Quickstart: Writing Terraform

Feb 7, 2023Terraform

In this article we discuss how the basics of writing organized Terraform infrastructure configuration.

Specifying Terraform’s Configuration

We recommend keeping a given Terraform module’s requirements within their own versions.tf file. Within versions.tf, you can write a terraform block which includes the following key components:

– The Terraform version that you will be using via the required_version argument.

– The required Terraform providers and their respective versions.

– The Terraform state backend block configuration. This is where your remote backend is configured or if you are using Terraform cloud, the cloud block is configured.

Handling Variables: Inputs and Outputs

Variables are a key component of any Terraform code that you write. It allows us to make repeatable Terraform modules, pass secrets in through secure mechanisms as opposed to storing values as plan text, and get relevant outputs from Terraform executions. We cover variable usage and syntax in this article. For more on how to pass variables into your Terraform workflow, please see our discussion here.

Input variables

Input variables should be stored in a variables.tf file within your Terraform modules. Variables are Terraform blocks and these variable’s values can be referenced within resource blocks. A very basic example (note, with best practices and larger configuration footprints, this would be split into separate .tf files):

HCL Variable Syntax Example

Output Variables

Output variables should be stored in an outputs.tf file within your Terraform modules. Outputs are Terraform blocks and they reference values that (generally) come from resource blocks within the module. A very basic example (again, with best practices and larger configuration footprints, this would be split into separate .tf files):

HCL Output Variable Example Syntax

Writing Resources

Terraform resources are the meat of any Terraform configuration. They are what actually corresponds to remote cloud resources. All other pieces we have gone over are simply necessary scaffolding for being able to write and then create new resources with Terraform.

A resource is defined via an individual HCL blocks. The exact syntax within these blocks can vary greatly by resource type and provider, but the general structure is the same.

HCL Syntax Example

In general, all of our resources should live within the a main.tf file. If we find that main.tf file is getting quite large, we can split up and bundle multiple resources into a separate Terraform module; modules make Terraform easier to read, more consice, and more modular. You may have noticed we reference modules a lot in this post. This is because even if not explicitly declared as a separate module, Terraform code is considered to be running within the “root” module!

End to End Example

It is one thing to read about the major components of writing Terraform configuration. It is another to see it in action. And anther beast to write it yourself. While we have done the former, we cannot do the latter for you. We can, however, point you to a Terraform module that follows the basic outline described in this article, which you can use as an example as you write your own Terraform configuration.

If you have any questions, please drop us a line! 

dragondrop.cloud’s mission is to automate developer best practices while working with Infrastructure as Code. Our flagship OSS product, cloud-concierge, allows developers to codify their cloud, detect drift, estimate cloud costs and security risks, and more — while delivering the results via a Pull Request. For enterprises running cloud-concierge at scale, we provide a management platform. To learn more, schedule a demo or get started today!

    Learn More About Terraform

    Everything Everywhere All as Code

    “Everything as Code” Definition Everything as Code is a philosophy for managing IT infrastructure where all components of infrastructure are created, managed, and deleted using code. This applies to container definitions, cloud infrastructure, on-premise server...

    read more

    Open Source driftctl Alternatives

    What is driftctl? driftctl is an OSS CLI tool that enables users to identify Terraform drift as well as unmanaged resources within a cloud environment. It is a quite popular tool and has collected over two thousand stars on GitHub. Why Would We Want a Replacement?...

    read more

    Why We Are Not Supporting OpenTF

    Background On August 10, HashiCorp changed the license to their previously “Open Source” projects to a Business Source License (BSL), making them now “source available” for all future releases. We discusssed in detail reasons and motivations for this change here. On...

    read more