Terraform Taints, Logging
Links: 113 Terraform Index
Taints¶
- There can be cases where resource creation fails when we run
terraform apply.- When this happens terraform marks the resources as tainted.
- If the resource is tainted and we run
terraform applyit will be recreated.- Example: If we are using provisioners while creating an EC2 instance and for some reason the provisioner fails then terraform will mark the resource as tainted even though it may have been created by terraform. Running the
terraform applycommand will try to recreate the resource. - Use case: Suppose we created and EC2 instance running Nginx using terraform. We manually changed the version of Nginx on that instance. Running
terraform applywon't recreate the instance since it already exists. But if we want terraform to recreate it then we can taint the resource.
- Example: If we are using provisioners while creating an EC2 instance and for some reason the provisioner fails then terraform will mark the resource as tainted even though it may have been created by terraform. Running the
- Tainting:
terraform taint aws_instance.web_server - Un-tainting:
terraform untaint aws_instance.web_server
Logging¶
- Using logs in terraform
export TF_LOG=TRACE
traceis the most verbose.- This will display a lot of logs.
- Storing the logs persistently:
export TF_LOG_PATH=/tmp/terraform.log
- To disable logging we unset the environment variables
unset TF_LOG,unset TF_LOG_PATH
Last updated: 2023-01-13