What's the difference between terraform plan and terraform apply?

terraform plan is a dry run — it shows what changes would be made without making them. terraform apply executes the changes. Always review the plan output before applying, especially in production environments.

How do I prevent accidental resource deletion in Terraform?

Add lifecycle { prevent_destroy = true } to critical resources (databases, DNS zones). Use separate workspaces or state files for production vs. non-production to prevent cross-environment accidents.

Terraform Plan Analyzer | DevTools Surf

DevTools Surf

About Terraform Plan Analyzer

Terraform Plan Analyzer preview - Developer Utilities tool

Analyze Terraform execution plans with risk assessment and change summary. Part of the DevTools Surf developer suite. Browse more tools in the Developer Utilities collection.

Use Cases

Review a terraform plan output for unintended resource deletions before applying to production.
Identify which resources will be replaced (not just updated) to plan for downtime windows.
Audit plan files for security-sensitive changes (IAM policies, security groups, encryption settings).
Generate a human-readable change summary for stakeholder review before a production deployment.

Tips

Run terraform plan -out=plan.tfplan and analyze the saved plan file — this ensures the plan you analyzed is identical to the one terraform apply will execute.
Flag any plan that includes resource replacement (forces new resource) separately from updates — replacements cause downtime for stateful resources like databases and load balancers.
Review IAM and security group changes with extra scrutiny — these are the highest-risk changes and the ones most commonly exploited through Terraform misconfigurations.

Fun Facts

Terraform was created by HashiCorp and first released in 2014. It reached version 1.0 (indicating production stability) only in 2021 — seven years after initial release.
The HashiCorp Configuration Language (HCL) used by Terraform was designed specifically for infrastructure definition. HCL 2.0, released in 2019, added type constraints and expressions that significantly improved its expressiveness.
HashiCorp's 2023 license change (from MPL 2.0 to BSL 1.1) triggered the creation of OpenTofu as a community fork under the Linux Foundation — the most significant infrastructure-as-code schism since Puppet vs. Chef.

FAQ

What's the difference between terraform plan and terraform apply?: terraform plan is a dry run — it shows what changes would be made without making them. terraform apply executes the changes. Always review the plan output before applying, especially in production environments.
How do I prevent accidental resource deletion in Terraform?: Add lifecycle { prevent_destroy = true } to critical resources (databases, DNS zones). Use separate workspaces or state files for production vs. non-production to prevent cross-environment accidents.

Related Developer Utilities Tools

Collection JSON → cURL Git Diff → HTML Regex Visualizer Makefile Explainer Shell Script Linter GitHub Actions Visualizer HAR File Viewer API Response Mocker