Terraform — Best practices and project setup

  • Terraform installation using Docker
  • Commands cheat sheet for quick reference
  • Terraform for_each to improve terraform scripts
  • Advantages of using jsonencode function
  • My view on terraform visualization tools
  • Other terraform libraries that’s promising

Terraform installation using Docker

  • In MacOS, terraform depends on XCode. Updating XCode takes lot of disk space and time.
  • docker based terraform client is lightweight and switching to latest version of terraform becomes much easier
  • Docker based terraform client — hashicorp/terraform
  • I like a docker-compose based local setup, since we could have all environment params, arguments, command to invoke etc., in a easy to use form.
docker-compose.yaml file content

Terraform commands cheat sheet

Terraform workspaces

# Create a new workspace
docker-compose run --rm terraform workspace new dev
# Switch to a workspace
docker-compose run --rm terraform workspace select dev

for_each block

resource "aws_secretsmanager_secret" "my_secrets" {
for_each = toset(["app_1", "app_2"])
name = format("%s/${each.key}", var.environment)
description = "Secrets used by apps"
  • for_each resources are internally map type. We can address them with key name map['key_1'] and get any attribute of that object

Use jsonencode instead of EOF

Visualize terraform

  • docker-compose file shown above provides few options. This should help to play around easily
  • After playing around with few of them, I am not very happy with the results on a big terraform project. It was hard to get useful information for my needs.
  • For large terraform projects, generated diagrams are too big. Cannot read clearly
  • Normal terraform plan shows changes like git diff format, which is super useful. Most of the tools that played with, make viewing the changes more complex and hard to find the difference.
  • However I like the idea of visualizing terraform and this space is rapidly evolving.

Tools | Libraries

  • geopoiesis — Specialized continuous integration and deployment tool for modern declarative infrastructure provisioning and management. check here for more
  • terraforming — Export existing AWS resources to Terraform style (tf, tfstate). check here for more
  • terraformer — CLI tool to generate terraform files from existing infrastructure. check here for more
  • scenery — Terraform plan output prettifier. check here for more
  • terrahub — TerraHub is terraform automation and orchestration tool. Seamlessly integrated into console.terrahub.io, enterprise friendly GUI to show realtime terraform executions, as well as auditing and reporting capabilities for historical terraform runs. check here for more
  • Visual studio code extension that is helpful to work with terraform. — https://marketplace.visualstudio.com/items?itemName=HashiCorp.terraform




Software Architect ★ Data engineer ★ Committed to improve data science productivity

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Load Data CSV into MySQL

Introducing Spin

Python Fundamentals for Data Science

Latency Improvement with In-Memory Caching using Caffeine

Long-exposure photo of automobile headlights and taillights at speed

Proxy Injector: Enabling SSO with Keycloak on Kubernetes

Simple Website Based on ASP.NET Core and Platformus CMS in 5 Minutes

Using S3Access Point to Restrict S3 bucket access

Critical Thinking and QFT

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Sairam Krish

Sairam Krish

Software Architect ★ Data engineer ★ Committed to improve data science productivity

More from Medium

Managing Terraform Code

[Terraform] Tips and Tricks — Part 2

How To Improve Your Chances To Master CKAD Exam?

Terraform: 10 tips to retain your sanity