cli-tool
cross-platform
iac
infrastructure
intermediate
"Clase de la hoja"
########################################################################################################################################################################################################################################################## Copiar todos los comandos
■/div titulada
Comandos completos de Terraform y flujos de trabajo de Infraestructura como Código (IaC), incluyendo la gestión de recursos, operaciones estatales y despliegues multicloud.
Instalación
Command
Description
terraform versionShow Terraform version
terraform -helpShow help information
terraform -help planShow help for specific command
Corrientes básicas de trabajo
Operaciones básicas
Command
Description
terraform initInitialize working directory
terraform planCreate execution plan
terraform applyApply changes
terraform destroyDestroy infrastructure
terraform validateValidate configuration
terraform fmtFormat configuration files
Planificación avanzada
Command
Description
terraform plan -out=tfplanSave plan to file
terraform apply tfplanApply saved plan
terraform plan -target=resource.namePlan specific resource
terraform plan -var="key=value"Plan with variables
terraform plan -var-file="vars.tfvars"Plan with variable file
State Management
Operaciones estatales
Command
Description
terraform state listList resources in state
terraform state show resource.nameShow resource details
terraform state mv old_name new_nameMove resource in state
terraform state rm resource.nameRemove resource from state
terraform state pullDownload remote state
terraform state pushUpload state to remote
State Backup and Recovery
Command
Description
terraform state backupCreate state backup
terraform force-unlock LOCK_IDForce unlock state
terraform refreshUpdate state with real resources
Espacios de trabajo
Command
Description
terraform workspace listList workspaces
terraform workspace new devCreate new workspace
terraform workspace select devSwitch to workspace
terraform workspace delete devDelete workspace
terraform workspace showShow current workspace
Importación y salida
Recursos de importación
Command
Description
terraform import resource.name idImport existing resource
terraform import aws_instance.example i-1234567890abcdef0Import AWS instance
Productos
Command
Description
terraform outputShow all outputs
terraform output instance_ipShow specific output
terraform output -jsonShow outputs in JSON
Ejemplos de configuración
Instalación básica AWS EC2
provider "aws" \\\\{
region = "us-west-2"
\\\\}
resource "aws_instance" "example" \\\\{
ami = "ami-0c55b159cbfafe1d0"
instance_type = "t2.micro"
tags = \\\\{
Name = "example-instance"
\\\\}
\\\\}
output "instance_ip" \\\\{
value = aws_instance.example.public_ip
\\\\}
Variables
variable "instance_type" \\\\{
description = "EC2 instance type"
type = string
default = "t2.micro"
\\\\}
variable "environment" \\\\{
description = "Environment name"
type = string
\\\\}
Fuentes de datos
data "aws_ami" "ubuntu" \\\\{
most_recent = true
owners = ["099720109477"] # Canonical
filter \\\\{
name = "name"
values = ["ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*"]
\\\\}
\\\\}
Módulos
module "vpc" \\\\{
source = "terraform-aws-modules/vpc/aws"
name = "my-vpc"
cidr = "10.0.0.0/16"
azs = ["us-west-2a", "us-west-2b"]
private_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
public_subnets = ["10.0.101.0/24", "10.0.102.0/24"]
enable_nat_gateway = true
enable_vpn_gateway = true
\\\\}
Configuración remota del Estado
S3 Backend
terraform \\\\{
backend "s3" \\\\{
bucket = "my-terraform-state"
key = "state/terraform.tfstate"
region = "us-west-2"
\\\\}
\\\\}
Azure Backend
terraform \\\\{
backend "azurerm" \\\\{
resource_group_name = "tfstate"
storage_account_name = "tfstate"
container_name = "tfstate"
key = "prod.terraform.tfstate"
\\\\}
\\\\}
Google Cloud Backend
terraform \\\\{
backend "gcs" \\\\{
bucket = "tf-state-bucket"
prefix = "terraform/state"
\\\\}
\\\\}
Configuración del proveedor
AWS Proveedor
provider "aws" \\\\{
region = "us-west-2"
profile = "default"
default_tags \\\\{
tags = \\\\{
Environment = "production"
Project = "my-project"
\\\\}
\\\\}
\\\\}
Azure Provider
provider "azurerm" \\\\{
features \\\\{\\\\}
subscription_id = "00000000-0000-0000-0000-000000000000"
tenant_id = "00000000-0000-0000-0000-000000000000"
\\\\}
Google Cloud Provider
provider "google" \\\\{
project = "my-project-id"
region = "us-central1"
zone = "us-central1-c"
\\\\}
Características avanzadas
Recursos condicionales
resource "aws_instance" "example" \\\\{
count = var.create_instance ? 1 : 0
ami = data.aws_ami.ubuntu.id
instance_type = var.instance_type
\\\\}
Para cada uno
resource "aws_instance" "example" \\\\{
for_each = toset(var.instance_names)
ami = data.aws_ami.ubuntu.id
instance_type = var.instance_type
tags = \\\\{
Name = each.key
\\\\}
\\\\}
Bloques dinámicos
resource "aws_security_group" "example" \\\\{
name = "example"
dynamic "ingress" \\\\{
for_each = var.ingress_rules
content \\\\{
from_port = ingress.value.from_port
to_port = ingress.value.to_port
protocol = ingress.value.protocol
cidr_blocks = ingress.value.cidr_blocks
\\\\}
\\\\}
\\\\}
Pruebas y validación
Command
Description
terraform validateValidate syntax
terraform validate -jsonValidate with JSON output
Command
Description
terraform plan -detailed-exitcodePlan with detailed exit codes
terraform showShow current state
terraform show -jsonShow state in JSON
Herramientas de terceros
Command
Description
tflintTerraform linter
terraform-docsGenerate documentation
checkov -f main.tfSecurity scanning
tfsec .Security analysis
Depuración y solución de problemas
Registro
Command
Description
TF_LOG=DEBUG terraform planEnable debug logging
TF_LOG=TRACE terraform applyEnable trace logging
TF_LOG_PATH=terraform.log terraform planLog to file
Cuestiones comunes
Command
Description
terraform refreshSync state with reality
terraform taint resource.nameMark resource for recreation
terraform untaint resource.nameRemove taint from resource
Buenas prácticas
Organización
project/
├── main.tf # Main configuration
├── variables.tf # Variable definitions
├── outputs.tf # Output definitions
├── versions.tf # Provider versions
├── terraform.tfvars # Variable values
└── modules/
└── vpc/
├── main.tf
├── variables.tf
└── outputs.tf
Versión Limita
terraform \\\\{
required_version = ">= 1.0"
required_providers \\\\{
aws = \\\\{
source = "hashicorp/aws"
version = "~> 5.0"
\\\\}
\\\\}
\\\\}
Resource Naming
resource "aws_instance" "web_server" \\\\{
# Use descriptive names
ami = data.aws_ami.ubuntu.id
instance_type = var.instance_type
tags = \\\\{
Name = "$\\\\{var.project_name\\\\}-web-$\\\\{var.environment\\\\}"
Environment = var.environment
Project = var.project_name
\\\\}
\\\\}
Prácticas óptimas de seguridad
** Seguridad del Estado**: Use estado remoto con cifrado
Secrets Management : Use tiendas secretas externas** Control de acceso**: Implementar políticas de IAM adecuadas
Code Review : Review all infrastructure changesScanning : Use herramientas de análisis de seguridad
Optimización del rendimiento
Parallelism : Use -parallelism flag for large deploymentsTargeting : Use -target para recursos específicosSeparación del Estado : Dividir estados grandes en pequeñosModule Design : Diseño de módulos reutilizables