Why Terraform is an essential tool for DevOps Engineers

Written by Bits Lovers on 07 Feb 2023

Why Terraform is an essential tool for DevOps Engineers

As a devops engineer, managing infrastructure eats up a lot of my time. Keeping track of dozens of components, making sure everything talks to each other correctly - it adds up fast.

That is when I found Terraform, and it genuinely changed how I work. Instead of clicking through cloud consoles or writing brittle scripts, I describe what I want my infrastructure to look like, and Terraform figures out how to get there. Create resources, update them, tear them down when you do not need them anymore - all from the same configuration files.

What I like most is that Terraform handles AWS, Azure, and GCP equally well. I can manage resources across all three providers from a single set of files without switching tools or contexts.

Automating infrastructure with Terraform

Terraform lets you describe infrastructure in configuration files. You write what you want, run terraform plan to see what will change, then terraform apply to make it happen. The plan step is useful because it shows you exactly what will happen before anything actually changes in your environment.

The state file is key to how Terraform works. It tracks what exists in the real world versus what your configuration says should exist. When you run apply again, Terraform compares your configuration against the current state and the actual infrastructure, then generates a plan to reconcile the differences.

Learning curve and real-world savings

Terraform is not hard to pick up. The HCL syntax is readable, and the official docs are solid. You can get a basic configuration running in an afternoon. The time savings compound quickly - once your infrastructure lives in code, spinning up new environments or replicating setups across regions takes minutes instead of days.

Open source and community

Terraform is open source, maintained by HashiCorp. The provider ecosystem is massive - if a cloud service has an API, there is probably a Terraform provider for it. You can also write your own providers if needed.

Managing multiple providers

The same workflow works everywhere. I use modules to package reusable patterns - a VPC setup, a database cluster, whatever I find myself configuring repeatedly. Instead of copying code between projects, I reference a module and Terraform handles the rest. This keeps things consistent and cuts down on copy-paste errors.

Infrastructure as code in practice

If you want to treat infrastructure like software, Terraform is a good fit. You get version control for your environment definitions, code review workflows, and the ability to recreate environments reliably. It works well with CI/CD pipelines too - plan and apply can run as part of your deployment process.

Key features

Terraform brings several things together:

Infrastructure as Code - Describe infrastructure in configuration files you can version, review, and reuse
Execution plans - Preview changes before applying them
Resource graphs - Terraform builds a dependency graph and creates resources in parallel where possible
Change automation - Apply complex changesets with minimal manual intervention

It also integrates with tools like Jenkins, Ansible, and Packer, so you can fit it into existing workflows.

Benefits in practice

In my day-to-day work, Terraform helps in a few concrete ways:

Less manual work - Instead of provisioning resources by hand, I run apply and watch Terraform create exactly what I specified
Consistency across environments - Dev, staging, and production all come from the same configurations, so drift is less of an issue
Faster setup and teardown - When I need a temporary environment for testing, I can spin it up and tear it down quickly
Integration with CI/CD - Running terraform plan in a pull request lets teams review infrastructure changes before they happen

Getting started

Installing Terraform

The official approach works well. Download the binary for your platform from hashicorp.com, unzip it, and put it somewhere in your PATH. On Linux or macOS, that is usually /usr/local/bin/. On Windows, add it to a folder in your system PATH.

Verify with terraform --version.

Ubuntu install

wget https://releases.hashicorp.com/terraform/{version}/terraform_{version}_linux_amd64.zip
unzip terraform_{version}_linux_amd64.zip
sudo mv terraform /usr/local/bin/
terraform --version

Replace {version} with the version you want, like 1.10.0.

Windows install

# Using PowerShell
Invoke-WebRequest -Uri "https://releases.hashicorp.com/terraform/{version}/terraform_{version}_windows_amd64.zip" -OutFile "terraform.zip"
Expand-Archive -Path terraform.zip -DestinationPath "C:\Terraform"
# Add C:\Terraform to your PATH in System Properties
terraform --version

Your first configuration

Create a file ending in .tf. Here is a simple Azure virtual machine example:

resource "azurerm_resource_group" "example" {
  name     = "example-resources"
  location = "eastus"
}

resource "azurerm_virtual_machine" "example_vm" {
  name                  = "example-vm"
  location              = azurerm_resource_group.example.location
  resource_group_name   = azurerm_resource_group.example.name
  vm_size               = "Standard_B1s"

  storage_image_reference {
    publisher = "Canonical"
    offer     = "UbuntuServer"
    sku       = "16.04-LTS"
    version   = "latest"
  }

  storage_os_disk {
    name              = "myosdisk1"
    caching          = "ReadWrite"
    create_option    = "FromImage"
    managed_disk_type = "Standard_LRS"
  }
}

Run terraform init to download providers, then terraform plan to see what Terraform will create, then terraform apply to actually create the resources.

Using modules

Modules package up reusable infrastructure. Instead of copying the same resource definitions across projects, you write a module once and reference it:

module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "5.0.0"

  name = "my-vpc"
  cidr = "10.0.0.0/16"

  azs             = ["us-east-1a", "us-east-1b"]
  public_subnets  = ["10.0.1.0/24", "10.0.2.0/24"]
  private_subnets = ["10.0.10.0/24", "10.0.11.0/24"]
}

You can publish modules to the Terraform Registry or keep them private in your own repository.

Tips for writing Terraform

A few things I have picked up:

Test with terraform plan often - Run it before apply to catch mistakes early
Use variables instead of hardcoding - Pass values in via .tfvars files or environment variables
Keep formatting consistent - Run terraform fmt to clean up your files
Use modules for repetition - If you copy code more than twice, it probably belongs in a module
Store state remotely for teams - S3 with DynamoDB locking, Azure Blob Storage, or HCP Terraform all work well for collaboration

Workflow in practice

The basic loop is: write or edit configuration, run terraform plan to preview, review the output, then terraform apply to execute. For larger setups, save the plan with terraform plan -out=tfplan and apply that file to ensure you get exactly what you reviewed.

State management matters. By default Terraform stores state locally, but for team environments you want a remote backend - S3 with DynamoDB locking is common for AWS setups. This prevents state conflicts when multiple people run apply at the same time.

Conclusion

Terraform has been practical for me. It cuts down on manual infrastructure work, keeps environments consistent, and makes it easier to version and review changes. If you manage cloud resources and have not looked into infrastructure as code tools yet, Terraform is a reasonable place to start.