Terraform vs CloudFormation: The Final battle

Terraform vs CloudFormation
Share on facebook
Share on twitter
Share on linkedin

Infrastructure-as-a-code is a big buzz in the IT industry right now, and when it comes to IaC, Terraform vs CloudFormation is a hot topic to discuss. Terraform and CloudFormation are referred to as software that defines infrastructure, which helps your IT team to provision and manages your infrastructure with different tools. Infrastructure automation is one of the pillars of implementing DevOps practices in your project. 

When asked about the best tools to automate infrastructure provisioning, two prevalent names come to mind: Terraform and AWS CloudFormation. This blog discusses the different aspects of Terraform vs CloudFormation in detail.

Table of contents

1. CloudFormation

Amazon CloudFormation is a fantastic tool that gives the development and operations team the liberty to automate AWS’s infrastructure provision easily. It is a managed AWS service that allows you to design and provision AWS and third-party resources for your cloud environment. Cloudformation handles the configuration in a JSON format called templates. These templates enable the user to attain re-usability and scalability of infrastructure. Cloudformation templates can also be in YAML format.

Amazon CloudFormation

2. Terraform

A Hashicorp product, Terraform, is an open-source solution that enables the development of infrastructure-as-a-code. It is a powerful tool that helps the employees work in IT operations, provision, upgrade, and maintain infrastructure. Terraform has its domain-specific language called Hashicorp Configuration Language (HCL). This is a fully JSON compatible language that helps the DevOps professionals to define the infrastructure-as-a-code.

At ClickIT, we can help you manage your infrastructure with our DevOps Outsourcing Services, contact us!

Terraform

3. Terraform vs CloudFormation

The first question that comes to our mind is why do we need tools like Terraform and Cloudformation when we already have configuration management tools like Ansible and Puppet? These CM tools can handle almost all system-related configurations. What if a user needs to maintain a layer of abstraction between the underlying bare-metal components and the services. In such cases, the two powerful tools, CloudFormation and Terraform, come into the picture.

Let’s have a side-by-side comparison of Terraform and CloudFormation:

Ease of use

While CloudFormation is confined to the services offered by AWS, Terraform spans across multiple Cloud Service Providers like AWS, Azure, Google Cloud Platform, and many more, Terraform covers most of the AWS resources.

Language

CloudFormation uses either JSON or YAML. This makes CloudFormation easy to read and manage. But there is a constraint that doesn’t allow AWS developers to create CloudFormation templates greater than 51MB in size. In case the template exceeds this size limit, developers need to create a nested stack for the templates.

On the other hand, Terraform uses Hashicorp’s proprietary language called HCL  (Hashicorp Configuration Language). This is also a JSON compatible language.

State-management

Since CloudFormation is a managed AWS service, it checks the infrastructure consistently to detect whether the provisioned infra is maintaining its state or not. CloudFormation receives a detailed response if anything changes.

On the other hand, Terraform stores the state of the infrastructure on the provisioning machine, may it be a virtual machine or a remote computer. The state is saved in the form of a JSON file, which serves as a map for Terraform describing the resources it manages. 

To summarize, in Cloudformation, the state is governed by CloudFormation out-of-the-box, which prevents conflicting changes. In Terraform, the state is stored in a local disk, which helps in synchronizing the state. Another best practice for state management is that Terraform states can also be saved in storage services like S3. This has to be defined in the backend, hence making it easier and safer to manage. 

Cost

The best part about both these tools is that both are free of cost. Both of these tools have large communities with a lot of support and examples. Cloudformation has no price. The only fee that users incur is the cost of AWS service provisioned by CloudFormation. Terraform is a free and open-source tool. Terraform however offers a paid enterprise version that has additional collaboration and governance options.

Multi-Cloud Integration

If you are looking to provision services on multiple cloud platforms, Terraform is your go-to option. While Terraform supports all cloud vendors like AWS, GCP, Azure, and many others, CloudFormation is confined only to AWS. So, in case your environment involves multiple cloud deployments, Cloudformation is not for you. Suppose you are using AWS resources like EC2, S3, etc., you are best advised to stick to Cloudformation. 

To deal with AWS’s compatibility, the latest version of Terraform now fully supports all the services in AWS. This version of Terraform is considered to be at par with CloudFormation to manage AWS cloud resources.

improve your cloud deployments with a nearshore team

4. Terraform vs Cloudformation: Where do they fit in your infrastructure?

It is imperative to understand where and how these two IaC solutions fit into your infrastructure. Let’s talk about Terraform first.

Terraform diagram

In the diagram above, we can see how Terraform integrates with the standard CI/CD pipeline. Terraform plays a significant role in the Continuous Deployment part of the pipeline, where it is responsible for provisioning instances on Amazon’s ECS cluster. Terraform also quickly spins up to three parallel Dev, UAT, and Prod environments in the above scenario.

The below diagram shows the overall workflow of how CloudFormation works. 

CloudFormation involves mainly four steps:

1. Writing your code. This is the code that is defined as the CloudFormation template.

2. This template can be saved in any code repository. In this scenario, the template is saved in an S3 bucket.

3. AWS CloudFormation is then used via AWS CLI or the browser console to create the stack.

4. The final output of the template is provisioning in the form of infrastructure stacks in the AWS cloud. 

Read about our stories of success implementing AWS CloudFormation as Infrastructure as Code solution!

How to use Terraform?

Let’s look at an example where we will see how we can provision EC2 instances using Terraform on AWS. Now, let’s see the configuration part.

Pre-requisites:

1. AWS account
2. Terraform CLI
3. AWS credential configured locally. The credentials can be stored in a file, and the path can be specified on the provider.

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 2.70"
    }
  }
}
provider "aws" {
  profile = "default"
  region  = "us-west-2"
}
resource "aws_instance" "example" {
  ami           = "ami-830c94e3"
  instance_type = "t.2.micro"
}

This configuration implies that Terraform is ready to create an EC2 instance. This configuration should be copied in a .tf file, and then it can be executed.

How to use CloudFormation Templates?

The first and foremost pre-requisite for using CloudFormation is that you need a template that specifies the resources you want in your stack.

Below is an example of a CloudFormation template to provision an EC2 instance:

   "Ec2Instance" : {
      "Type" : "AWS::EC2::Instance",
      "Properties" : {      {"
        "ImageId" : { "Fn::FindInMap" : [ "AWSRegionArch2AMI", {
"Ref" : "AWS::Region" } ,
                                          { "Fn::FindInMap" : [
"AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ]  }  ]  },
        "KeyName" : { "Ref" : "KeyName" },
        "InstanceType" :  { "Ref"   :  "InstanceType"  }, 
        "SecurityGroups"  : [{ "Ref"  : "Ec2securityGroup"  }] , 
        "BlockDeviceMappings"  : [
          {   
            "DeviceName" : "/dev/sdal",
            "Ebs" : { "VolumeSize  : "50" }
          },{
            "DeviceName" : "/dev/sdm",
            "Ebs" : { "VolumeSize" : "100"  }
          }
        ]
      }
    }

5. The Final Battle: Advantages and disadvantages of Terraform vs CloudFormation

While both tools are robust and have their benefits, let’s look at the comprehensive list of advantages and disadvantages of Terraform vs CloudFormation.

Terraform

Advantages

  1. Terraform modules allows us to separate resources in dedicated and re-usable templates.
  2. You can use specific versions and different branches of the same module, so changing it to add new features is more straightforward, which provides flexibility.
  3. Terraform has a robust CLI that makes it easier to see the infrastructure’s status through simple commands.
  4. Terraform supports multi-cloud integration. Users can use Terraform to deploy applications on multiple cloud platforms.
  5. It simplifies the management and orchestration of multi-tier infrastructure. CloudFormation also has the same advantage when it comes to infra management and orchestration.

Disadvantages

  1. When AWS launches new services, it takes longer to get compliance checks in Terraform.
  2. The learning curve in Terraform is steeper as compared to CloudFormation.
  3. Security of “state files” is a concern. The users need to ensure that the state files are handled in the remote backend because they have confidential information.
  4. In addition to security, state files are a concern because managing the resources is impossible if the terraform state is ever lost; using a backend to store the state files is a best practice
Advantages and disadvantages of Terraform

There are many other advantages to using Terraform. Some of the major ones are:

✔ Terraform supports a lot of security and unit testing tools like Terraform Lint, etc.

✔ Terraform does support conditionals.

✔ Terraform has workspaces, which makes it easier to manage multiple environments. 

✔ Terraform supports multiple plugins. These plugins help a lot in extending the core functionalities of Terraform.

✔ The local_exec provisioner allows you to run the commands locally. This further extends Terraform’s functionality allowing you to run bash, PowerShell, Python scripts before running .tf files.   

CloudFormation

Advantages

  1. Works best for new AWS services.
  2. YAML is friendly and easier to use and configure.
  3. Many tools help in Unit Testing for the CloudFormation templates. It makes it easier to find errors, warnings, and other info in the code.
  4. It integrates easily with other Infrastructure-as-a-code solutions.5. Cloudformation supports conditionals, which enables the user to decide whether to create a resource or not.

Disadvantages

  1. Nested stacks are not as good as Terraform. It is a bit more challenging to implement and to manage. CorssStacks references, the DependsOn attribute, or the GetAtt function can help manage the outputs of one template as the input to another template.
  2. There is a size limit of 51MB on the stacks that don’t work in the developers’ favor all the time.
  3. Modularization of code in CloudFormation is not as mature as Terraform. This is a very new feature that has been introduced by AWS in CloudFormation.
Advantages and disadvantages of CloudFormation

6. Closing thoughts

Having reviewed the differences between Terraform vs CloudFormation, let’s conclude this article with some meaningful tips!

Custom resources are an advantage of CloudFormation. You can use Lambda functions for this. When you associate a Lambda function with a custom resource, the function is invoked whenever the custom resource is created, updated, or deleted. AWS CloudFormation calls a Lambda API to invoke the function and pass all the request data (such as the request type and resource properties). 

Lambda’s power and customizability functions combined with AWS CloudFormation enable a wide range of scenarios, such as dynamically looking up AMI IDs during stack creation or implementing and using utility functions, such as string reversal functions.

Meanwhile, in CloudFormation, it is harder to manage different environments due to the lack of workspaces. You can work around this using Parameter Inputs and conditionals.

FAQs (Frequently Asked Questions)

What is Terraform used for?

Terraform is a powerful tool for provisioning, maintaining, and having useful versioning on the cloud infrastructure. Terraform can manage existing and popular solutions as well as on-premise applications as well.

Why should we use CloudFormation?

CloudFormation supports almost all the services on AWS. It also integrates well with serverless and all the services offered by AWS, e.g., AWS Lambda, etc.

Why should I use Terraform?

It is free and easy to use. Terraform’s support spans across multiple cloud providers. Besides, Terraform has many in-built modules, which makes its code reusable and flexible.

What is Terraform DevOps?

Terraform has helped a lot in the DevOps space, changing the way infrastructure is provisioned and managed.

Can Terraform be used in AWS?

Yes, Terraform can be used in AWS with the help of access and secret keys.

Is AWS CloudFormation free?

Yes, it is. CloudFormation is free. AWS only charges for those services which you provision using CloudFormation.

Is Terraform free?

Yes, Terraform is also free. The resources you create using Terraform on the cloud are not free. You will have to pay the fee to the cloud service provider for the resources you provision using Terraform.  However, Terraform has an Enterprise edition, which comes with a price. It offers better collaboration and governance features. 

Subscribe

to our newsletter

Table of Contents
Weekly DevOps Newsletter