Terraform State Locking Follow Up

terraform plan comes back clean. No changes and everything looks fine.

Except the load balancer your teammate manually updated last week is still sitting there with the old config and Terraform has no idea.

This is state drift and it's one of those things that will completely ruin your day if you're not watching for it. Terraform's state file is its model of reality and when someone touches infrastructure outside of Terraform, that model gets stale and the plan output stops being trustworthy.

The junior move is trusting the plan. The senior move is asking when was the last time anyone touched this outside of a pipeline? And if the answer is "I'm not sure," you're not applying anything until you find out.

terraform refresh will sync the state to actual infrastructure. terraform plan after that is the plan worth reading. And if the drift is significant, you're probably looking at an import block conversation before you do anything else.

The code is only as reliable as the process around it.

#Terraform #DevOps #SRE #InfrastructureAsCode #SoftwareEngineering