What is Terraform state?
Terraform records what it has created in a state file — the map between your config and the real resources. Every plan compares your config against this state. Managing state correctly, especially across a team, is what keeps Terraform from getting confused about reality.
Why it matters
State is the single most dangerous part of Terraform. A lost or corrupted state file, or two people applying at once, can orphan resources or destroy the wrong thing. Remote state with locking is the practice that makes Terraform safe for a team, and it is a common interview and incident topic.
What to learn
- What the state file contains and why it matters
- Remote state backends (S3, cloud storage)
- State locking to prevent concurrent applies
- Why the state file must never live in git
- Sensitive data in state and how to protect it
terraform importto bring existing resources under management- Splitting state to limit blast radius
Common pitfall
Committing the state file to git or keeping it only on one laptop. State often contains secrets, and a shared local file invites conflicts and corruption. Use a remote backend with locking from the start, so the team shares one authoritative state and applies are serialized.
Resources
Primary (free):
- Terraform — State · docs
- Terraform — Remote state · docs
- Terraform — Backend configuration · docs
Practice
Configure a remote backend with locking for a Terraform project. Confirm a second apply is blocked while one is running. Then import a resource you created by hand into state and manage it going forward. Done when state lives remotely and concurrent applies are prevented.
Outcomes
- Explain what state is and why it is sensitive.
- Configure a remote backend with locking.
- Keep state out of git and protect secrets in it.
- Import existing resources into Terraform management.