📘 Terraform Summary Guide

I. What is Terraform?

Terraform is an open-source Infrastructure as Code (IaC) tool developed by HashiCorp. It allows you to provision, manage, and version infrastructure across a variety of providers such as AWS, Azure, GCP, VMware, and more using a declarative language (HCL - HashiCorp Configuration Language).

II. Key Concepts

Concept	Description
IaC (Infrastructure as Code)	Manage infrastructure using machine-readable files instead of manual processes.
Provider	Plugin that interacts with APIs of platforms like AWS, Azure, GCP, etc.
Resource	Basic building block of infrastructure (e.g., an EC2 instance, S3 bucket).
Module	Reusable and shareable group of Terraform configurations.
State File	Stores information about managed infrastructure and current state.
Plan	Preview of what Terraform will do before applying changes.
Apply	Executes the planned changes to infrastructure.

III. Terraform Workflow

Write → Init → Plan → Apply → Destroy

1. Write

Write configuration in .tf files using HCL syntax.

2. Init

Initializes working directory and downloads providers.

bash

terraform init

3. Plan

Shows what will be changed.

bash

terraform plan

4. Apply

Applies the changes to infrastructure.

bash

terraform apply

5. Destroy

Tears down all resources defined in the config.

bash

terraform destroy

IV. Configuration File Structure

Example: `main.tf`

hcl

provider "aws" {
  region = "us-west-1"
}

resource "aws_instance" "web" {
  ami           = "ami-0abcdef1234567890"
  instance_type = "t2.micro"
}

V. Providers

Connect Terraform to APIs.
Examples: AWS, Azure, GCP, Kubernetes, Docker.
Declared in configuration with authentication credentials.

hcl

provider "aws" {
  region = "us-east-1"
}

VI. Resources

Resources describe infrastructure objects:

hcl

resource "aws_s3_bucket" "mybucket" {
  bucket = "my-unique-bucket-name"
  acl    = "private"
}

VII. Variables and Outputs

Variables

Defined using variable block or passed in via CLI, files, or environment.

hcl

variable "region" {
  default = "us-west-2"
}

Outputs

Used to print or export values from your configuration.

hcl

output "instance_ip" {
  value = aws_instance.web.public_ip
}

VIII. State Management

terraform.tfstate stores the current state of infrastructure.
Should be stored securely (e.g., in S3 for remote teams).
Commands:
- terraform state list
- terraform state show
- terraform state rm

IX. Modules

Modules are containers for multiple resources that can be reused.

hcl

module "network" {
  source = "./modules/vpc"
  cidr_block = "10.0.0.0/16"
}

Module Types

Local Modules (within your repo)
Remote Modules (Terraform Registry, GitHub, S3, etc.)

X. Backends

Defines where Terraform state is stored (local or remote).

hcl

terraform {
  backend "s3" {
    bucket = "my-tf-state"
    key    = "state.tfstate"
    region = "us-east-1"
  }
}

XI. Terraform CLI Commands Summary

Command	Purpose
`terraform init`	Initializes directory and downloads plugins.
`terraform plan`	Shows what Terraform will do.
`terraform apply`	Applies the planned changes.
`terraform destroy`	Removes all resources.
`terraform validate`	Validates configuration syntax.
`terraform fmt`	Formats code to HCL standards.
`terraform show`	Displays current state.

XII. Terraform Best Practices

Use modules for reusability and clarity.
Store state remotely with locking (e.g., S3 + DynamoDB).
Use workspaces for managing environments (dev/stage/prod).
Use version constraints for providers.
Keep secrets and sensitive data out of .tf files (use Vault or env vars).
Use terraform plan before every apply to avoid surprises.
Use .terraformignore to exclude files from state.

XIII. Terraform vs Other Tools

Feature	Terraform	CloudFormation	Ansible
Language	HCL	JSON/YAML	YAML
Agentless	Yes	Yes	Yes
Provisioning	Declarative	Declarative	Imperative
Providers	Multi-cloud	AWS only	Many (via modules)

Search This Blog

SRINIVAS YEDIDA 🦋