Terraformcloud~5 mins

State and real infrastructure mapping in Terraform - Commands & Configuration

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

When you use Terraform to create or change cloud resources, it keeps a record called the state. This state helps Terraform know what resources exist and what needs to be updated or deleted. Mapping the state to the real infrastructure means checking that Terraform's record matches what is actually running in the cloud.

When you want to see what resources Terraform has created in your cloud account.

When you need to update or delete resources and want to avoid mistakes.

When you want to check if someone changed resources outside of Terraform.

When you are starting to manage existing resources with Terraform.

When you want to safely plan changes before applying them.

Config File - main.tf

main.tf

terraform {
  required_version = ">= 1.0"
}

provider "aws" {
  region = "us-east-1"
}

resource "aws_s3_bucket" "example_bucket" {
  bucket = "example-terraform-bucket-12345"
  acl    = "private"
}

This file tells Terraform to use AWS in the us-east-1 region.

It creates one S3 bucket named "example-terraform-bucket-12345" with private access.

Terraform will track this resource in its state file to map it to the real bucket in AWS.

Commands

This command sets up Terraform in the current folder. It downloads the AWS provider plugin so Terraform can talk to AWS.

Terminal

terraform init

Expected OutputExpected

Initializing the backend... Initializing provider plugins... - Finding latest version of hashicorp/aws... - Installing hashicorp/aws v4.0.0... - Installed hashicorp/aws v4.0.0 (signed by HashiCorp) Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes required for your infrastructure.

This command shows what Terraform will do to match the configuration with the real infrastructure. It compares the state file with the config and cloud resources.

Terminal

terraform plan

Expected OutputExpected

An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # aws_s3_bucket.example_bucket will be created + resource "aws_s3_bucket" "example_bucket" { + acl = "private" + bucket = "example-terraform-bucket-12345" + id = (known after apply) } Plan: 1 to add, 0 to change, 0 to destroy.

This command applies the changes to create the S3 bucket in AWS and updates the state file to map the real resource.

Terminal

terraform apply -auto-approve

Expected OutputExpected

aws_s3_bucket.example_bucket: Creating... aws_s3_bucket.example_bucket: Creation complete after 2s [id=example-terraform-bucket-12345] Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

→

-auto-approve - Automatically approves the apply without asking for confirmation.

This command lists all resources Terraform currently tracks in its state file, showing the mapping to real infrastructure.

Terminal

terraform state list

Expected OutputExpected

aws_s3_bucket.example_bucket

This command shows detailed information about the resources in the state file, confirming what Terraform knows about the real infrastructure.

Terminal

terraform show

Expected OutputExpected

aws_s3_bucket.example_bucket: id = example-terraform-bucket-12345 acl = private bucket = example-terraform-bucket-12345 region = us-east-1

Key Concept

If you remember nothing else from this pattern, remember: Terraform's state file is the trusted record that links your configuration to the real cloud resources.

Common Mistakes

Deleting or changing cloud resources directly in the cloud console without updating Terraform.

Terraform's state will not match the real infrastructure, causing errors or unexpected changes on next apply.

Always make changes through Terraform or update the state using terraform import or terraform state commands.

Losing the state file or not backing it up.

Terraform loses track of resources and cannot safely update or delete them.

Store the state file securely, use remote state storage for teams, and back it up regularly.

Running terraform apply without reviewing terraform plan first.

You might apply unintended changes that affect your real infrastructure.

Always run terraform plan to see proposed changes before applying.

Summary

Use terraform init to prepare your working folder and download necessary plugins.

Use terraform plan to preview changes and see how Terraform maps your config to real resources.

Use terraform apply to create or update resources and update the state file.

Use terraform state list and terraform show to inspect what Terraform tracks and how it maps to real infrastructure.