π΅ Terraform Diff Symbols (VERY IMPORTANT)
Terraform shows diffs like this:
+ create
~ update in-place
- destroy
-/+ replace
<= read (data source)
Letβs break them down:
β + Create
Terraform will create a resource.
Example:
# aws_lambda_function.put will be created
+ resource "aws_lambda_function" "put" {
Meaning:
Resource does NOT exist in AWS β Terraform will create it.
β ~ Update In-Place
Resource exists but needs modification.
~ memory_size: 128 β 256
Meaning:
Terraform will update the resource without deleting it.
β - Destroy
Terraform will delete a resource.
- resource "aws_lambda_function" "old"
Meaning:
Terraform thinks this resource should not exist.
β -/+ Replace
Resource must be destroyed then recreated.
-/+ resource "aws_lambda_function" "example"
Meaning:
Some attributes force replacement, like:
- function name
Terraform will:
1οΈβ£ destroy
2οΈβ£ recreate
β <= Read
This is for data sources.
<= data "aws_ami" "latest"
Meaning:
Terraform is reading data (not creating anything).
π§ Plan Summary (bottom section)
At the bottom of terraform plan, you always see:
Plan: 3 to add, 1 to change, 0 to destroy
This is your quick summary.
π§ΎTF_LOG and TF_LOG_PATH are environment variables used for debugging Terraform.
Example
export TF_LOG=TRACE
export TF_LOG_PATH=/root/terraform-debug.log
terraform applyTF_LOG Controls how much log detail Terraform prints. Possible values (from least β most detail):
| Level | Use |
|---|---|
ERROR | Only errors |
WARN | Warnings + errors |
INFO | General info (default useful debug) |
DEBUG | Detailed debugging |
TRACE | Maximum verbosity (very detailed) |