What is Terraform?
Terraform is an open-source infrastructure as code (IaC) tool created by HashiCorp. It allows you to define and provision infrastructure using a declarative configuration language called HCL (HashiCorp Configuration Language). Terraform can manage infrastructure across multiple cloud providers and services.
Unlike imperative approaches where you specify step-by-step instructions, Terraform uses a declarative approach where you describe the desired end state, and Terraform figures out how to achieve it while tracking the actual state of your infrastructure.
Terraform Project Calculator
Apply Time: ~175s | Risk Level: Low
Recommended Modules: 4
Terraform Core Workflow
1. Write
Define infrastructure in configuration files using HCL.
resource "aws_instance" "web" {
ami = "ami-12345"
instance_type = "t3.micro"
}2. Plan
Preview changes before applying them to infrastructure.
+ aws_instance.web will be created
Plan: 1 to add, 0 to change, 0 to destroy
3. Apply
Execute the planned changes to provision infrastructure.
aws_instance.web: Creating...
Apply complete! Resources: 1 added
4. Track State
Terraform maintains state to track managed resources.
$ terraform show
# aws_instance.web:
resource "aws_instance" "web" {
id = "i-1234567890abcdef0"
}Terraform Configuration Patterns
Provider Configuration
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
}
}
provider "aws" {
region = var.aws_region
}Module Usage
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "3.0.0"
name = "my-vpc"
cidr = "10.0.0.0/16"
azs = ["us-west-2a", "us-west-2b"]
public_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
}Remote State Configuration
terraform {
backend "s3" {
bucket = "my-terraform-state"
key = "prod/terraform.tfstate"
region = "us-west-2"
dynamodb_table = "terraform-locks"
encrypt = true
}
}Real-World Terraform Implementations
Uber
Manages thousands of resources across multiple AWS regions with Terraform.
- • Multi-region EKS clusters
- • RDS databases and Redis clusters
- • Load balancers and VPC networking
- • 10,000+ resources managed
Datadog
Uses Terraform for multi-cloud infrastructure provisioning and monitoring setup.
- • AWS, GCP, and Azure resources
- • Monitoring infrastructure automation
- • CI/CD pipeline integration
- • Self-service infrastructure for teams
Gruntwork
Builds production-ready Terraform modules for enterprise clients.
- • Reusable infrastructure modules
- • Security and compliance automation
- • Multi-account AWS setups
- • 200+ open source modules
GitLab
Manages their SaaS infrastructure and customer environments with Terraform.
- • GCP and AWS hybrid infrastructure
- • Kubernetes cluster provisioning
- • Customer environment automation
- • Disaster recovery automation
Terraform Best Practices
✅ Do
- • Use remote state with locking for teams
- • Structure code with modules for reusability
- • Always run terraform plan before apply
- • Use version constraints for providers
- • Implement proper tagging strategies
- • Use terraform fmt and validate regularly
❌ Don't
- • Store state files in version control
- • Hardcode sensitive values in configurations
- • Make manual changes to Terraform-managed resources
- • Skip terraform plan in CI/CD pipelines
- • Use overly complex expressions
- • Ignore drift detection and remediation