Update and Destroy Infrastructure actions are just as critical as creating it, especially when working with Infrastructure as Code. In Terraform, updating or removing infrastructure is seamless and predictable—thanks to its declarative model. Whether you’re tweaking a resource or tearing it all down, Terraform ensures the process is safe, consistent, and trackable.
In this tutorial, we’ll explore how to modify existing resources and remove them entirely using Terraform. From understanding plan outputs to applying changes, this guide covers it all in a beginner-friendly way.
Table of Contents
Why Learn to Update and Destroy Infrastructure?
Infrastructure is rarely static. Over time, you’ll need to make changes—like updating configurations, changing access permissions, or removing obsolete resources.
Knowing how to update and destroy infrastructure with Terraform is essential for:
- Keeping resources aligned with current needs
- Managing configuration drift
- Cleaning up after temporary environments
When you manage infrastructure manually, these tasks can lead to errors or inconsistencies. With Terraform, every change is tracked and safely executed through its planning and apply process.
Updating Infrastructure in Terraform
Let’s say you already created a file using Terraform with some default permissions. Now, you decide to tighten the access control by modifying its permission settings.
Step 1: Modify the Configuration File
Add or change an argument in the resource block. For example, to set file permissions:
resource "local_file" "pet" {
filename = "/root/pets.txt"
content = "We love pets"
file_permission = "0700"
}
This update limits file access to only the owner.
Step 2: Run the Plan Command
Execute:
terraform plan
You’ll see an output where Terraform detects that the file resource must be replaced. This is indicated by a -/+ symbol. It means the resource will be destroyed and recreated due to the change made.
Understanding Resource Replacement
When you update certain properties—like file permissions or instance types—Terraform might not be able to modify the resource in place. Instead, it will remove the existing resource and create a new one.
This behavior is known as immutable infrastructure. It ensures every change is predictable and doesn’t result in half-configured systems.
Terraform explicitly tells you when a change will trigger a resource replacement. Look for the message:
forces replacement
This message lets you double-check before making impactful changes.
Applying the Change
Once you’ve reviewed the plan and you’re ready to move forward, run:
terraform apply
Terraform will ask you to confirm by typing yes. It then deletes the old resource and creates a new one with the updated settings.
After it’s complete, you can verify the changes by checking the actual file or querying the infrastructure.
Destroying Infrastructure Safely
Sometimes, you need to clean up an environment—maybe it’s a test setup or unused configuration. Terraform makes it easy to destroy infrastructure.
Step 1: Run the Destroy Command
terraform destroy
Terraform generates a plan showing which resources will be deleted. You’ll notice a - symbol next to each resource, indicating removal.
Step 2: Confirm the Action
Terraform will prompt:
Do you really want to destroy all resources?
Enter a value: yes
Once confirmed, it will remove all the resources defined in your .tf files from the current working directory.
Caution:
Destroy removes everything that was provisioned through that configuration. Always review the plan before typing yes.
Practical Example Recap
Here’s a quick summary using a local file resource:
- You add
file_permission = "0700"to yourlocal_fileblock. terraform plantells you it will replace the file.terraform applyconfirms and performs the update.terraform destroyremoves the file when you no longer need it.
This hands-on flow makes Terraform a reliable tool for managing lifecycle changes.
Conclusion
Learning how to update and destroy infrastructure with Terraform equips you with the tools to manage infrastructure beyond just creation. Terraform’s plan, apply, and destroy commands help you make safe, reversible changes and keep everything consistent across environments.
Whether it’s changing permissions on a file or tearing down a full cloud environment, Terraform keeps the process clear and repeatable. Now that you know how to handle updates and deletions, you’re one step closer to mastering infrastructure as code.
FAQ — Update and Destroy Infrastructure
Q1: Will every change cause resource replacement?
No. Only certain arguments trigger a replacement. Terraform will highlight these during the plan phase.
Q2: Can I update a resource without destroying it?
Yes. Some changes are done in place. Others may require replacement depending on provider behavior.
Q3: Is terraform destroy reversible?
Not directly. Once destroyed, the infrastructure is gone unless you re-apply the configuration.
Q4: Can I destroy only one resource?
Yes. Use the -target flag, like:terraform destroy -target=resource_type.name
Q5: What happens if I modify the .tf file and run destroy?
Terraform will destroy only the resources currently tracked in the state file, not everything in the file.