IntenseWebs/opentofu
3
0
Fork 0
mirror of https://github.com/opentofu/opentofu.git synced 2025-02-25 18:45:20 -06:00
Code Issues Packages Projects Releases Wiki Activity
3b3822d770
opentofu/website/docs/cli/commands/taint.mdx
Christian Mesh 3b3822d770
Improve documentation around static evaluation (#1843) 
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
Signed-off-by: ollevche <ollevche@gmail.com>
Co-authored-by: ollevche <ollevche@gmail.com>
2024-07-23 09:31:50 -04:00

91 lines
4.2 KiB
Plaintext
Raw Blame History

---
description: |-
The `tofu taint` command informs OpenTofu that a particular object
is damaged or degraded.
---
# Command: taint
The `tofu taint` command informs OpenTofu that a particular object has
become degraded or damaged. OpenTofu represents this by marking the
object as "tainted" in the OpenTofu state, and OpenTofu will
propose to replace it in the next plan you create.
:::warning
This command is deprecated, we recommend using the `-replace` option with `tofu apply` instead (details below).
:::
## Recommended Alternative
We recommend using the [`-replace` option](../../cli/commands/plan.mdx#replace-address) with `tofu apply` to force OpenTofu to replace an object even though there are no configuration changes that would require it.
```
$ tofu apply -replace="aws_instance.example[0]"
```
We recommend the `-replace` option because the change will be reflected in the OpenTofu plan, letting you understand how it will affect your infrastructure before you take any externally-visible action. When you use `tofu taint`, other users could create a new plan against your tainted object before you can review the effects.
## Usage
```
$ tofu taint [options] <address>
```
The `address` argument is the address of the resource to mark as tainted.
The address is in
[the resource address syntax](../../cli/state/resource-addressing.mdx),
as shown in the output from other commands, such as:
- `aws_instance.foo`
- `aws_instance.bar[1]`
- `aws_instance.baz[\"key\"]` (quotes in resource addresses must be escaped on the command line, so that they will not be interpreted by your shell)
- `module.foo.module.bar.aws_instance.qux`
:::note
Use of variables in [module sources](../../language/modules/sources.mdx#support-for-variable-and-local-evaluation),
[backend configuration](../../language/settings/backends/configuration.mdx#variables-and-locals),
or [encryption block](../../language/state/encryption.mdx#configuration)
requires [assigning values to root module variables](../../language/values/variables.mdx#assigning-values-to-root-module-variables)
when running `tofu taint`.
:::
This command accepts the following options:
- `-allow-missing` - If specified, the command will succeed (exit code 0)
even if the resource is missing. The command might still return an error
for other situations, such as if there is a problem reading or writing
the state.
- `-lock=false` - Disables OpenTofu's default behavior of attempting to take
a read/write lock on the state for the duration of the operation.
- `-lock-timeout=DURATION` - Unless locking is disabled with `-lock=false`,
instructs OpenTofu to retry acquiring a lock for a period of time before
returning an error. The duration syntax is a number followed by a time
unit letter, such as "3s" for three seconds.
- `-var 'NAME=VALUE'` - Sets a value for a single
[input variable](../../language/values/variables.mdx) declared in the
root module of the configuration. Use this option multiple times to set
more than one variable. Refer to
[Input Variables on the Command Line](plan.mdx#input-variables-on-the-command-line) for more information.
- `-var-file=FILENAME` - Sets values for potentially many
[input variables](../../language/values/variables.mdx) declared in the
root module of the configuration, using definitions from a
["tfvars" file](../../language/values/variables.mdx#variable-definitions-tfvars-files).
Use this option multiple times to include values from more than one file.
There are several other ways to set values for input variables in the root
module, aside from the `-var` and `-var-file` options. Refer to
[Assigning Values to Root Module Variables](../../language/values/variables.mdx#assigning-values-to-root-module-variables) for more information.
For configurations using the [`cloud` backend](../../cli/cloud/index.mdx) or the [`remote` backend](../../language/settings/backends/remote.mdx) only, `tofu taint`
also accepts the option
[`-ignore-remote-version`](../../cli/cloud/command-line-arguments.mdx#ignore-remote-version).
For configurations using
[the `local` backend](../../language/settings/backends/local.mdx) only,
`tofu taint` also accepts the legacy options
[`-state`, `-state-out`, and `-backup`](../../language/settings/backends/local.mdx#command-line-arguments).
Reference in New Issue View Git Blame Copy Permalink