⛰️ Terraform

Updated at 2021-08-30 11:21


  • Providers specify how to execute steps on a specific cloud or context
  • Module is a collection of .tf configuration files which are all read
    • Root module is your main module which can load other modules as needed
    • Other modules can be loaded from local, registry, GitHub or generic Git sources
  • State records the actual identities of things that Terraform is managing
  • Backend specifies where Terraform stores states; it can be local or remote
    • Local backend is the default, but it's less secure and less collaborative
    • Remote backend is the intended usage, but requires setup e.g. TF Cloud or AWS S3
  • Workspace allow multiple states to be associated with a single configuration
  • Resource (resource) describes one or more infrastructure objects
  • Data Source (data) exposes extra values calculated or fetched by a provider

Each provider has their own documentation. Can't be helped as each cloud provider is different. You can find available providers at Terraform Registry - Providers.

You call child modules using module block with parameters. Each module block has a source that is either local directory or remote location to download the files from e.g. from Terraform Registry, GitHub or AWS S3 bucket.

module "servers" {
  source = "./app-cluster"
  servers = 5

resource "aws_elb" "example" {
  # ...
  instances = module.servers.instance_ids

It is recommended to specify the module version.

module "consul" {
  source  = "hashicorp/consul/aws"
  version = "0.0.5"
  servers = 3

It is not recommended to store state files in version control. State files might include sensitive information like database passwords and such. The proper way to do it is to use a remote backend to store state and only use the local backend for local development. .terraform/ cache directories are also to be ignored. .terraform.lock.hcl lock files should be version controlled.

# .gitignore

Check out Terragrunt and Terratest. They are nice but not strictly required.

CDKTF (Cloud Development Kit for Terraform) is a hot pile of experimental waste. Don't use it, you will be happier without these language specific bindings.