Terraform - Up and Running: Writing Infrastructure as Code

Product Information

The author describes why and how should one use Terraform, the importance of the Infrastructure as Code in the first chapter. And step by step, chapter by chapter, the author gives the most of best practices of terraform, how to organize your infrastructure code and main problems you may encounter. The chapters explaining terraform are heavily on AWS, some may consider that a thumbsdown for the book, but as the author explained the reason for that, all those examples can be tested on a free tier AWS account, unless it is stated otherwise. Terraform: Up & Running is now on its 3rd edition; all the code in master is for this edition. If you're looking

through code examples that you can try at home. You'll go from deploying a basic "Hello, World" Terraform Inclusion of problems. I’d love to have an “Extra for Experts” of challenges for readers to solve to solidify their knowledge. In the second part of the series, which will come out when the final version of the 3rd edition is published ( Update, September 28, 2022: the 3rd edition is now published , and the second part of the blog post series is available !), I’ll cover 5 more problems and solutions, including input validation, refactoring, static analysis, policy enforcement, and maturity. Grab a copy of the book to get full access to all of this content! Multiple regions, accounts, and clouds The problem You’ve now had a small taste of just 5 of the problems that have been solved in the Terraform world in the last few years and are now covered by the 3rd edition of Terraform: Up & Running, including how to work with multiple regions, accounts, and clouds, how to control your provider versions, how to manage secrets securely with Terraform, how to set up a secure CI / CD pipeline, and how to do control logic with modules.

Terraform has become a key player in the DevOps world for defining, launching, and managing infrastructure as code (IaC) across a variety of cloud and virtualization platforms, including AWS, Google Cloud, Azure, and more. This hands-on third edition, expanded and thoroughly updated for version 1.0 and beyond, shows you the fastest way to get up and running with Terraform. Static analysis: How to perform other types of automated testing on Terraform code, such as static analysis. Therefore, except for a few niche cases, I recommend the cloud native approach. This is also the approach that Terraform is designed for: you can use Terraform with multiple clouds, but you have to write separate code for each cloud, using the providers and resources native to that cloud. Therefore, even for multi-cloud deployments, it’s unusual to build a single Terraform module that deploys into multiple clouds (that is, uses multiple different providers in one module); it’s much more common to keep the code for each cloud in separate modules. Cloud native: With this approach, the idea is to try to use each cloud independently, leveraging its unique services as much as possible. On hindsight, without the proliferation of cloud, it would hard to see IaC taking hold as the languages would be so fragmented across each infra built out.

There are several ingredients to setting up a secure CI / CD pipeline for Terraform. The first ingredient is to handle credentials on your CI server securely. The 3rd edition of the book adds examples of using environment variables, IAM roles, and arguably the most secure option of all, OpenID Connect (OIDC). Chapter 6 includes an example of using OIDC with GitHub Actions to authenticate to AWS, via an IAM role, without having to manage any credentials at all: # Authenticate to AWS using OIDC Update, September 28, 2022: The final version of Terraform: Up & Running, 3rd edition has been published! Grab your copy now!

Table of contents

The emergence of OpenTofu, spearheaded by the Linux Foundation, as an open-source alternative to Terraform, is a testament to the need for flexibility and adaptability in the industry. Personally, I find the creation of this fork a refreshing move, reflecting the community's resilience and adaptability. HashiCorp's recent decisions around Terraform's licensing have been, in my opinion, questionable. Their approach might not have been in the best interest of the broader community. I'm optimistic that the OpenTofu initiative will keep the spirit of open-source and collaboration alive, ensuring the tool's longevity and relevance. Maturity. How Terraform has become more stable due to the Terraform 1.0 release, the growth of the community, and the HashiCorp IPO. The rapid evolution of the DevOps industry, though still in its infancy, poses an interesting question. The myriad of tools associated with Terraform has set a precedent, and one can only wonder where the trajectory will take us. Given the ever-evolving nature of technology, this book presents an effective foundation for those wanting to stay ahead of the curve. The positives of the book would be that it covers all the main concepts of Terraform in a very easy-to-read way. Chapter 1 is a solid introduction to Terraform, its purpose, and its history. In chapters 2-5 you will actually follow a general infrastructure buildout from the first line of code, all the way through several refactors. Each refactor adding new features or better structure to the system. Essentially the author introduces a new concept and then shows how to improve our Terraform project by implementing that concept. I think this is a very good teaching method for beginners. The core features of Terraform are explained well and require no previous experience. There's also an open-source effort at https://github.com/brikis98/terraform... to port for GCP and Azure (at the time of writing this).

One thing where I had hoped to get more out of is the "testing" chapter. I'm not sold on the presented approach. Or in other words: the approach presented here seems a lot of effort compared to what I'm currently working on which also works reasonably well (gitops + pre-prod env + terraform.io and inspecting the plan-output in Github PRs). I read the first edition of this book, so the terraform version is a little dated, making the exercises hard to follow at times. Also goes to show how fast terraform is evolving and not even yet hit the first leading major version, I.e., 0.* version only. The other challenge was also the intro of terragrunt, by the author, which made an entry and then disappeared later on, making it hard to follow the tutorial style text. To answer these questions, the 3rd edition of the book includes a brand new chapter: Chapter 7, Working with Multiple Providers. This chapter shows how to work with multiple Terraform providers to deploy to multiple regions, multiple accounts, and multiple clouds.Update the code to work with the current version of Terraform. Providers are now separated from the main repository and the way terraform init works has changed slightly.

Well written - Brikman is clearly an experienced writer and this practice shows. The book is enjoyable to read while presenting dense technical content.This is a two part blog post series. In the first part of the series (this blog post), I’ll go into detail on the following 5 problems and their solutions, based on snippets from the 3rd edition of the book: Transparent portability: With this approach, the idea is to try to use all the clouds as one unified computing platform, abstracting away all the differences between cloud providers to make it easier to migrate a workload from one cloud to the other. Currently, this is the best introduction into Terraform that is on the market. It isn't perfect, but this book does a really good job at taking someone who has never installed Terraform or used it and getting them up to what I would call "intermediate" level of knowledge. I actually interviewed for several DevOps jobs that required Terraform experience by solely reading this book and following along with the tutorials. It covers all the main Terraform concepts and I was able to even impress my interviewers based off the knowledge from this book. It's one of the most prospering books written about Terraform. Although it's based on Terraform version 0.8, and a lot of things has changed since then, still the examples in the book hold the truth. Moreover, the examples provided in the book are also updated day by day, they force the correct version of terraform to be used. This book is the fastest way to get up and running with Terraform, an open source tool that allows you to define