Terraform Troubleshooting and Migration Cheat Sheet

Terraform•Permalink

Commands and patterns for debugging, upgrades, migration, and state repair in Terraform.

View

Standard Detailed Compact

Export

Copy the compact sheet, download it, or print it.

Download

`D` dense toggle · `C` copy all

Debugging

Logs, provider issues, and plan inspection.

Enable TRACE logs

Turn on maximum logging detail for hard-to-diagnose issues.

↗#

bashANYterraformdebuglogstrace

bash

export TF_LOG=TRACE

Turn on maximum logging detail for hard-to-diagnose issues.

Write debug log to file

Capture debug logs into a file for later analysis.

↗#

bashANYterraformdebuglogs

bash

export TF_LOG=DEBUG && export TF_LOG_PATH=terraform-debug.log

Capture debug logs into a file for later analysis.

Inspect provider schemas

Dump provider schemas for automation or debugging tools.

↗#

bashANYterraformprovidersschemajson

bash

terraform providers schema -json > providers-schema.json

Dump provider schemas for automation or debugging tools.

Use detailed exit codes

Return 0 for no changes, 2 for changes, 1 for errors; useful in CI.

↗#

bashANYterraformplanexit-codeci

bash

terraform plan -detailed-exitcode

Return 0 for no changes, 2 for changes, 1 for errors; useful in CI.

Upgrade and Migration

Version-locking and migration-related commands.

Legacy 0.13 upgrade helper

Legacy helper command that updated provider source declarations in Terraform 0.13.

↗#

bashANYterraformupgradelegacy

bash

terraform 0.13upgrade

Legacy helper command that updated provider source declarations in Terraform 0.13.

Upgrade after version changes

Refresh provider selections and lock file after changing constraints.

↗#

bashANYterraformupgradeproviderslock

bash

terraform init -upgrade && terraform providers lock -platform=linux_amd64 -platform=darwin_arm64

Refresh provider selections and lock file after changing constraints.

Moved module address snippet

Preserve state when refactoring module paths or names.

↗#

hclANYterraformmovedmodules

hcl

moved {
  from = module.network.aws_subnet.private["a"]
  to   = module.vpc.aws_subnet.private["a"]
}

Preserve state when refactoring module paths or names.

State Repair

State surgery patterns for emergencies and refactors.

Inspect module resource

Inspect one resource nested inside a module.

↗#

bashANYterraformstatemodule

bash

terraform state show module.vpc.aws_vpc.this

Inspect one resource nested inside a module.

Move module resource

Move a tracked object between module addresses.

↗#

bashANYterraformstatemvmodules

bash

terraform state mv module.old.aws_s3_bucket.logs module.new.aws_s3_bucket.logs

Move a tracked object between module addresses.

Remove one indexed instance

Remove a single indexed or keyed instance from state.

↗#

bashANYterraformstatermcount

bash

terraform state rm aws_instance.web[0]

Remove a single indexed or keyed instance from state.

Drift and Recovery

Recover from drift, failed runs, and manual changes.

Detect and record drift

Refresh state from real infrastructure without proposing config changes.

↗#

bashANYterraformdriftrefresh-only

bash

terraform plan -refresh-only

Refresh state from real infrastructure without proposing config changes.

Apply refresh-only changes

Persist refreshed state after infrastructure drift detection.

↗#

bashANYterraformdriftrefresh-onlyapply

bash

terraform apply -refresh-only -auto-approve

Persist refreshed state after infrastructure drift detection.

Import after state loss

Rebuild Terraform state associations after state loss or partial migration.

↗#

bashANYterraformimportrecovery

bash

terraform import aws_db_instance.main my-db-instance-id

Rebuild Terraform state associations after state loss or partial migration.

More in Terraform

Terraform HCP Remote and CI Cheat Sheet

Commands and snippets for HCP Terraform remote runs, CLI auth, automation, and CI-friendly usage.

Terraform Language Patterns Cheat Sheet

High-value HCL patterns for variables, locals, outputs, loops, conditionals, dynamic blocks, and data shaping.

Terraform Modules and Providers Cheat Sheet

Commands and snippets for modules, providers, version constraints, registry access, and dependency management.

Terraform Workspaces and State Cheat Sheet

Manage Terraform CLI workspaces, local and remote state, imports, and state surgery commands.

Terraform CLI Cheat Sheet

Core Terraform CLI commands for init, plan, apply, state, output, variables, workspaces, and automation.

Recommended next

kubeadm Cheat Sheet

KUBERNETES

Bootstrap, join, cert, kubeconfig, reset, phase, image, and upgrade commands for kubeadm-managed clusters.

Kubernetes JSONPath and Kustomize Cheat Sheet

KUBERNETES

JSONPath recipes, custom output patterns, jq/yq workflows, and Kustomize commands supported by kubectl.

Kubernetes Troubleshooting Cheat Sheet

KUBERNETES

Debugging, inspection, RBAC checks, rollout failures, node health, and maintenance-oriented kubectl workflows.

Kubernetes Networking, Storage, and Config Cheat Sheet

KUBERNETES

Services, ingress, EndpointSlices, network policies, PVCs, PVs, storage classes, ConfigMaps, Secrets, and nodes.

Kubernetes Workloads Cheat Sheet

KUBERNETES

Deployments, StatefulSets, DaemonSets, Jobs, CronJobs, autoscaling, rollouts, and workload maintenance.

Kubernetes & kubectl Cheat Sheet

KUBERNETES

Comprehensive kubectl commands for contexts, resources, apply flows, creation, deletion, logs, and cluster introspection.

Browse all sheets →