Infrastructure as code (IaC) tools allow you to manage infrastructure with configuration files rather than through a graphical user interface. IaC allows you to build, change, and manage your infrastructure in a safe, consistent, and repeatable way by defining resource configurations that you can version, reuse, and share.
Terraform is HashiCorp’s infrastructure as code tool. It lets you define resources and infrastructure in human-readable, declarative configuration files, and manages your infrastructure’s lifecycle. Using Terraform has several advantages over manually managing your infrastructure:
Terraform can manage infrastructure on multiple cloud platforms.
The human-readable configuration language helps you write infrastructure code quickly.
Terraform's state allows you to track resource changes throughout your deployments.
You can commit your configurations to version control to safely collaborate on infrastructure.
Manage any infrastructure
Terraform plugins called providers let Terraform interact with cloud platforms and other services via their application programming interfaces (APIs). HashiCorp and the Terraform community have written over 1,000 providers to manage resources on Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), Kubernetes, Helm, GitHub, Splunk, and DataDog, just to name a few. Find providers for many of the platforms and services you already use in the Terraform Registry. If you don't find the provider you're looking for, you can write your own.
Modules are containers for multiple resources that are used together. A module consists of a collection of .tf and/or .tf.json files kept together in a directory.
Modules are the main way to package and reuse resource configurations with Terraform.
To deploy infrastructure with Terraform:
Scope - Identify the infrastructure for your project.
Author - Write the configuration for your infrastructure.
Initialize - Install the plugins Terraform needs to manage the infrastructure.
Plan - Preview the changes Terraform will make to match your configuration.
Apply - Make the planned changes.
Track your infrastructure
Terraform keeps track of your real infrastructure in a state file, which acts as a source of truth for your environment. Terraform uses the state file to determine the changes to make to your infrastructure so that it will match your configuration.
Steps to Install Terraform on macOS:
raghavendrakambhampati@RaghavendrasMBP ~ % brew tap hashicorp/tap Updating Homebrew... ==> Auto-updated Homebrew! Updated 2 taps (homebrew/core and homebrew/cask). ==> New Formulae clang-format@11 fnlfmt libsigrokdecode spdx-sbom-generator uuu datafusion go-critic mdzk twty ==> Updated Formulae Updated 2335 formulae. ==> New Casks azirevpn betterdummy breitbandmessung codeql inso keycombiner ppsspp tev ultracopier ==> Updated Casks Updated 487 casks. ==> Deleted Casks anzeigenchef archi bearychat blooo breakaway collabshot cytoscape eudic-es fritzing tuntap videobox zipcleaner ==> Tapping hashicorp/tap Cloning into '/usr/local/Homebrew/Library/Taps/hashicorp/homebrew-tap'... remote: Enumerating objects: 1627, done. remote: Counting objects: 100% (381/381), done. remote: Compressing objects: 100% (255/255), done. remote: Total 1627 (delta 253), reused 218 (delta 126), pack-reused 1246 Receiving objects: 100% (1627/1627), 294.23 KiB | 3.06 MiB/s, done. Resolving deltas: 100% (949/949), done. Tapped 1 cask and 11 formulae (42 files, 415.8KB).
raghavendrakambhampati@RaghavendrasMBP ~ % brew install hashicorp/tap/terraform ==> Downloading https://releases.hashicorp.com/terraform/1.0.10/terraform_1.0.10_darwin_amd64.zip ######################################################################## 100.0% ==> Installing terraform from hashicorp/tap 🍺 /usr/local/Cellar/terraform/1.0.10: 3 files, 75.8MB, built in 6 seconds
To Verify the installation, run the below commands to validate:
raghavendrakambhampati@RaghavendrasMBP ~ % terraform -help Usage: terraform [global options] <subcommand> [args] The available commands for execution are listed below. The primary workflow commands are given first, followed by less common or more advanced commands. Main commands: init Prepare your working directory for other commands validate Check whether the configuration is valid plan Show changes required by the current configuration apply Create or update infrastructure destroy Destroy previously-created infrastructure All other commands: console Try Terraform expressions at an interactive command prompt fmt Reformat your configuration in the standard style force-unlock Release a stuck lock on the current workspace get Install or upgrade remote Terraform modules graph Generate a Graphviz graph of the steps in an operation import Associate existing infrastructure with a Terraform resource login Obtain and save credentials for a remote host logout Remove locally-stored credentials for a remote host output Show output values from your root module providers Show the providers required for this configuration refresh Update the state to match remote systems show Show the current state or a saved plan state Advanced state management taint Mark a resource instance as not fully functional test Experimental support for module integration testing untaint Remove the 'tainted' state from a resource instance version Show the current Terraform version workspace Workspace management Global options (use these before the subcommand, if any): -chdir=DIR Switch to a different working directory before executing the given subcommand. -help Show this help output, or the help for a specified subcommand. -version An alias for the "version" subcommand.
raghavendrakambhampati@RaghavendrasMBP ~ % terraform -help plan Usage: terraform [global options] plan [options] Generates a speculative execution plan, showing what actions Terraform would take to apply the current configuration. This command will not actually perform the planned actions. You can optionally save the plan to a file, which you can then pass to the "apply" command to perform exactly the actions described in the plan. Plan Customization Options: The following options customize how Terraform will produce its plan. You can also use these options when you run "terraform apply" without passing it a saved plan, in order to plan and apply in a single command. -destroy Select the "destroy" planning mode, which creates a plan to destroy all objects currently managed by this Terraform configuration instead of the usual behavior. -refresh-only Select the "refresh only" planning mode, which checks whether remote objects still match the outcome of the most recent Terraform apply but does not propose any actions to undo any changes made outside of Terraform. -refresh=false Skip checking for external changes to remote objects while creating the plan. This can potentially make planning faster, but at the expense of possibly planning against a stale record of the remote system state. -replace=resource Force replacement of a particular resource instance using its resource address. If the plan would've normally produced an update or no-op action for this instance, Terraform will plan to replace it instead. -target=resource Limit the planning operation to only the given module, resource, or resource instance and all of its dependencies. You can use this option multiple times to include more than one object. This is for exceptional use only. -var 'foo=bar' Set a value for one of the input variables in the root module of the configuration. Use this option more than once to set more than one variable. -var-file=filename Load variable values from the given file, in addition to the default files terraform.tfvars and *.auto.tfvars. Use this option more than once to include more than one variables file. Other Options: -compact-warnings If Terraform produces any warnings that are not accompanied by errors, shows them in a more compact form that includes only the summary messages. -detailed-exitcode Return detailed exit codes when the command exits. This will change the meaning of exit codes to: 0 - Succeeded, diff is empty (no changes) 1 - Errored 2 - Succeeded, there is a diff -input=true Ask for input for variables if not directly set. -lock=false Don't hold a state lock during the operation. This is dangerous if others might concurrently run commands against the same workspace. -lock-timeout=0s Duration to retry a state lock. -no-color If specified, output won't contain any color. -out=path Write a plan file to the given path. This can be used as input to the "apply" command. -parallelism=n Limit the number of concurrent operations. Defaults to 10. -state=statefile A legacy option used for the local backend only. See the local backend's documentation for more information.