English for Terraform State
Learn the English vocabulary for Terraform state: the state file, drift, and locking, explained for discussing infrastructure-as-code operations clearly.
Most confusing Terraform incidents trace back to state — the file that tracks what Terraform believes exists — getting out of sync with what’s actually deployed, and the vocabulary here (drift, locking, import) is exactly what lets a team diagnose that gap instead of just re-running apply and hoping.
Key Vocabulary
State file — the file (typically terraform.tfstate) where Terraform records the real-world resources it’s created and their current attributes, used to compute the diff for every plan.
“The state file says this bucket exists with versioning enabled, so any plan will compare the actual bucket against that recorded state, not against the raw config alone.”
Drift — a mismatch between what the state file records and what actually exists in the real infrastructure, typically caused by manual changes made outside of Terraform. “Someone changed the security group manually in the console, so Terraform’s state now shows drift — the next plan will want to revert that change back to match the config.”
State locking — a mechanism that prevents two people or CI runs from modifying the state file simultaneously, avoiding corruption or conflicting concurrent changes. “The apply failed immediately with a lock error — someone else’s plan was already holding the state lock, so ours correctly refused to run concurrently.”
Import — bringing an existing resource, created outside of Terraform, under Terraform’s management by adding it to the state file without recreating it. “We imported the manually created database instance into state so Terraform would stop trying to create a duplicate on every plan.”
Remote backend — a shared storage location (S3, Terraform Cloud, etc.) for the state file, used instead of a local file so a team can collaborate on the same infrastructure without stepping on each other’s state. “We moved state to a remote backend with locking enabled specifically so two engineers running apply at the same time wouldn’t corrupt each other’s changes.”
Common Phrases
- “Is this drift, or did the config actually change?”
- “Is the state locked right now — is someone else running an apply?”
- “Do we need to import this, or was it already created through Terraform?”
- “Is state stored remotely, or is this still a local state file?”
- “What does the plan say the drift actually is before we apply anything?”
Example Sentences
Explaining an unexpected plan output: “The plan wants to delete and recreate this resource, which isn’t what we intended — it’s drift. Someone modified a tag manually outside of Terraform, and now the state file and reality disagree.”
Diagnosing a stuck apply in an incident: “The apply is hanging because state is locked from a run that crashed without releasing the lock — we’ll need to force-unlock it carefully after confirming no other apply is genuinely in progress.”
Describing an onboarding step for legacy infrastructure: “Before we can manage this database with Terraform, we need to import it into state first — otherwise Terraform will try to create a brand-new one and either fail or duplicate it.”
Professional Tips
- Say drift, not “the plan looks weird,” when state and reality disagree — naming it precisely signals the fix is reconciling state, not just rerunning apply and hoping it goes away.
- Always use a remote backend with state locking for any team-shared infrastructure — a local state file is one of the most common causes of destructive concurrent-apply incidents.
- Recommend import explicitly for any resource created manually that needs to come under Terraform management — recreating it instead of importing it risks real downtime.
- Read the plan’s diff carefully before applying when drift is suspected — Terraform doesn’t distinguish “someone changed this on purpose” from “this needs to be reverted,” so a human has to make that call.
Practice Exercise
- Write a sentence explaining what drift is and a common cause of it.
- Explain why state locking matters for a team working on the same infrastructure.
- Describe when you’d use
terraform importinstead of just running apply.