Peek Behind the Curtain: Your X-Ray Vision for Cloud Infrastructure
Have you ever deployed infrastructure and immediately thought, "Wait, that's not what I meant to create"? As a cloud architect who's made that mistake more times than I care to admit, I've learned that understanding what Terraform will provision before hitting that apply button is absolutely critical.
Today, I'll share my favorite command for getting a clear picture of what resources you're about to create. No fluff, just practical knowledge that will save you headaches (and possibly your job).
The Magic Command
After spending years working with Terraform across various enterprises, I've found this particular sequence gives me the clearest picture of what's about to happen:
terraform plan -out=tfplan
terraform show -json tfplan | jq '.resource_changes[] | select(.change.actions[0] == "create") | .address' | sort
This little beauty does something remarkable - it isolates and shows you only the resources that will be newly created, filtering out modifications and leaving you with a clean list of what's about to appear in your cloud environment.
Why This Matters
Last month, I was working on a project for a financial services client who needed to deploy a complex multi-region environment. The terraform files spanned thousands of lines across dozens of modules.
When I ran a standard terraform plan, the output was overwhelming - hundreds of resources with various states of change. Using my filtered command instead revealed they were about to provision 12 load balancers rather than the 4 they had budgeted for - a mistake that would have cost thousands in unexpected cloud charges.
Beyond the Basics
For those who want to take their Terraform detective work further, here's another trick I use when working with large-scale deployments:
terraform plan -out=tfplan
terraform show -json tfplan | jq '.resource_changes[] | select(.change.actions[0] == "create") | "\(.address) (\(.type))"' | sort
This enhanced version not only shows what resources will be created but adds their type for additional context. When you're managing infrastructure with dozens of different resource types, this extra bit of information helps identify patterns or misconfigurations.
Final Thoughts
Terraform gives us tremendous power to provision infrastructure as code, but with great power comes great responsibility. Taking the time to truly understand what you're about to create isn't just good practice - it's essential risk management.
The next time you're about to make a significant change to your infrastructure, I hope you'll remember this command. It might just save your day, your budget, or both.