A cheat sheet of common Terraform commands to help you with infrastructure as code:

Terraform Initialization

• terraform init: Initializes a Terraform working directory by downloading the provider plugins required for the configuration.

Terraform Plan

• terraform plan: Creates an execution plan, showing what actions will be taken without making any changes. It's used to preview what Terraform will do.

Terraform Apply

• terraform apply: Executes the actions proposed in the Terraform plan. This command creates, updates, or destroys infrastructure based on your configuration.

Terraform Destroy

• terraform destroy: Destroys all resources managed by the Terraform configuration. Use this to clean up your environment.

Terraform State

• terraform state list: Lists all resources in the Terraform state file.
• terraform state show <resource>: Shows the attributes of a resource in the state.
• terraform state rm <resource>: Removes a resource from the state file without destroying the resource.

Terraform Validate

• terraform validate: Validates the Terraform configuration files in a directory, checking for syntax errors.

Terraform Format

• terraform fmt: Formats your Terraform code according to the canonical style, making it easier to read and maintain.

Terraform Workspace

• terraform workspace new <name>: Creates a new Terraform workspace.
• terraform workspace select <name>: Switches to an existing workspace.
• terraform workspace list: Lists all the workspaces in the current working directory.

Terraform Output

• terraform output: Displays the outputs defined in the configuration.
• terraform output <name>: Displays a specific output value.

Terraform Import

• terraform import <resource_type>.<resource_name> <id>: Imports existing infrastructure into your Terraform state.

Terraform Taint

• terraform taint <resource>: Marks a resource for recreation during the next terraform apply.
• terraform untaint <resource>: Removes the tainted mark from a resource, so it won't be recreated on the next apply.

Terraform Refresh

• terraform refresh: Updates the state file with the latest information from the infrastructure without modifying the infrastructure.

Terraform Graph

• terraform graph: Generates a visual graph of Terraform resources and their dependencies.

Terraform Version

• terraform version: Displays the current version of Terraform installed.

Terraform Show

• terraform show: Provides a human-readable output of the Terraform state or plan file.

Testing with Terraform can be approached in several ways to ensure that your infrastructure code behaves as expected. Below are some strategies and tools you can use:

1. Terraform Plan and Apply

• terraform plan: Before applying any changes, always run terraform plan to see what will be modified. This helps ensure that the proposed changes align with your expectations.
• terraform apply: After reviewing the plan, run terraform apply in a controlled environment (like a staging or test environment) to validate that the changes deploy as expected.

2. Using terraform validate

• terraform validate: This command checks the syntax and validity of your Terraform configuration files. It doesn't deploy anything but ensures that your code is free of syntax errors.

3. Unit Testing with terraform validate

• Create Modules: Break down your Terraform code into reusable modules.
• Validate Syntax: Use terraform validate to ensure that each module is syntactically correct.
• Mock Variables: Use terraform plan with mocked variable files to simulate different input scenarios.

4. Automated Testing with Terraform

a. Terratest

• Terratest: A Go library that allows you to write automated tests for your Terraform code. With Terratest, you can:Execute terraform apply and verify the results.Validate infrastructure properties (e.g., checking if an EC2 instance is running).Test rollbacks and failure scenarios.Example test case with Terratest:

b. Kitchen-Terraform

• Kitchen-Terraform: A plugin for Test Kitchen that allows you to test your Terraform code. It provides a framework for defining tests and running them in isolation.

c. Checkov

• Checkov: A static analysis tool that scans Terraform code (among other IaC tools) for security issues, misconfigurations, and best practices.Install Checkov: pip install checkovRun Checkov: checkov -d /path/to/terraform/code

5. Integration Testing

• Spin Up a Test Environment: Deploy your Terraform code to a non-production environment (e.g., staging).
• Run Tests: Use testing tools (e.g., Terratest, InSpec) to verify that resources are created correctly.
• Teardown: After tests are complete, tear down the environment using terraform destroy.

6. Continuous Integration (CI)

• Integrate with CI/CD Pipelines: Automate the testing of your Terraform code by integrating it into your CI/CD pipelines (e.g., Jenkins, GitHub Actions, GitLab CI).Run terraform validate, terraform plan, and any unit tests as part of your CI pipeline.Deploy changes to a test environment, run integration tests, and ensure everything works before deploying to production.

7. Use terraform fmt and terraform lint

• terraform fmt: Automatically formats your Terraform code to meet style guidelines.
• terraform lint: Linting tools like tflint can be used to catch potential issues and enforce best practices.

8. Manual Validation

• Review Plan Outputs: Carefully review the output of terraform plan to ensure that changes are as expected.
• Peer Review: Have another engineer review your Terraform configuration changes before applying them.

Testing Terraform code is crucial to ensure that your infrastructure behaves as expected and to prevent costly errors in production environments. By incorporating these practices and tools into your workflow, you can confidently manage and deploy infrastructure as code.