Terraformcloud~5 mins

Auto-approve flag and its danger in Terraform - Commands & Configuration

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

Terraform helps you create and change cloud resources safely. The auto-approve flag lets you skip the manual approval step when applying changes. This can speed up automation but can also cause unexpected changes without review.

When you want to automate Terraform apply in a script or CI/CD pipeline without manual intervention

When you are confident about the changes and want to save time by skipping the approval prompt

When running quick tests in a disposable environment where manual approval is unnecessary

When you want to avoid blocking automation workflows that require Terraform apply

When you want to reduce human error by automating the entire apply process

Commands

This command plans and applies infrastructure changes but asks for your approval before making any changes.

Terminal

terraform apply

Expected OutputExpected

An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: + aws_instance.example Plan: 1 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value:

This command applies changes immediately without asking for your approval, speeding up automation but risking unintended changes.

Terminal

terraform apply -auto-approve

Expected OutputExpected

An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: + aws_instance.example Plan: 1 to add, 0 to change, 0 to destroy. aws_instance.example: Creating... aws_instance.example: Creation complete after 10s [id=i-1234567890abcdef0] Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

→

-auto-approve - Skips the interactive approval prompt and applies changes immediately

Key Concept

If you remember nothing else from this pattern, remember: using auto-approve skips your chance to review changes and can cause unexpected or harmful infrastructure updates.

Common Mistakes

Using terraform apply -auto-approve without reviewing the plan first

This can cause unintended changes or deletions in your infrastructure without warning.

Always run terraform plan first to review changes before using auto-approve to apply them.

Using auto-approve in production environments without safeguards

It removes the manual checkpoint that helps prevent mistakes in critical systems.

Avoid auto-approve in production or combine it with automated checks and approvals.

Summary

terraform apply runs the plan and waits for your approval before making changes.

Adding -auto-approve skips the approval prompt and applies changes immediately.

Using auto-approve can speed up automation but risks applying unintended changes without review.