Terrasave

Published on 04/24/2020

I just released a tiny tool function I’ve been using for some time called terrasave. It’s a Bash / Fish function that prevents you from running terraform without the -target option.

Why does this exist?

In terraform it is incredibly easy to destroy things with terraform apply. If you run apply terraform shows a huge output and sometimes you may overlook a thing being “replaced” instead of updated. Once upon a time I destroyed a MongoDB Atlas Cluster this way and lost all its data, because the “must be replaced” was hidden in a lot of terraform output and I simply didn’t see it. I only realized when terraform logged “Still destroying cluster…” to the console.

Some terraform resources, like Amazon ECS Services, are not idempotent, so they change on every apply. This cluttered my terminal with stuff I could ignore on every change as well as unnecessary updates to the infra (ECS Services being replaced despite no changes were made).

To prevent this, I forced myself to only use terraform with the -target switch, and this tiny script helps me accomplish that.

Usage

After installing the tool you can just work as you’d normally do: terrasave acts as a shell alias for terraform so whenever you run terraform in a terminal, the call goes “through” the terrasave function. If the function detects apply but not -target it outputs an error and exits.

$ terraform apply
Please run "terraform apply" with -target option

If you must run terraform without a target you can do so by specifying an environment variable:

$ TERRAFORM_SAVE_DISABLE_I_KNOW_WHAT_I_DO=1 terraform apply

You can get the source code and installation instructions on github.com/kevingimbel/terrasave. Hopefully this little tool will save your infra. :)

Categories

Tags

Like this?

This website contains no advertisement, no tracking, no paid articles, and no shady-things-whatsoever. It is just content, provided free of charge and with accessibility in mind.

If you would like to support me in providing content - and code - for free or if this page has helped you or your company, consider supporting me directly.

You can support me via:

A colorful image of me wearing my DIY mask. The image has a colorful glitch effect.

Kevin Gimbel

is a DevOps Engineer and avid (Video) Gamer. He’s also interested in Sci-Fi, Cyberpunk, and dystopian books.

Wearing a mask is a good idea!

You can find out more about me if you wish.