Security is Key
Tomorow's Platform!

Terraform state explained!!!

By – christophchamp

  • Terraform keeps the remote state of the infrastructure
  • It stores it in a file called terraform.tfstate
  • There is also a backup of the previous state in terraform.tfstate.backup
  • When you execute terraform apply, a new terraform.tfstate and backup is created
  • This is how Terraform keeps track of the remote state
    • If the remote state changes and you run terraform apply again, Terraform will make changes to meet the correct remote state again.
    • E.g., you manually terminate an instance that is managed by Terraform, after you run terraform apply, it will be started again.
  • You can keep the terraform.tfstate in version control (e.g., git).
    • This will give you a history of your terraform.tfstate file (which is just a big JSON file)
    • This allows you to collaborate with other team members (however, you can get conflicts when two or more people make changes at the same time)
  • Local state works well with simple setups. However, if your project involves multiple team members working on a larger setup, it is better to store your state remotely
    • The Terraform state can be saved remotely, using the backend functionality in Terraform.
    • Using a remote store for the Terraform state will ensure that you always have the latest version of the state.
    • It avoids having commit and push the terraform.tfstate file to version control.
    • However, make sure the Terraform remote store you choose supports locking! (note: both s3 and consul support locking)
  • The default state is a local backend (the local Terraform state file)
  • Other backends include:
    • AWS S3 (with a locking mechanism using DynamoDB)
    • Consul (with locking)
    • Terraform Enterprise (the commercial solution)
  • Using the backend functionality has definite benefits:
    • Working in a team, it allows for collaboration (the remote state will always be available for the whole team)
    • The state file is not stored locally and possible sensitive information is only stored in the remote state
    • Some backends will enable remote operations. The terraform apply will then run completely remotely. These are called enhanced backends.
  • There are two steps to configure a remote state:
    1. Add the back code to a .tf file
    2. Run the initialization process
Rajesh Kumar
Follow me