Learning IaC with Terraform

Howdy y’all!

Recently I’ve begun a journey to learn Terraform so I can write more infrastructure as code. This would be so I can contribute to efforts to create more automated deployment models for our cloud products, help customers with IaC in their particular environments, create demo’s and PoC’s, etc.

I’ve worked in IT for a long time and the cloud security space for about 3 years now. Networking, Network Security, designing and architecture all come sort of natural to me after decades of work, but writing code has always been a challenge for me. I did some coding in college, but that’s about it.

Now I am at a cross-roads. I’ve picked up several cloud certs and some experience, but it’s very apparent that I now need to learn to write IaC. I’ve already completed one course on Terraform in acloud.guru and I’m going to start another in Udemy today.

So I am really starting understand the individual concepts and pieces of TF, but I am not sure how to go about putting it all together. I know exactly what I want to do, but it’s not straight-forward, there doesn’t seem to be a “recipe” or algorithm that I can find to guide me through the process. So I’m working if I need to learn more basic programming concepts (again) before I approach this once more.

Is anyone else with a similar background running into this problem ? Getting AWS and Azure certs are easy, but learning how to think about writing code and what questions to ask yourself to actually put together some pseudo-code and eventually something of high quality that is re-useable is different. Other than starting small, does anyone else have any suggestions? I’m all ears (eyes)!

Jerms

2 Likes

Hello Jerms!

We have had a few talks about IaC before after an article that someone wrote. Maybe @raphabot or @felipecosta could help out here since they explained some things to me before.

1 Like

Thanks for tagging me here, @Tabs!

Hey @Jerms. I LOVE the perspective you bring to the table. I can’t say, however, that I can speak to it. As soon as I got into the industry, cloud has been part of my job, in a way or another. That doesn’t mean I can’t try to help giving my own opinion, though.

I’m not a Terraform expert. In reality, I’m not a Terraform practitioner at all, and it is also in my “I have to learn sooner than later” list! I do write IaC using either CloudFormation or CDK quite often. Although both being AWS tooling, they work in a key different way: CDK uses common programming languages (such as Python or JS) and CloudFormation has its own Domain-Specific Language, just like Terraform! I really think that tools based on their own DSL, such as CloudFormation or Terraform, are easier for those that don’t like to code much. Where I think CloudFormation might be a good first step compared to Terraform is the fact that it’s AWS only. Given that you are trying to build AWS infrastructure with your code, you are going to encounter fewer variables in your way. Plus, it has really great documentation and community around it.

This doesn’t change the fact that coding is a great skill to have in your belt when dealing with the cloud. You might not need it today to code your Infrastructure, but you might need it tomorrow to write automation code to react to changes in our environment.

I’ll also take a moment to highlight this amazing article that @aaronans put together for the community a few days ago, about leveraging the AWS Well-Architected Framework:

Operational Excellence is one of the 5 pillars of the Well-Architected Framework and implementing infrastructure as code is key to achieve it, so kudos for taking this step despite being a scary one for those that feel like writing code is challenging.

1 Like

Hey All!

Sorry I’m so late for the conversation. :sweat_smile:

I don’t know if I can help, but I will try. Just like you, I’m also new with TF and really struggling to learn, gotta say that the documentation is not as good as CloudFormation, I will give my try with each one.

Sometime ago I’ve decided that was time to learn CF since I’ve never wrote one, so I took the documentation without any prior knowledge besides AWS certs, I manage to create a relative complex template in one day, using EC2, IAM, S3, VPC’s and the most used AWS resources, I was really happy about it, since I had absolutely no knowledge in CF before this. After this I thought that the most logical step forward was to learn Terraform, since I will be building not only for AWS but for Multi-cloud, and I got cocky…

Terraform for me, is really not as easy as AWS CF, and I can explain my reasons:

  • CF Dashboard:

One of the things that really help in the beginning is the CloudFormation service in the AWS account, it shows you what mistake you made in a graphical way and it rollbacks in your behalf automatically, which is great. Terraform by the other hand only shows in the CLI what mistake you made and does not have an official way to rollback (There are some unofficial ways), if you create 5 resources and 2 fails, the other 3 will be deployed, which is really frustrating for someone that was used to CF. If you just got started with Terraform this is something that you should be aware and got used to fail a lot in your deployments and be sure to build the templates in a way that this will cause the least impact possible in your resources.

  • Documentation:

This is another thing that was really difficult for me in the beginning, the documentation was not as clear as AWS CF, the only solution that I found was really try, try and try again and at some point the practice made me “less bad” at Terraform and just like a programming language, you start to get to used to in the way that the sintaxe works.

Another thing that I found is that there are very little answers in “StackOverflows” in the internet, in my case was building for Azure, this was also something that make me try and see whats happen instead of have a good answer for my questions.

I’m not a dev, but one thing that I notice that looks like that TF is built more for devs than Cloud Practitioners (Just my honest opinion), Terraform is built more in a modular way than CF it looks more similar a programming language like NodeJS and you use npm for you app’s, i’m saying this that knowing a “little programming” it might actually help in the long run to absorb all of this content and become a great “builder”.

My advice is to keep trying by building your own code (Deploy, deploy and deploy), give a try with some programming language that will help you on that as well and keep it going with Cloud certs because understanding of the services also helps to know what parameter you should use or not since the Doc’s are not that good :sweat_smile:

IaC for multi-cloud is not only terraform, there is pulumi and others…

Well that is my experience and challenges that I’ve faced along the way, I hope that helps your journey my friend :slight_smile:

Sorry for the long post…

2 Likes

This thread is gold. I’ve got nothing to add to the deep discussion being held here, I’m just a beginner on the subject - only, I stumbled upon a Terraform Associate Certification ( Exam Review - Terraform Associate Certification | Terraform - HashiCorp Learn)

What are your thoughts about it?
Worth going for it? Or as a cloud engineer, there would be more popular/better IaC frameworks to study?