Terraform: Destroy Infrastructure Explained

Last Updated on August 7, 2025 by Arnav Sharma

When managing cloud infrastructure, understanding the lifecycle of resources is crucial. Terraform, a powerful tool by HashiCorp, simplifies this process. Particularly, the “destroy” command in Terraform is essential when you need to delete or decommission resources. In this blog, we will delve into how to use Terraform to destroy infrastructure, especially focusing on examples from Azure.

What is Terraform?

Terraform, developed by HashiCorp, is an infrastructure as code (IaC) tool used to provision and manage cloud infrastructure. Using a terraform script, you can define, deploy, and update resources across various cloud platforms, including AWS and Azure.

Terraform Workflow: Plan, Apply, and Destroy

The Terraform workflow typically involves three steps:

1. Terraform Plan: Creates an execution plan to determine what actions are necessary to achieve the desired state specified in the terraform configuration files.
2. Terraform Apply: Applies the changes necessary to reach the desired state of the configuration.
3. Terraform Destroy: Used to remove resources that are no longer needed.

Understanding the Destroy Command

The terraform destroy command is a critical part of managing the lifecycle of your infrastructure. It’s used when you want to remove any provisioned infrastructure that you no longer need, helping to reduce your security exposure and manage costs.

How it Works

1. Specify the Script: You start by specifying the terraform script that outlines the infrastructure you wish to remove.
2. Creating a Plan: Terraform then creates a plan showing what will be removed.
3. Execution: Finally, upon approval, Terraform will destroy the specified resources.

Use Cases for Terraform Destroy

• Reducing Costs: When you no longer need infrastructure, destroying it helps reduce costs associated with idle resources.
• Environment Management: For managing short-lived environments like build or test environments, terraform destroy helps in decommissioning them once they are no longer needed.
• Updating Infrastructure: In cases where it’s easier to recreate the infrastructure from scratch rather than updating it, terraform destroy is used to remove the old infrastructure before provisioning new resources.

Destroying Azure Resources with Terraform

Azure, like AWS, can be managed using Terraform. Whether it’s an EC2 instance in AWS or a VM in Azure, Terraform provides a unified way to manage these resources.

Destroying an Azure VM

1. Define the Resource: In your Terraform script, you would have defined an Azure VM.
2. Plan and Apply: You would have initially used terraform plan and terraform apply to provision the VM.
3. Destroy: To remove this VM, you would update your Terraform configuration to reflect that the VM is no longer needed and then run terraform destroy.

Best Practices for Using Terraform Destroy

1. Backup State File: Always backup your Terraform state file before running the destroy command.
2. Review Execution Plan: Carefully review the execution plan created by Terraform to ensure only the intended resources are destroyed.
3. Manage Dependencies: Terraform determines the order of resource destruction based on dependencies. Ensure that your configurations correctly reflect these dependencies.
4. Use Version Control: Store your Terraform configurations in a version control system like GitHub for better management and tracking.

Example 1: Delete a Simple Azure Resource

Suppose you have a Terraform configuration that defines an Azure virtual machine (VM). Here’s how you would typically destroy this VM:

1. Initial Setup: You should have a Terraform script (main.tf) that defines an Azure VM. For example: resource "azurerm_virtual_machine" "example_vm" {
# VM configuration details
}

2. Plan and Apply: Initially, you would use terraform plan and terraform apply to provision this VM.

3. Destroy the VM: When you decide to remove this VM, you would use the terraform destroy command. Here’s how:

   • Open your command line.
   • Navigate to the directory containing your Terraform configuration files.
   • Run the command: terraform destroy
   • Terraform will provide an execution plan and ask for confirmation before destroying the resources.

Example 2: Destroying Specific Resources in Azure

Sometimes, you might want to destroy a specific resource within your Terraform-managed infrastructure without affecting other resources.

1. Identify the Resource: First, identify the resource you want to destroy. Each resource in your Terraform state file has an address. You can list all resources with their addresses using:
terraform state list
2. Destroy the Specific Resource: Use the terraform destroy command with the -target option. For instance, to destroy a specific Azure network interface: terraform destroy -target azurerm_network_interface.example_nic

   This command will only destroy the resource specified and leave others intact

Example 3: Destroying All Resources in a Terraform Project

If you need to completely tear down all the infrastructure managed by a Terraform project, you simply run the terraform destroy command without specifying a target. This is common when decommissioning an entire environment.

1. Execute Terraform Destroy:
   • Navigate to your project directory.
   • Run: terraform destroy
   • Review the plan and confirm the destruction.