Master Terraform: A Beginner’s Guide to Cloud Infrastructure Automation

In today’s widespread cloud computing era, many practical tools exist for managing cloud resources, and Terraform stands out as one of the most popular, widely adopted by both foreign and domestic enterprises.

If you still manage cloud resources manually, this article is essential for you.

1. What is Terraform?

Terraform is an open‑source Infrastructure as Code (IaC) tool developed by HashiCorp. It allows developers and operations engineers to define, configure, and manage cloud infrastructure resources using a declarative configuration language.

Unlike traditional graphical interfaces or script‑based deployments, Terraform describes the desired state of infrastructure in code, enabling automation, version control, and reproducibility.

2. Core Concepts Explained

1. Declarative Programming Paradigm

Terraform adopts a declarative paradigm where users specify *what* they need rather than *how* to achieve it, contrasting with imperative programming.

For example, you simply state “I need two servers with certain specifications” without detailing the steps to create EC2 instances, configure security groups, or attach EBS volumes.

2. Resources and Providers

Resources are the basic building blocks in Terraform configurations, each representing a component such as a virtual machine, network interface, or storage volume.

Providers act as bridges between Terraform and target platforms, abstracting the upstream cloud provider APIs and handling resource lifecycle management. Terraform supports hundreds of providers, including AWS, Azure, Google Cloud, Alibaba Cloud, as well as services like Kubernetes, Docker, and GitHub.

3. State Management

Terraform tracks the current state of infrastructure using a state file, which maps configurations to real resources. This file is crucial for determining which resources need to be created, updated, or deleted.

Effective state management is a critical and complex part of Terraform architecture, essential for team collaboration and operational stability.

3. Terraform Workflow

1. Write Configuration

Terraform configurations are written in HashiCorp Configuration Language (HCL) or JSON. HCL is designed for infrastructure configuration, offering simplicity and readability.

provider "alicloud" {
  access_key = "<your AccessKey ID>"
  secret_key = "<your AccessKey Secret>"
  region     = "cn-hangzhou"
}

# Define VPC resource
resource "alicloud_vpc" "vpc" {
  vpc_name   = "my-vpc"
  cidr_block = "10.0.0.0/16"
}

# Define vSwitch subnet
resource "alicloud_vswitch" "vsw" {
  vswitch_name = "my-vsw"
  vpc_id       = alicloud_vpc.vpc.id
  cidr_block   = "10.0.1.0/24"
  zone_id      = "cn-hangzhou-a"
}

2. Initialize Working Directory

Run terraform init to download required provider plugins, initialize backend configuration, and prepare the execution environment.

$ terraform init

3. Plan Changes

Run terraform plan to analyze the current state, compare configuration differences, and generate an execution plan that lists resources to be created, modified, or destroyed.

$ terraform plan

4. Apply Configuration

Run terraform apply to execute the planned changes. Terraform automatically determines the correct resource creation order based on dependencies.

$ terraform apply

5. Destroy Resources

Run terraform destroy to quickly delete resources that are no longer needed.

$ terraform destroy