Infrastructure-as-a-code is a big buzz in the IT industry right now, and when it comes to IaC, Terraform vs CloudFormation is a hot topic to discuss. Terraform and CloudFormation are referred to as software that defines infrastructure, which helps your IT team to provision and manages your infrastructure with different tools. Infrastructure automation is one of the pillars of implementing DevOps practices in your project.
When asked about the best tools to automate infrastructure provisioning, two prevalent names come to mind: Terraform and AWS CloudFormation. This blog discusses the different aspects of Terraform vs CloudFormation in detail.
This blog is also available on Medium
Amazon CloudFormation is a fantastic tool that gives the development and operations team the liberty to automate AWS’s infrastructure provision easily. It is a managed AWS service that allows you to design and provision AWS and third-party resources for your cloud environment. Cloudformation handles the configuration in a JSON format called templates. These templates enable the user to attain re-usability and scalability of infrastructure. Cloudformation templates can also be in YAML format.
A Hashicorp product, Terraform, is an open-source solution that enables the development of infrastructure as a code. It is a powerful tool that helps the employees work in IT operations, provision, upgrade, and maintain infrastructure. Terraform has its domain-specific language called Hashicorp Configuration Language (HCL). This is a fully JSON compatible language that helps the DevOps professionals to define the infrastructure-as-a-code.
At ClickIT, we can help you manage your infrastructure with our DevOps Outsourcing Services; contact us!
The first question that comes to our mind is why do we need tools like Terraform and Cloudformation when we already have configuration management tools like Ansible and Puppet? These CM tools can handle almost all system-related configurations. What if a user needs to maintain a layer of abstraction between the underlying bare-metal components and the services. In such cases, the two powerful tools, CloudFormation and Terraform, come into the picture.
The primary difference between Terraform and CloudFormation is that Terraform is a multi-cloud platform, while CloudFormation is specific to AWS. Terraform provides a common language to define and provision cloud infrastructure, while CloudFormation is an AWS-specific solution that provides a standard way to provision and manage AWS resources.
You can discover more about AWS services in the video below:
Let’s have a side-by-side comparison of the difference between Terraform and CloudFormation:
While CloudFormation is confined to the services offered by AWS, Terraform spans across multiple Cloud Service Providers like AWS, Azure, Google Cloud Platform, and many more, Terraform covers most of the AWS resources.
CloudFormation uses either JSON or YAML. This makes CloudFormation easy to read and manage. But there is a constraint that doesn’t allow AWS developers to create CloudFormation templates greater than 51MB in size. In case the template exceeds this size limit, developers need to create a nested stack for the templates.
On the other hand, Terraform uses Hashicorp’s proprietary language called HCL (Hashicorp Configuration Language). This is also a JSON compatible language.
Since CloudFormation is a managed AWS service, it checks the infrastructure consistently to detect whether the provisioned infra is maintaining its state or not. CloudFormation receives a detailed response if anything changes.
On the other hand, Terraform stores the state of the infrastructure on the provisioning machine, may it be a virtual machine or a remote computer. The state is saved in the form of a JSON file, which serves as a map for Terraform describing the resources it manages.
To summarize, in Cloudformation, the state is governed by CloudFormation out-of-the-box, which prevents conflicting changes. In Terraform, the state is stored in a virtual machine or a remote computer. Another best practice for state management is that Terraform states can also be saved in storage services like S3. This has to be defined in the backend, hence making it easier and safer to manage.
The best part about both these tools is that both are free of cost. Both of these tools have large communities with a lot of support and examples. Cloudformation has no price. The only fee that users incur is the cost of AWS service provisioned by CloudFormation. Terraform is a free and open-source tool. Terraform however offers a paid enterprise version that has additional collaboration and governance options.
If you are looking to provision services on multiple cloud platforms, Terraform is your go-to option. While Terraform supports all cloud vendors like AWS, GCP, Azure, and many others, CloudFormation is confined only to AWS. So, in case your environment involves multiple cloud deployments, Cloudformation is not for you. Suppose you are using AWS resources like EC2, S3, etc., you are best advised to stick to Cloudformation.
To deal with AWS’s compatibility, the latest version of Terraform now fully supports all the services in AWS. This version of Terraform is considered to be at par with CloudFormation to manage AWS cloud resources.
It is imperative to understand where and how these two IaC solutions fit into your infrastructure. Let’s talk about Terraform first.
In the diagram above, we can see how Terraform integrates with the standard CI/CD pipeline. Terraform plays a significant role in the Continuous Deployment part of the pipeline, where it is responsible for provisioning instances on Amazon’s ECS cluster. Terraform also quickly spins up to three parallel Dev, UAT, and Prod environments in the above scenario.
The below diagram shows the overall workflow of how CloudFormation works.
CloudFormation involves mainly four steps:
1. Writing your code. This is the code that is defined as the CloudFormation template.
2. This template can be saved in any code repository. In this scenario, the template is saved in an S3 bucket.
3. AWS CloudFormation is then used via AWS CLI or the browser console to create the stack.
4. The final output of the template is provisioning in the form of infrastructure stacks in the AWS cloud.
Read about our stories of success implementing AWS CloudFormation as Infrastructure as Code solution!
Let’s look at an example where we will see how we can provision EC2 instances using Terraform on AWS. Now, let’s see the configuration part.
1. AWS account
2. Terraform CLI
3. AWS credential configured locally. The credentials can be stored in a file, and the path can be specified on the provider.
terraform { required_providers { aws = { source = "hashicorp/aws" version = "~> 2.70" } } } provider "aws" { profile = "default" region = "us-west-2" } resource "aws_instance" "example" { ami = "ami-830c94e3" instance_type = "t.2.micro" }
This configuration implies that Terraform is ready to create an EC2 instance. This configuration should be copied in a .tf file, and then it can be executed.
The first and foremost pre-requisite for using CloudFormation is that you need a template that specifies the resources you want in your stack.
Below is an example of a CloudFormation template to provision an EC2 instance:
"Ec2Instance" : { "Type" : "AWS::EC2::Instance", "Properties" : { {" "ImageId" : { "Fn::FindInMap" : [ "AWSRegionArch2AMI", { "Ref" : "AWS::Region" } , { "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] }, "KeyName" : { "Ref" : "KeyName" }, "InstanceType" : { "Ref" : "InstanceType" }, "SecurityGroups" : [{ "Ref" : "Ec2securityGroup" }] , "BlockDeviceMappings" : [ { "DeviceName" : "/dev/sdal", "Ebs" : { "VolumeSize : "50" } },{ "DeviceName" : "/dev/sdm", "Ebs" : { "VolumeSize" : "100" } } ] } }
While both tools are robust and have their benefits, let’s look at the comprehensive list of advantages and disadvantages of Terraform vs CloudFormation.
There are many other advantages to using Terraform. Some of the major ones are:
✔ Terraform supports a lot of security and unit testing tools like Terraform Lint, etc.
✔ Terraform does support conditionals.
✔ Terraform has workspaces, which makes it easier to manage multiple environments.
✔ Terraform supports multiple plugins. These plugins help a lot in extending the core functionalities of Terraform.
✔ The local_exec provisioner allows you to run the commands locally. This further extends Terraform’s functionality allowing you to run bash, PowerShell, Python scripts before running .tf files.
Having reviewed the differences between Terraform vs CloudFormation, let’s conclude this article with some meaningful tips!
Custom resources are an advantage of CloudFormation. You can use Lambda functions for this. When you associate a Lambda function with a custom resource, the function is invoked whenever the custom resource is created, updated, or deleted. AWS CloudFormation calls a Lambda API to invoke the function and pass all the request data (such as the request type and resource properties).
Lambda’s power and customizability functions combined with AWS CloudFormation enable a wide range of scenarios, such as dynamically looking up AMI IDs during stack creation or implementing and using utility functions, such as string reversal functions.
Meanwhile, in CloudFormation, it is harder to manage different environments due to the lack of workspaces. You can work around this using Parameter Inputs and conditionals.
Terraform is a powerful tool for provisioning, maintaining, and having useful versioning on the cloud infrastructure. Terraform can manage existing and popular solutions as well as on-premise applications as well.
CloudFormation supports almost all the services on AWS. It also integrates well with serverless and all the services offered by AWS, e.g., AWS Lambda, etc.
It is free and easy to use. Terraform’s support spans across multiple cloud providers. Besides, Terraform has many in-built modules, which makes its code reusable and flexible.
Terraform has helped a lot in the DevOps space, changing the way infrastructure is provisioned and managed.
Yes, Terraform can be used in AWS with the help of access and secret keys.
Yes, it is. CloudFormation is free. AWS only charges for those services which you provision using CloudFormation.
Yes, Terraform is also free. The resources you create using Terraform on the cloud are not free. You will have to pay the fee to the cloud service provider for the resources you provision using Terraform. However, Terraform has an Enterprise edition, which comes with a price. It offers better collaboration and governance features.
When a user logs on to this desktop/laptop or mobile, opens a browser and types…
Low-code development is great news for businesses, reducing time-to-market for apps, and allocating costs more…
So, have you caught wind of the latest PHP update? If you not, this PHP…
When it comes to AWS ECS vs EC2, the choice boils down to your specific…
Ever wondered how Netflix keeps you glued to your screen with uninterrupted streaming bliss? Netflix…
In today's busy world, where information is important, handling data well is crucial for success.…