Terraform Testing Debugging DevOps Validation

Testing and Debugging Your Terraform Code

Published on: November 3, 2023 | Author: DevOps Engineering Team

Master essential Terraform testing and debugging techniques for DevOps success. Learn to validate configurations, analyze plans, and troubleshoot common issues efficiently.

What You'll Learn

• Configuration Validation
• Plan Analysis
• Debugging Techniques
• Testing Tools
• Common Issues & Solutions

Configuration Validation

Validate your Terraform code before execution to catch errors early.

Syntax Validation

# Validate configuration syntax
terraform validate

# Format code automatically
terraform fmt

# Check formatting
terraform fmt -check

Variable Validation

variable "instance_type" {
  type        = string
  description = "EC2 instance type"
  
  validation {
    condition     = contains(["t3.micro", "t3.small"], var.instance_type)
    error_message = "Invalid instance type."
  }
}

Validation Best Practices

Always run terraform validate and terraform fmt in your CI/CD pipeline. Use variable validations to enforce business rules.

Plan Analysis

Understand what Terraform will change before applying configurations.

1

Generate Execution Plan

# Create plan file
terraform plan -out=tfplan

# Save plan as JSON for analysis
terraform plan -out=tfplan -json > plan.json

2

Analyze Plan Output

# Review plan details
terraform show tfplan

# Show only resources being created
terraform plan | grep "will be created"

# Show only resources being destroyed
terraform plan | grep "will be destroyed"

Plan Analysis Helper

Select a scenario to see plan analysis techniques:

Select a scenario to see plan analysis examples...

Debugging Techniques

Effective debugging strategies for common Terraform issues.

Enable Debug Logging

# Set debug environment variable
export TF_LOG=DEBUG
export TF_LOG_PATH=./terraform.log

# Run terraform commands
terraform plan
terraform apply

State Inspection

# List all resources in state
terraform state list

# Show specific resource details
terraform state show aws_instance.web

# Check current workspace
terraform workspace show

Debugging Tips

Use TF_LOG=DEBUG sparingly as it generates verbose output. Always check your current workspace and state file location when debugging.

Testing Tools

Essential tools for testing Terraform configurations.

Tool	Purpose	Usage
tflint	Linter for Terraform	tflint
tfsec	Security scanner	tfsec .
checkov	Infrastructure security	checkov -d .
terratest	Integration testing	Go-based tests

Common Issues & Solutions

Quick solutions for frequent Terraform problems.

State Lock Issues

# Check if state is locked
terraform plan

# If locked, force unlock (use carefully)
terraform force-unlock LOCK_ID

# Common causes:
# - Previous operation failed
# - Multiple users running terraform
# - Network issues with backend

Provider Errors

# Reinitialize providers
terraform init -upgrade

# Clear cached providers
rm -rf .terraform
terraform init

# Check provider version constraints
terraform providers

Key Testing Commands

• terraform validate - Validate configuration syntax
• terraform plan - Preview changes
• terraform fmt - Format code consistently
• tflint - Catch common mistakes
• tfsec - Security scanning

← Previous: Terraform Security Best Practices

This is Part 10 of The Ultimate Terraform Mastery Series.

Next: Terraform Modules Deep Dive →