So you’ve heard about this Terraform thing and want to get in on the action? Learning a new technology such as Terraform can be a daunting task at first. Today we’re going to go through the best way to learn Terraform so that you can break through the fog of uncertainty and start learning today.
In this article we’ll discuss the different considerations you should make when learning Terraform, the main features you’ll need to know and the features you can safely ignore (at first) to give you the confidence to start working with Terraform.
By the end of this article you should have an understanding of what Terraform is, and the best way to start to learn it.
Terraform is an awesome cloud skill to be learning. I strongly believe that all infrastructure should be written as code (if you don’t know what that is, don’t worry we’ll cover that soon!). I also know that cloud computing is the future of software engineering. So it’s fair to say that you’re making a great choice starting down the path to learning Terraform.
For today’s article I won’t give you all the answers to what Terraform is and how to use it (that would be a HUGE article) but instead I’m going to give you a map — a guide — to help you navigate your learning journey and a good starting point. Which should make the process of learning Terraform less daunting.
Let’s take a quick look at the structure of what we’re going to cover today:
- Get An Overview Of Terraform — We’ll need to learn what Terraform is capable of (at a high-level) in this section we highlight the main functionalities of Terraform and start to understand what it is.
- Learn The Foundations Terraform — Now we’ll want to understand the principles that underly Terraform to understand why it’s built the way it is and understand what differentiates it from the competitors.
- Learn The Cloud (Or a vendor) First — Terraform comes with the added difficulty of needing to understand another tool to work with. We discuss how you should tackle the problem by learning your vendor first.
- Learn Terraform Basics — In this section we’ll move onto and highlight the main Terraform topics that you need to know. This is your map of the main important Terraform skills to learn.
- Learn Advanced Terraform — Lastly we’ll discuss the more advanced features of Terraform. We cover these features so you know about them, but you can safely ignore them when you’re starting out.
Sound good? Let’s get to it.
Wait — hold up. Before we get into it let’s quickly define what Terraform is.
Terraform is a CLI based infrastructure as code tool that allows you to script the creation, updating and deleting of (mainly) cloud resources. With your resources managed in code you can enjoy benefits such as: applying code review for changes, using the code as documentation for new joiners and having repeatability in the updates to your infrastructure.
What makes Terraform especially great is that it’s a universal language (figuratively) that can be applied to all cloud vendors, it’s vendor agnostic. What that means is once we’ve learned Terraform we can use our skills and apply them to different cloud providers. Been using Terraform with AWS? It’s now simple to start writing Azure resources too.
And with the definition out of the way, let’s get into the details of the best way to learn Terraform, starting with an overview of Terraform.
When it comes to learning something it makes sense to first understand the map of what’s to come; to understand what lies ahead. If you’re reading a textbook you would flick back and forth through the pages, look at the titles and spoil the ending, right? The same is true for a technology like Terraform.
So getting an understanding of the main Terraform features is the first thing we’ll do today. And whilst we don’t have a book, we do have an article! So let’s take a look at the high level features and functionality that you’ll need to know about Terraform.
I’ll quickly answer / write about each of the topics so you have an idea what it’s about. But don’t worry if it’s a little overwhelming, the point here is to just get you acclimatised to the different words and ideas that you’ll meet when you learn Terraform.
- Terraform is a CLI — That means you can download it and run it from your machine.
- Terraform is vendor agnostic — You can use Terraform with a range of third party vendors, not just one.
- Terraform is declarative — It declares the resources to create and infers the dependencies (more on this later).
- Terraform is different than it’s competitors — Many other infrastructure as code tools are imperative, so they’re different to Terraform.
- Terraform uses providers for third party integrations — A provider is what allows Terraform to integrate with different vendors.
- Terraform uses state — Terraform generates a state file on run to manage data about your infrastructure.
Whilst we’re not going to cover all these topics in deep detail today if you still find yourself itching for a physical book to flick through to get an overview of Terraform then I can wholeheartedly recommend reading Terraform Up & Running By Yevgeniy Brikman.
I personally learned Terraform by reading the book and experimenting with Terraform itself. It’s very comprehensive and gives you a great walkthrough, genuinely one of the best technical books I’ve read.
Terraform Up & Running Book
If you’re itching for more of a Terraform overview be sure to check out the article: Learn The 6 Fundamentals Of Terraform — In Less Than 20 Minutes
Now before we dive into Terraform specifics we should take a step back and understand the reasons that Terraform exists, and the problems it’s solving.
At the least we need to be comfortable answering the following two questions:
- What Is Infrastructure as Code?
- What Is Declarative Infrastructure as Code?
So let’s answer these questions now.
Infrastructure As Code is the process of writing Infrastructure In Code (well, duh). And in this context, infrastructure refers can refer to servers, databases, etc. Or even slightly more unconventional things like payment provider resources, authentication services or alerting and monitoring tooling.
By defining our infrastructure as code we can collaborate as a team, get a history of changes to our infrastructure and repeatable deployments. The impact on a technology business when they adopt infrastructure as code can be huge.
As you begin to learn Terraform you will have various a-ha moments when you start to see how different features of Terraform help us to achieve these infrastructure as code business goals.
Want a more in-depth look at what Infrastructure As Code is? Check out: Infrastructure As Code: A Quick And Simple Explanation. and
Code (infrastructure code too!) can either be declarative or imperative. Declarative code is code that describes an end state, but not how to get there. Whereas imperative describes the steps to get somewhere, but not necessarily the end state. By now you might be thinking: Why should I bother to learn the differences? What does it have to do with Terraform? So let me explain…
Terraform is a declarative infrastructure as code tool. That means in Terraform we define our target end state and Terraform works out how to get us there. The main advantages of declarative code is that: It can be easily rolled back easily, it’s idempotent (running it multiple times doesn’t create multiple resources) and the outcome of the code is always obvious.
By now you should have a good understanding of these two foundational principles of Terraform, so we should be in a good position to move onto our next topic and talk about why we should learn a vendor before we learn Terraform. So let’s do that.
Still a bit confused? Check out the following article for more detail Declarative vs. Imperative Infrastructure As Code
Cloud Vendor Logos
When using Terraform we’re looking to provision using a vendor such as AWS. And so are you, right? I imagine that you’re here because you want to use Terraform with AWS. Or maybe with Azure. Or maybe something similar. But the simple fact that Terraform works with many vendors poses a problem to us when we’re learning Terraform. Why? Let’s take a look…
When you’re learning Terraform you’re going to come into contact with a lot of new topics and ideas. But if you’re also learning a vendor or cloud provider at the same time as Terraform it could get really painful. You’re not going to know whether an error is because you’re written bad Terraform, or whether it’s something that’s wrong with your cloud provider.
So what’s the solution to solving the problem of learning the two ideas at once? The solution is to ensure you know your Cloud provider well enough before starting to put things together in Terraform. Or at least, don’t be afraid to take a step back to learn more before jumping in to write your infrastructure as code.
To understand why I emphasise the point of learning your vendor first let’s take an example. Let’s pretend that you’re using Terraform to configure an S3 bucket on AWS to be used as a static website. When you’re creating your bucket you’ll get many options…
- What bucket policy do you want?
- Do you want logging enabled?
- What region do you want?
- What CORS rules?
- What tags?
As you can see there are lots of options for configuring an S3 bucket. And this is only a humble S3 bucket, one of the simplest resources you can use — it can in fact get a lot more complicated. If you’re setting up networking for instance, there’s a lot of prior knowledge you’ll need. And that’s why one of the best head starts you can get for learning Terraform is to understand your vendor well first.
A simple way to learn your vendor is: Setup a sandbox account and manually provision resources. By configuring things manually you’ll soon start to understand how the resources work, and what their options actually do.
Remember: When you’re finished with your experiments nuke the account to contain any mess and avoid large bills. Seriously, don’t be tempted to use these manually created resources, it could make your life hell in future.
For a simple first project, creating an S3 website is a good start. For more information check out the article: Create An AWS S3 Website Using Terraform And Github Actions
By now you should have a good overview of Terraform. You should understand the fundamental principles that underpin Terraform and why you should invest the time to learn your cloud provider first.
Now we can start to take a look at the main Terraform basics. But what are those main things? To give you a sneak preview, they are:
- What is a Terraform Provider?
- What is a Terraform Plan?
- What is a Terraform Apply?
- How do we structure a Terraform project?
- What is Terraform State and why do we need it?
As before, we won’t cover these in great detail, but we’ll cover them with enough detail to give you a good picture of what the concept is before you dive in.
AWS Terraform Provider Block
A provider is Terraform’s way to know what vendor you want to integrate with and create / manage resources on. For instance: If you want to use Terraform with AWS, you’ll need the AWS provider. Or if you want to use GCP you’ll need the GCP provider.
A provider is usually an open source plugin. When you add the provider code (like in the above image) terraform is smart enough to know that you want to pull in that third party plugin. So when you run a
terraform init command it’ll go and fetch you the right assets.
And of course with each provider you’ll likely have to provide some access credentials, for this you should consult the documentation for your vendor. Providers usually accept credentials that are stored as environment variables.
Terraform Plan GIF
Terraform works through the following process:
- Setup Terraform with access to your vendor
- Write your resource code (tell Terraform what resources you want)
- Execute a plan (so Terraform knows what you want to do)
- Apply the plan (to tell Terraform to make the changes)
- Deal with your new updated state (more on this later)
A plan in Terraform is therefore a way of performing a dry-run on your code changes. It’s kinda like running tests against code. We’re validating whether what we’ve written produces our expected output. If you’ve already got existing infrastructure and you refactor your Terraform code re-running a plan should show that no changes are to be applied.
A Terraform Plan is how Terraform lets you know what changes are going to be applied. Before making any changes you’ll often run a Terraform Plan to see what difference your changes will make to your infrastructure. The plan command is typically your first step in creating a resource.
You run an apply by executing
terraform plan with the Terraform CLI.
And since we’ve discuss Terraform Plans, an apply is quite simple. An apply simply takes any changes that you’ve got in your resources and applies them.
You run an apply by executing
terraform apply with the Terraform CLI.
Terraform Project Structure
One of the main things you’ll need to know when you get going is how to lay out your file structure. But it’s pretty easy. When your run Terraform commands, Terraform will search the current directory for any files with the
There are no required files or naming in Terraform but you will likely need a provider block we discussed before in order to do anything productive. If you want to group all your resources together in a single file you can, or you can start to break them down into different files to make life easier for you.
A key thing you’ll need to understand about Terraform is how it manages state. Terraform state is how Terraform compares between your requested resources and your actual resources so that you can effectively plan new resources and delete old ones.
Terraform state in reality is just a big JSON file. Terraform can either create state locally in a file or it can be pushed remotely. By pushing remotely it’s easier to work as a team as we can easily share a state file (we’ll go into more detail on remote state in the advanced Terraform section below).
And that’s covers the main things you’ll need to know:
- Terraform Providers
- Terraform Plan command
- Terraform Apply command
- Terraform State
- Terraform File Structure
When you know these few parts you’ve got all you need to start creating resources using Terraform. Now with the basics out of the way let’s take a look at some of the more advanced features of Terraform. You won’t need these features right away but it’s useful to know they exist for when you do need them in future.
Once you’ve got the Terraform basics down, you can start to look at the more advanced stuff. Another way to tackle this list is to treat it as: things you can safely ignore when starting Terraform. In short: Everything presented below is not mandatory for most small projects. You could get by for a long time without ever needing to know these topics. So when you’re starting out simply ignore them and focus on the basics.
Terraform Modules are a way that you can encapsulate shared code. A Terraform Module acts very similarly to a programming function. The module takes inputs, does something and then produces outputs. By refactoring parts of your infrastructure into Modules you can easily enforce standards and keep resources in sync. But they can be fiddly.
Another important point to note is that everything in Terraform is a module. The first files you write in your Terraform project are part of what’s called the root module. But when it comes to learning Terraform it’s not really important to understand modules at first. So focus on creating resources the standard way and then come back to modules when you’re a bit more up to speed.
As we said earlier, Terraform State is a file that Terraform generates when it is ran to collect information about your resources. When it comes to Terraform state, the best way handle the state when you’re starting out is to use the default option, which is local storage of the state file. However, with the local storage approach you’ll soon run into certain issues. But what are the issues with local state? Let’s briefly discuss that now.
A couple of main reasons that local state files can be a pain is: local state files cannot be easily worked on between team members as you could have two people running Terraform against the same state file at the same time. Not only that but the state can also contain important details that you wouldn’t want to store in a local file.
But the solution to the local state problem is a feature called remote state. Terraform gives you various different options to store your remote state, including in data stores as part of the main providers. If you’re working on AWS, Terraform can use S3 as it’s storage for the state, so it will write and read from S3 in order to establish and update the state file.
A Terraform Loop Example
The last feature we’ll discuss today for the advanced features is Terraform loops and conditionals. When you’re just starting out you may see syntax that involves looping over resources or optionally including resources.
Loops allow you to create many of the same resource at the same time, and conditionals allow you to prevent a resource being created, updated or deleted given a certain condition.
There may come a time when you’re using Terraform and truly need one of these more advanced features. However such features can be safely set aside when you first start out learning. And since you’ll already have a lot to learn, it’s good to be able to de-prioritise certain parts.
And that concludes today’s article.
I’m hoping that helped you start to understand the landscape of Terraform and what you’ll need to learn in order to master it.
To recap the best way to learn Terraform is as follows:
- Get an overview of Terraform and it’s functionality.
- Understand the principles (e.g. Infrastructure As Code)
- Make sure you understand your vendor.
- Use the basic features (terraform plan / apply)
- Ignore (for now) the advanced features (e.g. conditionals and loops)
And that’s all there is to it. Now the absolute best next step is to just start. Get a repo setup and start creating simple resources and begin to experiment with the mechanics of how Terraform works. Before you know it, you’ll be a seasoned pro.
Speak soon, Cloud Native friend!
Oh I almost forgot! I also created a short drip-fed email course called Terraform Kick Start. It’s 100% free, and it takes you through the basics of Terraform. The course takes you through a lot of the things we’ve covered today but in more detail. Be sure to check it out.
Lou is the editor of The Cloud Native Software Engineering Newsletter a Newsletter dedicated to making Cloud Software Engineering more accessible and easy to understand, every 2 weeks you’ll get a digest of the best content for Cloud Native Software Engineers right in your inbox.