Cloud Institution

Call Our Course Advisors + 91 7676370336 (Bangalore) | +91 84319 66507 (Coimbatore)

Menu
+91 76763 70336
Menu

Terraform Plan

By Pooja | 25th Aug 2025

Introduction

Terraform, created by HashiCorp, is a powerful Infrastructure as Code (IaC) tool that allows teams to define, provision, and manage infrastructure in a declarative and automated way. The Terraform workflow is typically summarized in three main steps:

  1. terraform init → Initialization (download providers, modules, set up backend).

  2. terraform plan → Execution plan (preview what changes will be made).

  3. terraform apply → Deployment (apply changes to real infrastructure).

Among these, terraform plan is the most critical step because it provides a safe preview of what Terraform will do before making any real changes. In other words, terraform plan is like a dry run for your infrastructure — it tells you which resources will be created, modified, or destroyed, without actually applying those changes.

This makes terraform plan essential for avoiding mistakes, verifying configurations, collaborating in teams, and ensuring infrastructure deployments are predictable.

What is terraform plan?

terraform plan is a command that evaluates your Terraform configuration files (.tf) against the current state of infrastructure. It then generates an execution plan that shows:

  • What actions Terraform needs to take (create, update, delete, replace).

  • The resources affected.

  • The order of operations.

But it does not apply the changes yet. Instead, it outputs a detailed plan, allowing you to confirm before moving forward with terraform apply.

Purpose of terraform plan

The main goals of using terraform plan are:

  1. Preview Changes Safely – Understand what Terraform will do before touching infrastructure.

  2. Avoid Mistakes – Catch unintended resource modifications or deletions early.

  3. Collaboration – Teams can share the plan to review and approve changes.

  4. CI/CD Pipelines – Plans can be generated in automated pipelines for validation before approval.

  5. Auditability – Plans act as documentation of infrastructure changes.

What Happens When You Run terraform plan?

When executed, Terraform performs the following:

  1. Load Configuration – Reads .tf files in the working directory.

  2. Load State – Retrieves the current state (local or remote backend).

  3. Compare Config vs. State – Identifies differences between declared resources and actual resources.

  4. Generate Execution Plan – Outputs a preview with details of actions (+, -, ~).

  5. Wait for Approval – Does not apply any changes until explicitly told to with terraform apply.

Syntax of terraform plan

The basic syntax is:

terraform plan [options]

Common Options:

  • -out=FILENAME → Save the plan to a file, which can be executed later.

  • -destroy → Show a plan to destroy all resources.

  • -var 'key=value' → Pass variables at runtime.

  • -var-file=FILENAME → Provide a variable file.

  • -target=RESOURCE → Generate a plan for specific resources only.

Symbols in Terraform Plan

Terraform uses intuitive symbols to indicate actions:

  • + (Create) → Resource will be created.

  • - (Destroy) → Resource will be deleted.

  • ~ (Update/Modify in-place) → Resource will be updated with changes.

  • -/+ (Replace) → Resource must be destroyed and recreated (e.g., immutable properties changed).

  • <= (Read) → Data source will be read.

Example of terraform plan

Example 1: Basic AWS Instance

main.tf

 
provider "aws" { region = "us-east-1" } resource "aws_instance" "my_ec2" { ami = "ami-0c55b159cbfafe1f0" instance_type = "t2.micro" }

Run:

 
terraform init terraform plan

Output:

 
Terraform will perform the following actions: # aws_instance.my_ec2 will be created + resource "aws_instance" "my_ec2" { + ami = "ami-0c55b159cbfafe1f0" + instance_type = "t2.micro" + id = (known after apply) }

Interpretation: Terraform will create a new EC2 instance.

Example 2: Modifying a Resource

If we update the instance type:

 
resource "aws_instance" "my_ec2" { ami = "ami-0c55b159cbfafe1f0" instance_type = "t2.small" }

Run:

 
terraform plan

Output:

 
~ aws_instance.my_ec2 instance_type: "t2.micro" => "t2.small"

Interpretation: Terraform will update the existing EC2 instance in place.

Example 3: Destroy Plan

 
terraform plan -destroy

Output:

 
- aws_instance.my_ec2

Interpretation: Terraform will destroy the instance if applied.

Example 4: Saving the Plan

 
terraform plan -out=planfile

This creates a binary plan file. To apply later:

 
terraform apply planfile

When Should You Use terraform plan?

  • Before running terraform apply to validate changes.

  • After modifying .tf files to check for differences.

  • Before committing changes to a Git repo (peer review).

  • In CI/CD pipelines to generate plans for approval.

  • During state migrations to verify no unwanted resource deletions occur.

Best Practices with terraform plan

  • Always Run terraform plan Before Apply
    Never apply changes blindly. Previewing prevents accidental downtime.

  • Use -out for Safety
    Save plans to files and apply them later. This guarantees that only the reviewed plan is applied.

  • Leverage Variables & Workspaces
    Use -var-file for environment-specific plans. Example:

     
    terraform plan -var-file=dev.tfvars terraform plan -var-file=prod.tfvars

  • Integrate with CI/CD
    Generate plans in pipelines for automated testing and approvals before applying in production.

  • Review Plans in Teams
    Share plans for peer review to avoid mistakes.

  • Use -target Cautiously
    Targeting specific resources can be useful but may cause dependency issues. Use sparingly.

Common Errors in terraform plan

  • Error: Provider not initialized
    → Solution: Run terraform init.

  • Error: Variable not set
    → Solution: Pass required variables via -var or -var-file.

  • Error: Backend configuration mismatch
    → Solution: Reinitialize with terraform init -reconfigure.

  • Error: Inconsistent state
    → Solution: Run terraform refresh to sync state.

Real-World Use Case

Imagine you are part of a DevOps team managing AWS infrastructure. A developer modifies the Terraform configuration to change an EC2 instance type. Instead of immediately applying, the team runs:

 
terraform plan -out=review.plan

The plan is reviewed by the team and approved. Later, the same plan is safely applied:

 
terraform apply review.plan

This workflow ensures predictability, safety, and collaboration, especially in production environments.

Conclusion

The terraform plan command is one of the most important features of Terraform. It acts as a safety net, allowing engineers to preview changes before making them live. By clearly showing which resources will be created, updated, or destroyed, it prevents unexpected downtime and ensures smooth infrastructure management.

Key takeaways:

  • terraform plan is a dry run of your configuration changes.

  • It helps in collaboration, CI/CD automation, and auditing.

  • Use -out to save plans for reproducibility.

  • Always review a plan before applying changes in production.

In short, terraform plan empowers infrastructure teams to work with confidence, precision, and predictability — making it one of the most valuable steps in the Terraform workflow

Leave a Comment

Your email address will not be published. Required fields are marked *

Explore Our Recent Blogs

Scroll to Top