Terraform Target

How to target resources on Terraform

By default, if you execute the “terraform apply”, Terraform will target and deploy all changes simultaneously. Let’s imagine one scenario where you have a big Terraform project, and your last changes generate a plan that looks complex. Sometimes, we don’t want to apply those changes at once. Today, we will learn how to apply specific changes by targeting them using an argument with Terraform command.

How can we target resources on Terraform?

When you apply modifications to your Terraform projects, Terraform creates a plan that contains all of the discrepancies between your configuration and the resources currently handled by our project, if it’s the case. Then, when we perform “apply,” Terraform will deploy and destroy resources as described in the plan.

Sometimes we may desire to only push part of the change, for example, in cases where Terraform’s state has become out of sync with our resources due to a network issue, a bug in Terraform, trouble with the upstream cloud platform, or its providers. Because of this, Terraform permits us to target specific resources when we execute the phase plan, apply or destroy. However, targeting unique resources can be valuable for troubleshooting errors and not be used as a normal process.

First, identify the resource address on Terraform State.

You can run:

terraform state list

For example, let’s imagine that we have a lot of changes, but we would like to only “apply” the changes for one lambda function.

Our lambda function address in our terraform state is:

aws_lambda_function.msk_rotation_lambda_function

So, to target this change in our terraform apply the command:

terraform apply -target="aws_lambda_function.msk_rotation_lambda_function"

The target argument also works for other terraform commands like plan and destroy.

How to Target a Module

One of the most helpful approaches to using the argument target from Terraform is that we can also target modules. So, once you have the module address. 

In our case: 

module.eks-cluster

So, we can execute:

terraform plan -target=module.eks-cluster

When to avoid using Target on your Terraform code

There are scenarios where you shouldn’t target resources on Terraform. For example, if your project creates an AWS EFS volume. But the EFS name is generated using a random function like random_pet and also defines a Terraform Output to print the EFS name after we create it.  

This should not be a problem on a regular process because, by default, we are applying the change to the resources and their dependencies. However, if we decide to target the random_pet to generate a new EFS, the Terraform State will be untrustworthy. The output may reflect your change if you directly assign the value from random_pet, but Terraform will not change the EFS name.

Conclusion

In this article, we learn how to target Terraform’s resources to determine which resources to apply the changes we want to. Using the Terraform Target argument is helpful in some scenarios, but we should avoid using it because it can induce your infrastructure to become untrustworthy.

Leave a Comment

Your email address will not be published. Required fields are marked *

Free PDF with a useful Mind Map that illustrates everything you should know about AWS VPC in a single view.