mirror of
https://github.com/opentffoundation/opentf.git
synced 2026-03-01 17:02:38 -05:00
a15a6c9657
Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com> Signed-off-by: Damian Stasik <920747+damianstasik@users.noreply.github.com> Signed-off-by: Roman Grinovski <roman.grinovski@gmail.com> Co-authored-by: Damian Stasik <920747+damianstasik@users.noreply.github.com> Co-authored-by: Roman Grinovski <roman.grinovski@gmail.com>
63 lines
2.6 KiB
Plaintext
63 lines
2.6 KiB
Plaintext
---
|
|
description: Commands that allow you to destroy and re-create resources manually.
|
|
---
|
|
|
|
# Forcing Re-creation of Resources
|
|
|
|
During planning, by default OpenTofu retrieves the latest state of each
|
|
existing object and compares it with the current configuration, planning
|
|
actions only against objects whose current state does not match the
|
|
configuration.
|
|
|
|
However, in some cases a remote object may become damaged or degraded in a
|
|
way that OpenTofu cannot automatically detect. For example, if software
|
|
running inside a virtual machine crashes but the virtual machine itself is
|
|
still running then OpenTofu will typically have no way to detect and respond
|
|
to the problem, because OpenTofu only directly manages the machine as a whole.
|
|
|
|
If you know that an object is damaged, or if you want to force OpenTofu to
|
|
replace it for any other reason, you can override OpenTofu's default behavior
|
|
using [the `-replace=...` planning option](../commands/plan.mdx#replace-address)
|
|
when you run either `tofu plan` or `tofu apply`:
|
|
|
|
```shellsession
|
|
$ tofu apply -replace="aws_instance.example"
|
|
# ...
|
|
|
|
# aws_instance.example will be replaced, as requested
|
|
-/+ resource "aws_instance" "example" {
|
|
# ...
|
|
}
|
|
```
|
|
|
|
## The "tainted" status
|
|
|
|
Sometimes OpenTofu is able to infer automatically that an object is in an
|
|
incomplete or degraded state. For example, if creation of a complex object
|
|
fails in such a way that parts of it already exist in the remote system, or
|
|
if object creation succeeded but a provisioner step subsequently failed,
|
|
OpenTofu must remember that the object exists but may not be fully-functional.
|
|
|
|
OpenTofu represents this situation by marking an object in the state as
|
|
"tainted". When an object is marked with this status, the next plan will force
|
|
replacing that object in a similar way to if you had specified that object's
|
|
address using `-replace=...` as described above.
|
|
|
|
```
|
|
# aws_instance.example is tainted, so it must be replaced
|
|
-/+ resource "aws_instance" "example" {
|
|
# ...
|
|
}
|
|
```
|
|
|
|
If OpenTofu has marked an object as tainted but you consider it to be working
|
|
correctly and do not want to replace it, you can override OpenTofu's
|
|
determination using [the `tofu untaint` command](../commands/untaint.mdx),
|
|
after which OpenTofu will consider the object to be ready for use by any
|
|
downstream resource declarations.
|
|
|
|
You can also _force_ OpenTofu to mark a particular object as tainted using
|
|
[the `tofu taint` command](../commands/taint.mdx), but that approach is
|
|
deprecated in favor of the `-replace=...` option, which avoids the need to
|
|
create an interim state snapshot with a tainted object.
|