Terraform and AWS CloudFormation are both Infrastructure as Code (IAC) tools, but they have some key differences. Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently, while CloudFormation is an Amazon Web Services (AWS) service that enables users to use templates to provision and manage AWS resources.
Terraform is cloud-agnostic, meaning it can be used to manage infrastructure on multiple cloud providers, including AWS, Azure, and Google Cloud. CloudFormation, on the other hand, is specific to AWS and can only be used to manage resources within that ecosystem.
Terraform uses its own language called HashiCorp Configuration Language (HCL) to describe infrastructure, while CloudFormation uses JSON or YAML templates.
Terraform also has a feature called "state" which keeps track of the real-world infrastructure, and can be used to plan changes and roll back in case of errors. CloudFormation also has a similar feature called "StackSets" which allows to manage multiple CloudFormation stacks across multiple accounts and regions.
Terraform is a multi-cloud, open-source tool that can be used to manage infrastructure across different cloud providers, while CloudFormation is an AWS-specific service that can be used to manage resources within the AWS ecosystem.
Terraform uses a declarative approach to define infrastructure, which means that users specify the desired end state of their resources and Terraform takes care of figuring out how to create and configure them. CloudFormation, on the other hand, uses an imperative approach, where users write detailed instructions for each step of the provisioning process.
Terraform provides a command-line interface (CLI) that can be used to create, modify, and manage infrastructure. CloudFormation provides a web-based console, a command-line interface (CLI), and an SDK that can be used to interact with the service.
Terraform has a large and active community, which means that there are a lot of resources, tutorials, and example templates available online. CloudFormation also has a large and active community, but it is focused primarily on AWS.
Terraform can be integrated with other tools like Ansible, Jenkins, and GitHub, making it possible to use it as part of a larger DevOps workflow. CloudFormation can also be integrated with other tools, but it is more tightly integrated with other AWS services like Elastic Beanstalk, CodePipeline, and CodeBuild.
Terraform's state file can be stored locally, remotely (e.g S3 bucket, HashiCorp Consul, etc) and can be used to share the state with other team members. CloudFormation, also stores its state on AWS, on a S3 bucket.
Terraform also has a feature called "module" which allows to create reusable code and share it among different teams. CloudFormation also has similar feature called "Nested Stacks" which allows to use a stack as a module and includes it in other stacks.
Below is the Terraform sample script which creates the EC2 Instance -
provider "aws" {
region = "us-west-2"
}
resource "aws_instance" "example" {
ami = "ami-0ff8a91507f77f867"
instance_type = "t2.micro"
tags = {
Name = "your-instance"
}
}
This script uses the AWS provider to specify that the resources will be created in the "us-west-2" region. It then creates an EC2 instance using the "aws_instance" resource. The "ami" attribute specifies the Amazon Machine Image (AMI) that the instance will be based on, and the "instance_type" attribute specifies the type of instance to launch. The "tags" block allows you to add metadata to your instance.
You need to do the following things before running this script:
You will need to configure the AWS provider credentials to your local machine or using environment variables
You can update the
ami
andinstance_type
with the required one from your use caseAlso, you can add more resources, variables, data sources, and outputs to the script as per your requirements.
Below is the AWS CloudFormation sample script which creates the EC2 Instance -
---
AWSTemplateFormatVersion: '2010-09-09'
Resources:
MyEC2Instance:
Type: 'AWS::EC2::Instance'
Properties:
InstanceType: t2.micro
ImageId: ami-0323c3dd2da7fb37d
KeyName: myKey
SecurityGroupIds:
- !Ref MySecurityGroup
SubnetId: !Ref MySubnet
MySecurityGroup:
Type: 'AWS::EC2::SecurityGroup'
Properties:
GroupDescription: Enable SSH access
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
MySubnet:
Type: 'AWS::EC2::Subnet'
Properties:
VpcId: !Ref MyVpc
CidrBlock: 10.0.0.0/24
MyVpc:
Type: 'AWS::EC2::VPC'
Properties:
CidrBlock: 10.0.0.0/16
This template creates several resources:
A VPC (MyVpc) with a CIDR block of 10.0.0.0/16
A subnet (MySubnet) within the VPC with a CIDR block of 10.0.0.0/24
A security group (MySecurityGroup) that allows incoming SSH traffic
An EC2 instance (MyEC2Instance) of type t2.micro, using the specified image ID, with the specified key pair and security group, and placed in the specified subnet.
You can use this script by uploading it to CloudFormation and creating a stack using this script.
Note that this is a basic example, in real-world scenarios you may want to include more information in the script such as EBS volume, IAM role, etc. Also, the values such as ImageId and KeyName are specific to the region you are in, you may want to use appropriate values for the region you are working on.
In summary, Terraform and CloudFormation are both powerful infrastructure management tools, but they have different strengths and are better suited for different use cases. Terraform is a good choice if you need to manage infrastructure across multiple cloud providers or if you prefer a declarative approach to infrastructure management. CloudFormation is a good choice if you are primarily focused on AWS and if you prefer an imperative approach to infrastructure management.
Thanks for reading this article.
See you soon.