Terraform Engineer

Terraform Engineer is a community skill for managing cloud infrastructure using HashiCorp Terraform, covering provider configuration, resource definitions, module composition, state management, and CI/CD pipeline integration for infrastructure as code workflows.

What Is This?

Overview

Terraform Engineer provides patterns for defining and managing cloud infrastructure declaratively using Terraform. It covers provider configuration for AWS, GCP, Azure, and other cloud platforms, resource definitions with proper dependency management and lifecycle rules, module composition for reusable infrastructure components across environments, state management with remote backends and locking for team collaboration, and plan/apply workflows integrated into CI/CD pipelines for safe deployments. The skill enables infrastructure engineers to version control their cloud resources, review changes before applying, and maintain consistent environments across development, staging, and production.

Who Should Use This

This skill serves infrastructure engineers managing cloud resources with Terraform, DevOps teams building reusable modules for standardized infrastructure patterns, and platform engineers integrating Terraform into deployment pipelines.

Why Use It?

Problems It Solves

Managing cloud resources through web consoles leads to configuration drift between environments. Tracking what infrastructure exists and who changed it requires audit trails that manual provisioning lacks. Replicating infrastructure across regions or accounts needs parameterized templates. Coordinating infrastructure changes among team members demands state locking and review processes.

Core Highlights

Declarative syntax describes desired infrastructure state and Terraform computes the changes needed. Module system packages reusable infrastructure components with typed input variables. Plan command previews changes before applying to catch destructive operations. Remote state backends enable team collaboration with locking and encryption.

How to Use It?

Basic Usage

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 5.0"
    }
  }
  backend "s3" {
    bucket = "tf-state-prod"
    key    = "infra/terraform.tfstate"
    region = "us-east-1"
  }
}

provider "aws" {
  region = var.region
}

variable "region" {
  type    = string
  default = "us-east-1"
}

resource "aws_vpc" "main" {
  cidr_block = "10.0.0.0/16"
  tags = {
    Name = "main-vpc"
    Env  = var.environment
  }
}

resource "aws_subnet" "public" {
  vpc_id     = aws_vpc.main.id
  cidr_block = "10.0.1.0/24"
  map_public_ip_on_launch = true
}

variable "environment" {
  type    = string
  default = "production"
}

Real-World Examples

variable "name" { type = string }
variable "image" { type = string }
variable "cpu" {
  type    = number
  default = 256
}
variable "memory" {
  type    = number
  default = 512
}
variable "subnet_ids" {
  type = list(string)
}

resource "aws_ecs_task_definition" "svc" {
  family = var.name
  requires_compatibilities = [
    "FARGATE"]
  network_mode = "awsvpc"
  cpu          = var.cpu
  memory       = var.memory

  container_definitions = jsonencode([{
    name  = var.name
    image = var.image
    portMappings = [{
      containerPort = 8080
      protocol      = "tcp"
    }]
  }])
}

resource "aws_ecs_service" "svc" {
  name            = var.name
  task_definition =
    aws_ecs_task_definition.svc.arn
  desired_count   = 2
  launch_type     = "FARGATE"

  network_configuration {
    subnets = var.subnet_ids
  }
}

module "api" {
  source     = "./modules/ecs-service"
  name       = "api-service"
  image      = "app:latest"
  subnet_ids = [aws_subnet.public.id]
}

Advanced Tips

Use terraform plan with the out flag to save plans and apply the exact reviewed changes without recomputation. Implement workspace or directory-based environment separation to manage dev, staging, and production from the same modules. Use data sources to reference existing infrastructure managed outside Terraform without importing it into state.

When to Use It?

Use Cases

Build a multi-environment infrastructure with shared modules for VPC, ECS, and RDS resources parameterized by environment variables. Create a self-service platform where teams provision infrastructure through module composition and pull request reviews. Implement disaster recovery by replicating infrastructure definitions across regions with minimal configuration changes.

Related Topics

Infrastructure as code, cloud provisioning, HashiCorp ecosystem, DevOps automation, and configuration management.

Important Notes

Requirements

Terraform CLI installed with appropriate version constraints. Cloud provider credentials configured for the target platforms. Remote state backend access for team collaboration.

Usage Recommendations

Do: use remote state backends with locking to prevent concurrent modifications that corrupt state. Pin provider versions to avoid unexpected behavior from automatic upgrades. Review terraform plan output carefully before applying changes to production environments.

Don't: store Terraform state files in version control where they may contain sensitive values. Run terraform apply without reviewing the plan in production environments. Modify resources managed by Terraform manually through cloud consoles, which causes state drift.

Limitations

Terraform state must be kept in sync with actual infrastructure, and manual changes cause drift that requires import or refresh. Complex refactoring of existing resources may require state manipulation commands that carry risk. Provider support for new cloud features may lag behind the cloud platform release timeline.