I have 3 .tf files in my terraform root directory:
I would like to deploy only vpc.tf running something like:
terraform apply vpc.tf #here, vpc.tf is a terraform file
But it doesn't work (I get a Go error: "zip: not a valid zip file"). If I just run
terraform apply
it will try to apply all configurations in all 3 terraform files (vpc.tf, subnets.tf and instances.tf) which is not what I want. It seems that the way to have this to work is, have a completely different folder, and run something like
terraform apply vpc/ #here, vpc/ is a folder that containers vpc.tf file
which works. The problem with this approach, is that if I have 2 or more terraform files within the vpc/ folder, I come back to the first problem all over again. It seems the solution for this is to have a specific resource in a specific folder, but this doesn't seem clean, as I can foresee that if the infrastructure grows, I will end up with several folders containing a few terraform files. So the question is:
Is there a way to "terraform apply" a specific terraform file, and ignore all the rest within a folder? Am I missing something basic about terraform?
While you can use -target as mentioned in manojlds' answer to target specific resources to run against at each time this is meant as a bit of an escape hatch for when you have something odd happening and need to ignore changes that would be applied to other resources in that area.
This is directly mentioned in the Terraform documentation for -target:
This targeting capability is provided for exceptional circumstances, such as recovering from mistakes or working around Terraform limitations. It is not recommended to use -target for routine operations, since this can lead to undetected configuration drift and confusion about how the true state of resources relates to configuration.
Instead you should think about what things you are willing to change as a set and place .tf Terraform files that should be changed as a unit in the same directory and use the same state file for them.
If you don't want two things to be changed at the same time (eg setting up a VPC and also setting up an app that lives in that VPC or setting up test and production versions of an app) then these should be in different directories and use different state files.
This provides a nice separation of things, minimising blast radius, but still making it easier to apply out chunks of things that are related at the same time.
In your specific case I would question why you wouldn't want to apply both the VPC and subnets at the same time as this would typically just be considered part of the base networking config required for things to run in. Managing these together would normally make a lot of sense and allows you to do things like changing the name of the VPC also renaming the subnets in the same apply.