Terraform Rollback: How to Revert to a Previous State

• Introduction
• Step-by-Step Guide
• Code Example
• Additional Notes
• Summary
• Conclusion
• References

Terraform, a powerful infrastructure-as-code tool, doesn't offer a direct "rollback" feature. However, by utilizing Terraform's state management capabilities, you can effectively revert your infrastructure to a previous state. This involves enabling state versioning, identifying the desired state, downloading the corresponding state file, replacing the current state, and applying the changes.

Terraform doesn't have a dedicated "rollback" feature, but you can achieve similar results by leveraging state management:

1. Enable State Versioning:

Ensure your chosen backend (e.g., AWS S3, Terraform Cloud) has versioning enabled. This preserves previous state files.

2. Identify the Target State:

Determine the timestamp or version of the state you want to revert to. You can list available versions using backend-specific commands or UIs.

3. Download the Previous State:

Download the desired state file locally. For example, if using AWS S3:

aws s3 cp s3://your-bucket/terraform.tfstate terraform.tfstate.previous

4. Replace the Current State:

Replace your current terraform.tfstate with the downloaded terraform.tfstate.previous.

5. Apply the Previous State:

Run terraform apply. Terraform will detect the state difference and revert your infrastructure to the previous configuration.

Important Considerations:

• This process assumes your Terraform code hasn't drastically changed since the target state.
• Carefully review the changes before applying the previous state to avoid unintended consequences.
• Regularly back up your state files for added safety.

This code snippet provides a step-by-step guide on how to roll back Terraform infrastructure changes to a previous state using AWS S3 for state storage. It involves enabling versioning on the S3 bucket, listing available state versions, downloading the desired version, replacing the current state file, and applying the changes using "terraform apply". The example emphasizes the importance of backing up the current state file and reviewing changes before applying to prevent unintended consequences.

This example demonstrates rolling back to a previous state using AWS S3 for state storage.

1. Enable Versioning on S3 Bucket:

Ensure versioning is enabled for your S3 bucket. You can do this via the AWS console or CLI:

aws s3api put-bucket-versioning --bucket your-bucket-name --versioning-configuration Status=Enabled

2. List Available State Versions:

List the available versions of your Terraform state file:

aws s3 ls s3://your-bucket-name/terraform.tfstate --recursive

This will output a list of versions with their timestamps. Note the VersionId of the desired state.

3. Download the Target State:

Download the specific state file version you want to revert to:

aws s3 cp s3://your-bucket-name/terraform.tfstate?versionId=YOUR_TARGET_VERSION_ID terraform.tfstate.previous

Replace YOUR_TARGET_VERSION_ID with the actual VersionId from step 2.

4. Replace the Current State:

Important: Before proceeding, back up your current terraform.tfstate file!

mv terraform.tfstate terraform.tfstate.backup
mv terraform.tfstate.previous terraform.tfstate

5. Apply the Previous State:

Run terraform apply. Terraform will compare the downloaded state with your current infrastructure and revert any changes made after the target state.

terraform apply

Important Notes:

• This example assumes your Terraform code hasn't significantly changed since the target state.
• Always review the changes between the current and target state before applying to avoid unintended consequences.
• Regularly back up your state files for added safety.

This example provides a basic framework for rolling back Terraform changes using state management. Remember to adapt the commands and procedures based on your specific backend and environment.

Understanding the Limitations:

• Not a True Rollback: This method isn't a true rollback in the traditional sense. It relies on Terraform reconciling the differences between the current infrastructure and the desired state. Complex scenarios with external dependencies might not revert cleanly.
• Code Drift: If your Terraform code has significantly changed since the target state, applying the old state might lead to unexpected results or errors. Always review the code and plan carefully.
• Data Loss: Reverting to a previous state might lead to data loss if the newer state involved data modifications not captured in the infrastructure configuration.

Best Practices:

• Frequent State Backups: Regularly back up your state files to a secure location. This provides an additional safety net in case of accidental state corruption or deletion.
• Version Control for Terraform Code: Use a version control system (like Git) to track changes to your Terraform code. This helps correlate state versions with specific code changes.
• Thorough Testing: Before applying any state changes, especially rollbacks, thoroughly test the changes in a staging environment to minimize the risk of production issues.
• Consider Alternatives: For complex rollbacks or scenarios where state management isn't suitable, explore alternatives like infrastructure backups and recovery tools.

Additional Tips:

• Partial Rollbacks: You can selectively revert specific resources by modifying the state file. However, this requires a deep understanding of the state file structure and is generally not recommended for beginners.
• State Locking: When working in a team environment, use state locking to prevent concurrent modifications to the state file, which can lead to inconsistencies and errors.

By understanding the limitations and following best practices, you can leverage Terraform's state management capabilities to effectively revert infrastructure changes when needed. Remember to prioritize safety and always review changes carefully before applying them.

While Terraform lacks a dedicated "rollback" feature, you can revert to previous infrastructure states using these steps:

Important:

• This method assumes minimal changes to your Terraform code since the target state.
• Review changes before applying to avoid unintended consequences.
• Regularly back up your state files for safety.

In conclusion, while Terraform doesn't have a dedicated "rollback" button, its robust state management system provides the tools to revert infrastructure to previous states. By enabling versioning, identifying the desired state, and carefully replacing the current state file, you can essentially "roll back" your infrastructure. However, this approach is not a silver bullet and requires careful consideration of code changes, potential data loss, and thorough testing. Always prioritize best practices like frequent state backups, version control for your code, and testing in a staging environment to ensure safe and predictable infrastructure reversions. Remember, understanding the nuances and limitations of this method is crucial for successful and safe infrastructure management with Terraform.

• Apply previous state file or undo plan - Terraform - HashiCorp Discuss | Hi all, We are looking into do an automated pipeline rollback\on fail process when an apply fails (AWS provider) due to any reason. So my plan was as follows: tf init job does its usual provider\module pulls but also with an additional process that collects the current state file and caches it as the previous state plan runs as normal apply runs if apply fails, get the cached state and put the remote resources back to whats in the previously cached state file I dont have an issue with the s...
• Rolling back your Terraform Remote State in S3 - DEV Community | While I hope this is a rare occurrence, I've run into this a few times where I had to rollback...
• Terraform State - Workspaces - HCP Terraform | Terraform ... | Navigate to the state you want to rollback to and click the Advanced toggle button. This option requires that you have access to create new state and that you ...
• Terraform State Restoration Overview – HashiCorp Help Center | Introduction If, in the process of using Terraform, you find yourself in situations where you've backed yourself into a corner with your configuration - either with irreconcilable errors or with a ...
• Rollback Infra with the Terraform Rollback step | Harness Developer ... | Roll back provisioning and return to pre-deployment state.
• Rolling back Terraform Remote State in AWS S3 | by Ahmad Al ... | Rolling back a Terraform remote state stored in AWS S3 might be necessary in several scenarios where the current state of your…
• Restore Previous Version of Terraform State | Download Terraform | IntroductionIn the event of accidental destruction of resources, it may be necessary to restore a previous version of the Terraform state. If the backend bucket that stores the Terraform state has versioning enabled, you can easily download and restore an earlier version of the state file. This document assumes that you are storing your Terraform state in an S3 bucket with versioning enabled.Steps to download a Previous Version of Terraform StateFollow the steps below to restore a previous versi
• Terraform state file versioning - Self-managed - GitLab Forum | As documentation explains about use GitLab as Terraform remote state backend. https://docs.gitlab.com/ee/user/infrastructure/terraform_state.html It includes Terraform State Versioning feature. But when I’m trying to use this feature it shows only latest state version, no previous version show. any suggestion for this issue ? thanks.
• It'd be nice to have a rollback feature : r/Terraform | Posted by u/def_struct - 11 votes and 8 comments