TERRAFORM

COURSE

2025
Module# 1
(Introduction)
Course Objective
Challenges with Traditional
IT infrastructure

Types of IAC Tools

Warner &
Spencer

2025

STARTUP
BUSINESS PLAN
Presented By
Aaron Loeb
Why Terraform?

Declarative

Terraform is declarative means you define what the desired

state of your instance should look like instead of writing code in
step by step detailed instruction.
Resource

Everything that terraform manages is called terraform resource.

It includes anything managed by terraform like S3, EC2 on-prem.

Terraform State

It is the blueprint of infrastructure deployed by Terraform.

Terraform manages lifecycle of resources like provisioning or
configuration. It records states of infrastructure running in real
time and based on this it knows that which to change on
updating the infra.

Terraform Import

Terraform can read attribute of other system components. It can

import other resources that were not created by terraform &
bring them under its management for future.
Installing
Terraform

HCL Basics

Sample file for EC2 Sample file for S3

Terraform
Workflow

Init: Checks the configuration file and initialize working

directory.
Apply: Prints the execution plan and confirms the user exwcution
Plan: Show the action carried out by terraform to create resource

Update & Destroy

Infrastructure

Terraform destroy command is use to delete resources.

When the command is executed it shows the deletion plan and
shows “-” symbol before the resources that will be deleted.
Module# 2
(Terraform Basics)
Terraform
Providers

Provider is a plugin for Terraform that offers a collection of

resource types.

Plugins are installed when we run “terraform init”.

Plugin are saved in .terraform file under the project directory.

Terraform
Providers

Directory where all the terraform configuration files (.tf) stored.

i.e: you can store multiple files like cat.tf, dog.tf etc.
You can also store all the configuration blocks in a single file.
Multiple
Providers

Terraform can include multiple providers in a single

configuration (.tf) file.

Input
Variables

Input variable are used to assign value to variable.

For this we have to assign variable in different configuration
file (variable.tf).
Understanding
Variables

There are 3 parameters of variable.

Default
Type
Description

Type variable are optional but when

mentioned, terraform enforces to use it.
If not used type parameter it uses any by
default.

List
Variable

Map
Variable

List of
a Type

Map of
a Type
Set
Set is same as of list only key
difference is that sets don’t have
duplicate values.

Objects
With objects we can create complex
data structures using all the variable
data types

Tuples
Tuples are similar to list but consists
of sequence of elements. The only
key difference is that it can use
elements of different variable types.
Using
Variables

Passing directly

Use as Env variables

Variable Definition file

Resource
Attributes

Resource attribute is a way of linking two resources.

i.e below the content have the id of other resource.
Resource
Dependencies

Output
Variables

Sample commands
Module# 3
(Terraform State)
Terraform state are the state of process that has been done when we initiate
terraform commands.
Terraform init: Use to download necessary plugins.
Terraform plan: Generate output of execution plan.
Terraform apply: Create resources as expected in plan command.

Purpose of
State

Terraform state file is the blueprint of all the resources that

terraform manages in the real world infrastructure.
Terraform records the id of resource to identify it.

Terraform State
consideration

Terraform state consists of all the sensitive data of our infra.

So it is better to store it in a secured storage.
Module# 4
(Working with Terraform)

Terraform Commands

1.Terraform Validate: Checks the file has correct syntax or not!

2.Terraform Format: Formats the file into proper format for readability.
3.Terraform Show: Prints the current state of infrastructure.
4.Terraform Providers: List all the providers in configuration directory.
5.Terraform Output: Print all the output variable of configuration directory.
6.Terraform Refresh: Sync terraform with real world architecture.
7.Terraform Graph: Visual representation of dependencies in configuration dir.

Mutable v/s immutable

Infrastructure

"Mutable infrastructure" refers to a system where existing infrastructure

components can be directly modified and updated after deployment, while
"Immutable infrastructure" means that once deployed, components are never
changed and instead are replaced with entirely new versions whenever a
modification is needed

Life Cycle Rule

Infrastructure

Create before destroy Prevent destroy

Ignore Changes
This will ignore the changes that are being chosen.

For Specific Tags For All Tags

Data Sources

Data sources allows terraform to read attribute from the resources that are
out of terraform control.
Meta Argument

Use in any resource block to change behaviour of resources.

i.e lifecycle rules, depend_on.
Types: Count & For_Each

Count

Use in any resource block to change behaviour of resources.

i.e lifecycle rules, depend_on

For Each

Method #1
Method #2

The key difference between for_each and count is that whenever count is
applied it destroys all the resources but for_each only destroyed the
changed resources.

Version
Constraints
It is used when we make sure that our terraform file will use a specific
version of provider when we run terraform init command

Users of Version Constraints:

1. Don’t use specific version “!= 2.0”
2. Use smaller than version “< 2.0”
3.Use greater than version “> 2.0”
4.Same or greater version “~> 1.2”
5.
6.Use multiple operators
“ >1.2, < 2.0, != 1.4”
Module# 5
(Terraform with AWS)
AWS IAM with
Terraform

Methods of using IAM

Method #1 Method #2
Method #1 of creating
IAM with Terraform
Using Policy with EOF parameters.

Method #1 of creating
IAM with Terraform
Using policy from a different file.
AWS S3 with
Terraform
AWS Dynamo DB
with Terraform
Module# 6
(Remote State)

Remote State

Terraform state does

Mapping configuration to real world.
Tracking metadata.
Performance.
collaborate members

Terraform state file is saved at local machine when terraform apply

command is run, but it is not recommended to save this file on SCM.

State Locking

State locking happened when two persons tries to run configuration

file at once, or it runs without completing the previous execution.

So in such scenario we save the terraform state at remote backend.

This results in auto load and upload, prevent state locking and security.
Remote Backends
with S3

Terraform State
Commands
Terraform state commands are use to manipulate
terraform state.

List: Lists all records of terraform state

Show: Lists detail of single resource

Pull: To view the contents of remote state

Pull with specific resource attribute

Move: Use to move items in terraform state file
Note: You have to manually change resource name in main configuration file.

RM: Use to remove items form terraform state command

Module# 7
(Terraform Provisioners)
AWS EC2 with
Terraform

User Data: Commands to run when EC2

starts.

KeyPair: Sets keypair for ssh.

SecurityGroup: Manage firewall/ ports.

PublicIP: Prints public IP

Terraform
Provisioners

Terraform provisioners way us to carry out tasks or scripts on remote

resources or locally on the machine where terraform is installed.
Remote Exec: Used to run bash script after the resource is created.

Local Exec: Used to run bash script from the local machine.
Failure Behavior: Destroy resource if failed

Module# 8
(Terraform Import, Taint & Debug)

Taint

Whenever the resource creation is failed due to any reason it will be

marked as tainted by terraform.
You can see this when you run terraform plan command.

You can taint a resource using taint

command, it is useful if you have applied
some manual changes to your resource
and then you want to revert it.

You can untaint a resource using untaint command, so terraform dont try
to recreate it on terraform apply.
Debugging

For debugging purpose we have to check logs. Logs Level

Enable Logs

Save logs in file

Disable Logs

Terraform
Import
Terraform import is use to import resources completely into the
managment and operation of terraform

At first it shows error, becases configuration file is not updated by import

command. You have to write an empty block in config file for resource
Now check the terraform state file and check for the configuration and add
that accordingly in resource block.

Module# 9
(Terraform Modules)
Terraform
Import

Terraform module is a set of

terraform configuration files in a
single directory.
Creating &
Using module
This is a simple architecture and we want to copy the
same architecture in different countries.
Create infrastructure for US-Region

Create infrastructure for UK-Region

Benefits:
Reusability. Low risk (less
human error). Simpler
configuration files.
Standardize configuration.

The above is terraform local

module, but incase we want to
get remote modules here are
some example for this.
You have to mention the module
version or it will pull latest.
Module# 10
(Terraform Functions)

Make Terraform
Function

We have use some functions so far like length, file, list to set

Numeric Functions:
Use to transform and manipulate numerical
type data.
Ceil returns greater than or closer number.
Floor return less than or closer number.
String Functions:
Use to transform and manipulate String type
data values.

Collection Functions:
Use for collection data types such as list, set
and maps.

Map Functions:
Use for Map data types.
Conditional
Expression

IF-ELSE