Terraformcloud~5 mins

Code review for infrastructure changes in Terraform - Commands & Configuration

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

When you change infrastructure code, you want to check it carefully before applying. Code review helps catch mistakes and ensures the changes are safe and correct.

When you add a new server or resource to your cloud setup

When you update network settings like firewalls or load balancers

When you change storage or database configurations

When you want to avoid accidental downtime from wrong changes

When working in a team to share responsibility and knowledge

Commands

This command sets up Terraform in your project folder. It downloads necessary plugins and prepares the environment for running plans and applies.

Terminal

terraform init

Expected OutputExpected

Initializing the backend... Initializing provider plugins... - Finding latest version of hashicorp/aws... - Installing hashicorp/aws v4.0.0... - Installed hashicorp/aws v4.0.0 (signed by HashiCorp) Terraform has been successfully initialized!

This command shows what changes Terraform will make to your infrastructure without applying them. It saves the plan to a file for review and later application.

Terminal

terraform plan -out=tfplan

Expected OutputExpected

An execution plan has been generated and is saved to tfplan. To perform exactly these actions, run the following command to apply: terraform apply "tfplan"

→

-out=tfplan - Saves the plan to a file for later use

This command converts the saved plan into a JSON file. This file can be used for detailed code review or automated checks.

Terminal

terraform show -json tfplan > plan.json

Expected OutputExpected

No output (command runs silently)

→

-json - Outputs the plan in JSON format

After reviewing the plan, this command applies the changes to your infrastructure exactly as planned.

Terminal

terraform apply tfplan

Expected OutputExpected

terraform apply tfplan Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Key Concept

If you remember nothing else from this pattern, remember: always generate and review a plan before applying infrastructure changes.

Common Mistakes

Running 'terraform apply' without first running 'terraform plan'

You might apply unintended changes that cause downtime or errors.

Always run 'terraform plan' to see what will change before applying.

Not saving the plan to a file and applying directly

You cannot review or reuse the exact plan, risking inconsistent changes.

Use 'terraform plan -out=tfplan' to save the plan and apply it later.

Ignoring the JSON plan output for automated or detailed review

Misses the chance to catch subtle errors or policy violations before applying.

Export the plan to JSON with 'terraform show -json' and review or use tools to analyze it.

Summary

Initialize Terraform with 'terraform init' to prepare your environment.

Generate and save a plan with 'terraform plan -out=tfplan' to see changes.

Export the plan to JSON for detailed review using 'terraform show -json tfplan > plan.json'.

Apply the reviewed plan safely with 'terraform apply tfplan'.