How to Recover a Lost Terraform State File

Vasudha JhaVasudha Jha
4 min read

If you've worked with Terraform, you know the terraform.tfstate file is the brain of the operation. It maps the resources defined in your .tf files to the real infrastructure in your cloud provider.

Without this file, Terraform no longer knows which resources exist, which ones it manages, or how to reconcile the configuration in your .tf files with reality.

If you run terraform plan after losing the state file:

  • Terraform will plan to create all resources defined in your .tf files, even though they might already exist in your cloud provider.

  • If you proceed with terraform apply, you could end up creating duplicate resources like extra EC2 instances, additional S3 buckets, or new VPCs.

In short, Terraform will treat it like a fresh deployment unless you step in. You also won’t be able to modify or safely manage the existing resources running your production workloads unless you import them back into the state.

How to Recover a Lost Terraform State

Step 1: Rebuild Your .tf Files (If Needed)

If you’ve also lost your Terraform code, you’ll need to recreate resource definitions based on your existing infrastructure.

Example for an EC2 instance:

resource "aws_instance" "my_ec2" {
  ami           = "ami-0abcd1234"
  instance_type = "t2.micro"
  subnet_id     = "subnet-0abcd1234"
  key_name      = "my-keypair"
  tags = {
    Name = "my-ec2-instance"
  }
}

Step 2: Import Existing Resources Using terraform import

The terraform import command lets you manually register real infrastructure into a Terraform state file.

If you don’t have a terraform.tfstate file yet, running terraform import will create a new state file automatically and add the imported resource ID. If you already have an existing state file, terraform import will simply add the resource to the current state file (without touching other resources already there).

Running

terraform import <resource_type.resource_name> <resource_id>

will import the resource into the state file.

For example, in case of our EC2 instance, we will run the command like this:

terraform import aws_instance.my_ec2 i-03c26972500fc710d

  • The left side (aws_instance.my_ec2) refers to the resource block in the .tf file.

  • The right side (i-0123456789abcdef0) is the actual resource ID from your cloud provider.

Your output after running this command will look something like this:

Repeat this step for every resource in your infrastructure (EC2 instances, S3 buckets, VPCs, etc.).

💡
Running this command one by one for all your resources can start to get tedious. To avoid this, you can create a bash script where you write all the imports and then run everything all at once.

Step 3: (Optional) Use terraform plan -refresh-only to Review Drift

Running:

terraform plan -refresh-only

compares your current Terraform state against the actual infrastructure in your cloud provider and shows any drift (like attributes that have changed outside of Terraform).

You can then run:

terraform apply -refresh-only

This updates your state file with the live resource data without applying any changes to real infrastructure.

Note: terraform plan and terraform apply already perform an automatic in-memory refresh by default, so you typically don’t need to run a refresh-only operation unless you're intentionally syncing state only or inspecting drift.

Step 4: Run terraform plan to Validate

Finally, run:

terraform plan

If your .tf files match the real-world infrastructure (as now captured in the refreshed state), Terraform will report:

No changes. Your infrastructure matches the configuration.

Terraform has checked that the real remote objects still match the result of your most recent changes, and found no differences.

If Terraform shows differences, it means your .tf configuration and actual infrastructure are out of sync.
You can either update your .tf files to reflect the current live infrastructure, or keep your .tf files as-is and apply changes to make the real infrastructure match your desired configuration.

Step 5: (Optional) Run terraform apply to Reconcile Changes

If terraform plan shows any differences between your .tf configuration and the real infrastructure, and you’re confident that your configuration is correct, you can run:

terraform apply

Terraform will then:

  • Make only the necessary updates to the infrastructure to match your configuration.

  • Update the state file accordingly.

This is how you bring your infrastructure back under full Terraform control — ensuring that your .tf files, actual infrastructure, and state file are fully aligned.

How to Prevent Losing State Again

  • Use remote backends (e.g., S3 + DynamoDB for state locking)

  • Enable versioning on your S3 state bucket.

  • Consider using Terraform Cloud for managed state storage.

Wrapping up

Losing your Terraform state doesn’t have to be a disaster. With terraform import, you can re-register your real infrastructure, and use terraform plan to verify that everything is aligned.

Even better? Set up remote state and versioning today so you won’t need this recovery guide later.

10
Subscribe to my newsletter

Read articles from Vasudha Jha directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Terraform#IaCterraform-stateCloudDevops

Written by

Vasudha Jha
Vasudha Jha

I love solving problems at the intersection of software development and cloud infrastructure. My journey started as a full-stack developer, building web and mobile applications, but I found myself drawn to automation, cloud scalability, and making deployments smoother. That led me to DevOps and Cloud Engineering, where I now focus on building reliable infrastructure, optimizing workflows, and automating deployments. Right now, I’m hands-on with AWS, Terraform, CI/CD pipelines, Docker and Ansible, working on projects that deepen my understanding of cloud automation and scalable infrastructure. I have found that the best way to learn is by building real things, debugging, and iterating along the way. 🔧 What I’m Currently Working On AWS Cloud Resume Challenge: Setting up a fully automated, serverless personal website on AWS. The core AWS services I'm using include S3, IAM, CloudFront, API Gateway, Lambda, and DynamoDB. I’m writing the infrastructure using Terraform and deploying code through GitHub Actions to ensure an automated, infrastructure-as-code approach. Here's the link to it if you'd like to give it a go: https://cloudresumechallenge.dev/docs/the-challenge/aws/ If you're still here, we probably have similar interests! Let’s connect and geek out over DevOps, cloud, and automation or anything tech-related!