Terraformcloud~30 mins

Terraform taint and untaint (deprecated) - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Terraform taint and untaint (deprecated)

📖 Scenario: You are managing a simple cloud infrastructure using Terraform. Sometimes, resources need to be marked for recreation due to issues or updates. Terraform used to have commands called taint and untaint to mark resources for recreation or to cancel that marking. These commands are now deprecated, but understanding them helps you manage resource lifecycle.

🎯 Goal: Learn how to mark a resource as tainted and then untaint it in Terraform configuration using the deprecated approach, simulating the effect by managing resource lifecycle manually.

📋 What You'll Learn

Create a Terraform resource block for an AWS S3 bucket named exactly example_bucket.

Add a variable should_taint to control whether the bucket should be recreated.

Use a lifecycle block with prevent_destroy set to false to allow recreation.

Add a conditional expression to simulate tainting by forcing recreation when should_taint is true.

💡 Why This Matters

🌍 Real World

Cloud engineers often need to recreate resources when they become unhealthy or need updates. Understanding taint and untaint helps manage resource lifecycle safely.

💼 Career

Knowing how to control resource recreation in Terraform is essential for infrastructure as code roles, ensuring stable and predictable deployments.

Progress0 / 4 steps

Create the AWS S3 bucket resource

Create a Terraform resource block named aws_s3_bucket.example_bucket with the bucket name set to "my-example-bucket-12345".

Terraform

# Your code here

Need a hint?

Use the resource block with type aws_s3_bucket and name example_bucket. Set the bucket attribute to the exact string.

Add a variable to control tainting

Add a Terraform variable named should_taint of type bool with a default value of false.

Terraform

resource "aws_s3_bucket" "example_bucket" {
  bucket = "my-example-bucket-12345"
}

# Your code here

Need a hint?

Define a variable block with the exact name should_taint, type bool, and default false.

Add lifecycle and conditional recreation logic

Inside the aws_s3_bucket.example_bucket resource block, add a lifecycle block with prevent_destroy = false. Then add a force_destroy attribute set to the value of var.should_taint to simulate tainting by forcing recreation when should_taint is true.

Terraform

resource "aws_s3_bucket" "example_bucket" {
  bucket = "my-example-bucket-12345"

  # Your code here
}

variable "should_taint" {
  type    = bool
  default = false
}

Need a hint?

Add force_destroy = var.should_taint and a lifecycle block with prevent_destroy = false inside the resource block.

Simulate untaint by setting variable to false

Set the default value of the variable should_taint to false to simulate untainting the resource and preventing forced recreation.

Terraform

resource "aws_s3_bucket" "example_bucket" {
  bucket = "my-example-bucket-12345"

  force_destroy = var.should_taint

  lifecycle {
    prevent_destroy = false
  }
}

variable "should_taint" {
  type    = bool
  default = false
  # Your code here
}

Need a hint?

Ensure the variable should_taint has default = false to simulate untainting.