»Run Modes and Options

Terraform Cloud runs support many of the same modes and options available in the Terraform CLI.

»Destroy Mode

Destroy mode instructs Terraform to create a plan which destroys all objects, regardless of configuration changes.

• CLI: Use terraform plan -destroy or terraform destroy
• API: Use the is-destroy option.
• UI: Use a workspace's Destruction and Deletion settings page.

»Refresh-Only Mode

Hands-on: Try the Use Refresh-Only Mode to Sync Terraform State tutorial.

Refresh-only mode instructs Terraform to create a plan which updates the Terraform state to match changes made to remote objects outside of Terraform.

• CLI: Use terraform plan -refresh-only or terraform apply -refresh-only.
• API: Use the refresh-only option.
• UI: Use the "Start new plan" action from a workspace's "Actions" menu, then choose the "Refresh-only" plan type in the new plan dialog.

»Skipping Automatic State Refresh

The -refresh=false option is used in normal planning mode to skip the default behavior of refreshing Terraform state before checking for configuration changes.

• CLI: Use terraform plan -refresh=false or terraform apply -refresh=false.
• API: Use the refresh option.

»Replacing Selected Resources

The replace option instructs Terraform to replace the object with the given resource address.

• CLI: Use terraform plan -replace=ADDRESS or terraform apply -replace=ADDRESS.
• API: Use the replace-addrs option.

»Allow Empty Apply

A no-operation (empty) apply enables Terraform Cloud to apply a run from a plan that contains no infrastructure changes. During apply, Terraform can upgrade the state version if required. You can use this option to upgrade the state in your Terraform Cloud workspace to a new Terraform version.

• API: Set the allow-empty-apply field to true.
• UI: Open the workspace's Actions menu, select Start new plan, and then choose Allow empty apply as the run type.

»Plan Only/Speculative Plan

This option creates a speculative plan. The speculative plan shows a set of possible changes and checks them against Sentinel policies, but Terraform cannot apply it. You can create speculative plans with a Terraform version that is different from the one currently selected for the workspace. This lets you check whether your configuration is compatible with a newer Terraform version without changing the workspace settings.

• API: Set the plan-only field to true and specify an available terraform version using the terraform-version field.
• UI: Open the workspace's Actions menu, select Start new plan, and then choose Plan only as the run type.

»Targeted Plan and Apply

Resource Targeting is intended for exceptional circumstances only and should not be used routinely.

• CLI: Use terraform plan -target=ADDRESS or terraform apply -target=ADDRESS.
• API: Use the target-addrs option.

The usual caveats for targeting in local operations imply some additional limitations on Terraform Cloud features for remote plans created with targeting:

• Sentinel policy checks for targeted plans will see only the selected subset of resource instances planned for changes in the tfplan import and the tfplan/v2 import, which may cause an unintended failure for any policy that requires a planned change to a particular resource instance selected by its address.

• Cost Estimation is disabled for any run created with -target set, to prevent producing a misleading underestimate of cost due to resource instances being excluded from the plan.

You can disable or constrain use of targeting in a particular workspace using a Sentinel policy based on the tfrun.target_addrs value.