Terraform Test: Built-In Testing Framework Guide
Terraform's built-in testing framework allows you to assert the state of your infrastructure after a Terraform run, but it's not about validating your T.
Terraform Articles
50 articles
Terraform tfsec: Static Security Analysis for IaC
tfsec is a security scanner for Terraform code that finds common misconfigurations and security risks before you deploy your infrastructure.
Terraform .tfvars: Manage Environment-Specific Variables
Terraform .tfvars: Manage Environment-Specific Variables — .tfvars files are how you give Terraform environment-specific settings without hardcoding the...
Terraform Unit Tests: Mock Providers for Fast Testing
The most surprising thing about Terraform unit tests is that they often don't need to talk to any real cloud providers at all.
Terraform Vault Provider: Inject Secrets at Apply Time
Terraform's Vault provider can inject secrets directly into your infrastructure configuration at apply time, but it's not a substitute for managing secr.
Terraform Version Upgrade: Migrate to Latest Safely
Terraform Version Upgrade: Migrate to Latest Safely — practical guide covering terraform setup, configuration, and troubleshooting with real-world examp...
Terraform Workspaces: Isolate State Per Environment
Terraform workspaces are a feature that lets you manage multiple distinct states for a single configuration, effectively allowing you to run the same Te.
Terraform Checkov: Scan IaC for Security Misconfigs
Terraform Checkov: Scan IaC for Security Misconfigs — practical guide covering terraform setup, configuration, and troubleshooting with real-world examp...
Terraform Cloud Variable Sets: Share Variables Across Workspaces
Terraform Cloud Variable Sets are a powerful feature for managing and sharing sensitive or common configuration values across multiple Terraform workspa.
Terraform Cloud VCS Workflow: GitHub and GitLab Integration
Terraform Cloud VCS Workflow: GitHub and GitLab Integration — practical guide covering terraform setup, configuration, and troubleshooting with real-wor...
Terraform Cloud Workspaces: Organize State and Variables
Terraform Cloud Workspaces are the primary mechanism for isolating state files and variables, effectively creating distinct environments for your infras.
Terraform create_before_destroy: Zero-Downtime Replacements
Terraform's createbeforedestroy lifecycle argument, when used with resource replacements, doesn't actually guarantee zero downtime; it only ensures that.
Terraform Data Sources: Query Existing Infrastructure
Terraform data sources allow you to fetch information about existing infrastructure that wasn't necessarily provisioned by Terraform itself.
Terraform depends_on: Explicit Dependencies Explained
Terraform's dependson meta-argument is often seen as a crutch, a way to force execution order when the dependency graph should be implicit.
Terraform Drift Detection in CI: Catch Manual Changes
Terraform drift detection in CI isn't about preventing manual changes; it's about making the inevitable manual changes visible and manageable before the.
Terraform Dynamic Blocks: Generate Repeated Nested Config
Dynamic blocks let you generate repeatable nested configurations in Terraform, but they're not just syntactic sugar for loops; they fundamentally change.
Terraform Enterprise vs Cloud: Features and Trade-offs
Terraform Enterprise is a self-hosted, on-premises or private cloud deployment of Terraform that offers advanced features for large organizations.
Terraform Ephemeral Resources: Manage Short-Lived Resources
Terraform's ability to manage ephemeral resources is often misunderstood as a limitation, but it's actually a powerful feature for handling temporary in.
Terraform for_each vs count: Choose the Right Iterator
foreach and count in Terraform are both used to create multiple instances of a resource, but they operate on fundamentally different principles, and cho.
Terraform Google Provider Auth: Service Account and ADC
Terraform's Google provider can authenticate using either a service account key file or Application Default Credentials ADC, and understanding the nuanc.
Terraform Graph: Visualize Resource Dependencies
Terraform's graph command doesn't just draw boxes and arrows; it's a direct visualization of how your infrastructure components rely on each other, reve.
Terraform Helm Provider: Deploy Charts to Kubernetes
Terraform's Helm provider is your secret weapon for managing Kubernetes applications, letting you define your Helm releases as code and treat them with .
Terraform IAM Least Privilege: Scope Role Permissions
Terraform's IAM capabilities are often used to grant broad permissions, but the real power lies in meticulously scoping them down to the absolute minimu.
Terraform Import: Bring Existing Resources Under Management
Terraform can manage infrastructure that already exists outside of its state file. Let's say you have a database instance created manually in AWS, and y.
Terraform Infracost: Estimate Cloud Costs Before Apply
Terraform Infracost: Estimate Cloud Costs Before Apply — practical guide covering terraform setup, configuration, and troubleshooting with real-world ex...
Terraform Kubernetes Provider: Manage K8s Resources
Terraform's Kubernetes provider is a powerful tool for managing Kubernetes resources, but its true magic lies in its ability to treat Kubernetes objects.
Terraform Locals, Variables, and Outputs: Complete Guide
Terraform locals are a way to define reusable values within a single Terraform module, but most people use them as a crutch for avoiding repetitive code.
Publish Terraform Modules to the Registry: Steps and Versioning
The most surprising thing about publishing Terraform modules to the registry is that the registry doesn't actually store your module code; it just index.
Terraform Module Best Practices: Structure and Versioning
Terraform modules are the building blocks of your infrastructure as code, but their true power is unlocked when you treat them as first-class software p.
Terraform moved Block: Refactor Without Destroying Resources
Terraform's moved block is the secret weapon for refactoring your infrastructure code without the dreaded terraform destroy and terraform apply cycle.
Terraform Multi-Cloud: Manage AWS, GCP, Azure Together
You can manage AWS, GCP, and Azure resources from a single Terraform configuration, and it's not just about convenience; it's about abstracting away the.
Terraform null_resource: Run Scripts and Provisioners
The nullresource in Terraform is a bit of a Swiss Army knife, and its most surprising capability is that it doesn't actually do anything on its own, but.
Terraform Plan in CI: Parse and Comment on PRs
Terraform Plan in CI: Parse and Comment on PRs — practical guide covering terraform setup, configuration, and troubleshooting with real-world examples.
Terraform prevent_destroy: Protect Critical Resources
Terraform's preventdestroy lifecycle argument doesn't actually stop Terraform from destroying resources; it just makes Terraform complain loudly if you .
Terraform Private Module Registry: Internal Module Sharing
Terraform's private module registry is a powerful tool for sharing internal Terraform modules, but it's not just a place to dump code; it's a versioned .
Terraform Provider Version Pinning: Lock and Upgrade
Terraform provider version pinning is less about locking in a specific version and more about creating a version constraint that allows for controlled u.
Terraform State Refresh: Reconcile Drift Without Applying
Terraform's refresh command can feel like magic, letting you update your state file to match the real world without touching your infrastructure.
Terraform Remote State with S3 and DynamoDB Locking
Terraform's remote state management is surprisingly complex, and the common setup with S3 and DynamoDB is often misunderstood.
Terraform required_providers: Pin Providers Correctly
Pinning your Terraform providers is crucial for reproducible infrastructure deployments. Let's see how Terraform uses providers
Terraform Resource Lifecycle Hooks: precondition and postcondition
Terraform's lifecycle hooks, precondition and postcondition, aren't just about validation; they're critical for ensuring your infrastructure's state ali.
Terraform Sensitive Variables: Protect Secrets in State
Terraform Sensitive Variables: Protect Secrets in State — practical guide covering terraform setup, configuration, and troubleshooting with real-world e...
Terraform S3 Backend: Store State Remotely with Locking
Storing your Terraform state remotely in an S3 bucket isn't just about not losing your state file; it's fundamentally about enabling collaboration and p.
Terraform state mv: Rename Resources Without Recreating
terraform state mv is a command that lets you rename resources in your Terraform state file without actually destroying and recreating them.
Terraform state rm: Remove Resources from State
Terraform's state rm command is surprisingly complex, often leading to more questions than it answers about how your infrastructure is actually managed.
Terraform -replace: Force Resource Recreation
Terraform's replace command doesn't actually replace anything; it's a way to tell Terraform to forget about a resource and create a new one as if the ol.
Terraform Terratest: Integration Tests for Infrastructure
Terratest is a Go library that lets you write automated integration tests for your infrastructure code, primarily Terraform.
Terraform -target: Apply Changes to Specific Resources
Targeting a specific resource in Terraform is more than just a shortcut; it's a way to precisely control the blast radius of your infrastructure changes.
Terraform Atlantis GitOps: PR-Based Infrastructure Reviews
Atlantis is a tool that bridges the gap between GitOps and Terraform, enabling infrastructure changes to be managed via pull requests.
Terraform AWS Provider Auth: Profiles, Roles, and Keys
Terraform's AWS provider is designed to be flexible in how it authenticates to your AWS account, but this flexibility can also be a source of confusion.
Terraform AzureRM Provider Auth: Service Principal Setup
Terraform, your infrastructure-as-code darling, often hits a wall when trying to talk to Azure. It's not that Azure doesn't want to listen, it's that Te.