_CORE
Services
AI & Agentic Systems Core Information Systems Cloud & Platform Engineering Data Platform & Integration Security & Compliance QA, Testing & Observability IoT, Automation & Robotics Mobile & Digital
Industries
Banking & Finance Insurance Public Administration Defense & Security Healthcare Energy & Utilities Telco & Media Manufacturing Logistics & E-commerce Retail & Loyalty
References Technologies
Lab
Blog Know-how Tools
About Collaboration Careers
Language
CS EN
Let's talk

Terraform — Infrastructure as Code in Practice

06. 09. 2017 2 min read CORE SYSTEMSdevelopment
Terraform — Infrastructure as Code in Practice

“Who created that server? What are its settings? Why is it different from staging?” — questions we asked ourselves too often. Terraform from HashiCorp gave us the answer: infrastructure described in code, versioned in Git.

The Problem: Snowflake Servers

Every server was a unique snowflake. Admin A configured the firewall one way, admin B another way. Documentation? Outdated or non-existent. Reproducing an environment for a new client meant days of manual work.

Terraform Basics

Terraform uses the declarative HCL language. You describe what you want, not how to create it. Terraform determines the current state, compares it with the desired state, and makes the necessary changes.

resource "aws_instance" "api_server" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t2.medium"
  vpc_security_group_ids = [aws_security_group.api.id]
  subnet_id              = aws_subnet.private.id
  tags = {
    Name        = "api-server"
    Environment = "production"
    ManagedBy   = "terraform"
  }
}

State Management

Terraform maintains state in a state file. In a team, you need remote state. We use an S3 bucket with DynamoDB locking.

Modules — DRY Principle

We have an internal module library: VPC, ECS cluster, RDS instance, S3 buckets. New environment for a client: compose modules together, terraform apply, done in 15 minutes.

Plan Before Apply

terraform plan is your safety belt. It shows exactly what will change, what will be created, and most importantly what will be destroyed. We have a rule: no apply without plan review.

What Terraform Doesn’t Do Well

  • Configuration inside VMs — we use Ansible for that
  • Drift detection — only detects drift during the next plan
  • Complex logic — HCL is not a programming language
  • Secrets — state file contains sensitive data

Infrastructure as Code Isn’t a Choice, It’s a Necessity

Terraform changed the way we think about infrastructure. Instead of “where is that button in the console” we ask “where is that .tf file in Git”.

terraformiacawsdevops
Share:

CORE SYSTEMS

Stavíme core systémy a AI agenty, které drží provoz. 15 let zkušeností s enterprise IT.

Need help with implementation?

Our experts can help with design, implementation, and operations. From architecture to production.

Contact us

Related articles

Terraform vs Pulumi

Infrastructure as Code — HCL vs programming languages.

Terraform: Infrastructure as Code Across Clouds

HashiCorp Terraform brings declarative infrastructure management supporting AWS, Azure, GCP, and on-premise. Why IaC...

Infrastructure as Code — Why Terraform Changed Our Approach to Infrastructure

How we moved from manual clicking in the AWS console to declarative infrastructure with Terraform. Practical...