Defining Terraform: Think of Terraform as a master builder for the digital world. Just like an architect uses blueprints to construct buildings, Terraform uses code to construct and manage your digital infrastructure.
Terraform Superpowers: Remember the acronym ‘MACV’ — Manage, Automate, Collaborate, and re-Use Version-controlled infrastructure. This is what makes Terraform so powerful.
Multi-Cloud Maestro: Terraform is like the conductor of an orchestra comprising different cloud providers. It harmoniously manages multiple cloud platforms, handling cross-cloud dependencies with ease.
The Terraform Trio: Write, Plan, Apply. This is the core workflow in Terraform. It’s like the instructions on a shampoo bottle, but for code. Write your configurations, Plan your changes, Apply them to your infrastructure. Write → Plan → Apply
Terraform Commands: These are your controllers. Just like a video game controller with different buttons for different actions, Terraform commands (init, plan, apply, destroy, etc.) perform different tasks to manage your infrastructure. Mnemonic: Terraform Commands = Game Controller
Cloud Features: Terraform Cloud is your remote control for infrastructure. It offers Remote state management, Remote Terraform Execution, and Private Module Registry. Remember it as the three Rs: Remote state, Remote execution, Registry.
OSS/CLI vs Cloud Free Tier: OSS/CLI and Cloud Free Tier are like the basic models of a car, they get you from A to B, but lack some luxury features like Audit Logging, Policy as Code (Sentinel), and Single Sign-On (SSO).
Enterprise Extras: Terraform Enterprise is like the luxury car model — it comes with extra features such as Application-level logging not found in the Business edition.
Private Module Registry: If you need an automation provider with a Private Module Registry, go for Terraform Cloud with a Terraform Enterprise plan. Think of it as getting a private VIP room in a club.
Config Files: In Terraform, main.tf is your master blueprint, variables.tf and outputs.tf are your material list and finished product snapshots respectively.
Resource Blocks: The term “resource” in Terraform is like a title or label, indicating what type of block you’re dealing with in your code.
Vulnerability Reminder: Terraform is a powerful tool, but remember it’s not a silver bullet for security. It doesn’t automatically reduce vulnerabilities in your applications. Always apply best security practices alongside using Terraform.
Dynamic Blocks: Think of them like a magic paintbrush that you dip into a pot of colors (your complex data like a list or map). With a single stroke (a loop), the brush paints multiple similar patterns (nested blocks) on your canvas (configuration). No need to paint each pattern by hand! This is what we call DRY — Don’t Repeat Yourself. For e.g. dynamic “ingress” { for_each = var.ingress_rules content { from_port = ingress.value.from_port to_port = ingress.value.to_port protocol = ingress.value.protocol cidr_blocks = ingress.value.cidr_blocks } }
Terraform Plugins: Consider plugins as language interpreters. You want to talk to various cloud services (like AWS, Azure, Google Cloud), but they each speak different languages. Plugins, especially the provider ones, are your interpreters. They understand both your language and the cloud service’s, enabling smooth communication. Mnemonic: Plugins = Polyglot Interpreters
Dependency Lock File: This is like your recipe book where you note down the exact quantity of each ingredient (version of each provider or module). So, next time you or your teammates cook (run terraform init), you all know precisely what to use to make the dish taste the same. The recipe book here is the .terraform.lock.hcl file. Mnemonic: Dependency Lock File = Recipe Book
Terraform Core: This is the heart of Terraform, just like the CPU is the heart of a computer. It does all the heavy lifting, like understanding your configurations, interacting with providers, and managing the state of your infrastructure. Mnemonic: Terraform Core = CPU
Terraform Graph: Imagine you’re building a Lego set. You need to follow a specific order to put the blocks together. The Terraform Graph is your Lego instruction manual, outlining the sequence to create, update, or destroy resources. Mnemonic: Terraform Graph = Lego Manual
Terraform State: This is Terraform’s memory. It’s a diary (terraform.tfstate) where Terraform records what resources it has managed and their current state. It's like your personal journal containing sensitive details, so it needs to be kept safe and secure. Mnemonic: Terraform State = Personal Journal
Locking State Files: Consider this as the “Do Not Disturb” sign you put on your door when you’re busy. When Terraform is writing to the state file, it puts up this sign to prevent others from writing at the same time, avoiding any mix-ups. Mnemonic: Locking State Files = Do Not Disturb Sign
Terraform fmt command: Think of this command as your personal writing assistant. It makes your Terraform files easier to read and understand by reformatting them in a canonical style. If you’re worried that this assistant might change your files too much, use the -diff flag to preview the changes, just like track changes feature in a word processor. To apply these changes to all subdirectories, not just the current one, use the -check -recursive flags. Mnemonic: fmt for "Format My Text".
Terraform validate command: Consider this command as your grammar checker. It checks whether your configuration is syntactically correct and consistent, but doesn’t connect to any remote APIs or state, much like checking your document offline. If you want the validation results in JSON format, just use the -json flag. Mnemonic: validate for "Verify And Log Internal Data Errors".
Terraform console and output commands: The terraform console command is like your programming playground, where you can try out different expressions interactively. Meanwhile, terraform output is like a digital miner, it extracts the value of an output variable from the state file. Mnemonic: console for "Console Offers Numerous Satisfying Options for Learning Expressions" and output for "Output Uncovers The Precise Utility and Targets".
Terraform workflow: Think of setting up new infrastructure as going on a journey. Your first step is to pack your bags (terraform init). Then you go on your journey (terraform apply), which includes both planning the trip and executing it. There's no need to plan (terraform plan) separately, as it's part of the journey (terraform apply). Mnemonic: "Init then Apply, that's the way, to make your Terraform day."
Importing manually created resources: If you’ve created resources manually (like crafting an item in a game), you can bring them under Terraform management with the terraform import command. Just like labeling your crafted item, you need to provide the item's ID, type, and name. Before importing, update your Terraform recipe book (configuration file) to include the new items. Mnemonic: import for "In My Place, Organize Resources Together".
Managing Terraform state: The terraform state list command is your resource list checker, showing you all the items in your Terraform state. terraform state show lets you inspect a specific item closely. If you want a digital copy of your state, use terraform show -json. Mnemonic: state for "Show Terraform's Active Treasures Everywhere".
Forcing Terraform to recreate resources: The terraform taint command is like marking an item as defective, forcing Terraform to destroy and remake it on the next apply. However, this command was retired in v0.15.2 / 4, and now it's recommended to use terraform apply -replace instead. Mnemonic: taint for "Take Away, It Needs Transformation".
Refreshing the state: By default, terraform plan and terraform apply refresh the state for you, like auto-refresh on a webpage. However, the terraform refresh command was retired in v0.15.4, so now you should use terraform apply -refresh-only or terraform plan -refresh-only instead. Mnemonic: refresh for "Re-Examine, Freshen Resources, Ensure State Harmony".
