What is Terraform Cloud and why you might need it?

xnok

Alexandre Couedelo

Posted on March 12, 2022

What is Terraform Cloud and why you might need it?

Terraform Cloud is the managed solution offered by Hashicorp to run Terraform configurations 💡. It is in some manner a “CI/CD tool” to manage Infrastructure as Code (IaC). It eliminates the need for you to configure a dedicated task in your CI/CD (Jenkins, Bamboo, Circle CI, etc.) and also provided a tailor-made UI, remote state management, and private module registry.

While it is always possible to use terraform as a CLI in any CI/CD this always comes with frustration when it comes to creating the perfect workflow to plan and apply changes to your infrastructure. If you work a lot with those tools Terraform and Ansible you will realize that dedicated tools add a lot of value.

Terraform Cloud is I deal if you are working on your personal project as it is Free. I also like to use it as it offers a central UI for all your project and a state-management. Otherwise, you have to create a resource with your cloud provider to manage your state S3 for AWS, Cloud Storage for GCP, Blob Storage for Azure. I believe you won’t find the same effortless management of Terraform scripts with another provider so Terraform Cloud is the best place to get started with Terraform.

In this article, I will give you a tour of Terraform Cloud and the necessary explanations to get started. This piece is part of a series I created on How to create infrastructure for a small self-hosted project. You can find all the code here: https://github.com/xNok/infra-bootstrap-tools, but this article does not how much prior requirements if it is not being a little bit familiar with Terraform.

Register on Terraform Cloud.

Simple task! Just go to https://cloud.hashicorp.com/products/terraform and click on Try cloud for free , complete the form, validate your email and let's meet at the next step.

Register to Terraform Cloud

Create a Workspace in Terraform Cloud.

Once you registered it is time to create your first workspace. Terraform workspace is a feature design to manage environments (aka. different setup using the same underlying terraform logic). For instance, you could have a workspace dev and a workspace prod. However, you can use workspaces how you’d like. Here is how to create a workspace.

Create workspace

Here are the steps:

  • Click on create a new workspace
  • Name your workspace (choose a naming convention to keep things in order)
  • (Optional) define the Terraform working directory this is the folder holding the main.tf you wish to execute.
  • Create the workspace

Terraform Cloud free remote backend option is a game changer. You can configure as follow:

terraform {
  backend "remote" {
    hostname = "app.terraform.io"
    organization = "nokwebspace"

    workspaces {
      name = "infra-bootstrap-tools-digitalocean"
    }
  }
}
Enter fullscreen mode Exit fullscreen mode

It is considered best practice to place the remote backend configuration in a file called backend.tf

Now you need to log in to your Terraform cloud using an API key. First, run the command and follow the instruction from the prompt.

terraform login
Enter fullscreen mode Exit fullscreen mode

Then create an API key using the UI. The small GIF below will show you how.

tf login

Create a small example

I was working on DigitalOcean for my https://github.com/xNok/infra-bootstrap-tools tutorials, so this example uses digital Ocean Terraform provider, but do not worry nothing fancy at all simple create a “project” (some kinda folder for resources).

Like in any terraform project after creating the [backend.tf](http://backend.tf) I create a [versions.tf](http://versions.tf) to configure my provider

versions.tf

Simple this configuration comes straight from the provider documentation: 💪

terraform {
  required_providers {
    digitalocean = {
      source = "digitalocean/digitalocean"
      version = "2.17.1"
    }
  }
}

provider "digitalocean" {
  # Configuration options
  # will use DIGITALOCEAN_ACCESS_TOKEN env variable
}
Enter fullscreen mode Exit fullscreen mode

[backend.tf](http://backend.tf) done ☑️, [versions.tf](http://versions.tf) done ✅, next main.tf

main.tf

Now you are going to start writing some terraform code. Nothing difficult and this cost nothing, just a test.

/**
 * # DigitalOcean Project
 *
 * Projects let you organize your DigitalOcean resources 
 * (like Droplets, Spaces, and load balancers) into groups.
 */
resource "digitalocean_project" "infra-bootstrap-tools" {
  name        = "infra-bootstrap-tools"
  description = "Startup infra for small self-hosted project"
  purpose     = "IoT"
  environment = "Development"
}
Enter fullscreen mode Exit fullscreen mode

Validating the Script locally

terraform plan
Enter fullscreen mode Exit fullscreen mode

Note when running this script locally you will need to set DIGITALOCEAN_ACCESS_TOKEN with your DigitalOcean API key

Provisioning the infra with Terraform Cloud

This is where the show starts 🎇. The last setup required is to set DIGITALOCEAN_ACCESS_TOKEN in terraform cloud. Terraform Cloud recently added the notion of variable set that I found amazing to manage account API credentials. With a variable set, I can define all my DigitalOcean related variable (API key, organization name, admin email, etc.)

Variable Set

Once you have set your credentials simply commit and push your code to GitHub. If you go back to workspaces you see the status updated to planned.

Terraform workspace planed

Next, inspect your workspace, look at the UI. You will notice that each resource gets a separate view to give you the time to carefully inspect your plan.

Terraform plan

Your review is done you can go ahead and hit confirm and Push .

Confirm and Push plan

There you go new resource created with Terraform Cloud.

Terraform apply completed

What you should do next?

Explore the added feature of Terraform Cloud

  • Done working for the day on your project? Launch a destroy plan.

Queue destroy plan

  • Add notifications to your Slack Channels

Slack Integration

  • Complex workflow with Run Triggers

Workflow Run Trigger

  • Run plan on pull-requests

Speculative plan on pull-requests

Conclusion

The Free offering of Terraform Cloud offers all you need for an open-source project (remote state and plan/apply workflow) so I don’t see any reason not to take advantage of this opportunity 😇.

For corporate usage is a very good product made by the creators of Terraform. If don’t have anything better already then just hop on.

I will use Terraform Cloud in my personal projects. I am building this repository https://github.com/xNok/infra-bootstrap-tools to demonstrate how to build a minimal (but scalable) infrastructure for a simple self-hosted application. I am sharing the setup I have been using for over many years and writing articles about all the DevOps-related knowledge. So have a look and follow along 🤟.

💖 💪 🙅 🚩
xnok
Alexandre Couedelo

Posted on March 12, 2022

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related