New employer uses Terraform, so I’ve finally had a reason to grok Terraform and what it can do. I’m not convinced it is better than CloudFormation. Here are my thoughts on it.
Pros
- Terraform can manage more than just AWS Resources. Useful if you need to orchestrate across multiple clouds, but I’d fear the dependency issues there. At my ex-job I’d have been very interested in how Terraform could control both AWS and Chef.
- terraform plan is way easier to read that CF ChangeSets
- Back in the day it probably supported more AWS Products. CF has caught up in the last year.
- Before YAML templates, Terraform was much easier to read and could even be commented.
- Modules are good for code re-use, and can be versioned with git commit or version tags.
- You can actually add existing resources into terraform management with terraform import
- Terraform can manage files locally (useful for uploading a lambda.zip)
Cons
- Remote state is awful. I hear it’s better in the latest version 0.9.
- CloudFormation can tell you what stack a resource is owned by. No such ability in Terraform. Hope you thought of and enforce a good tagging strategy before you deployed your first resources.
- CloudFormation has much better options for generating and managing Instance UserData. Heaven help you if accidentally change your UserData in terraform.
- Terraform ignores the aws:: tags when showing a plan. You need to manually check for that if doing an import/plan/apply.
I’m not about to go and re-write all my automation CloudFormation Templates as terraform. I like deploying these via templates in an a-la-carte fashion depending on my needs. My latest automation did get a terraform module to wrap the CFT since Terraform does support CloudFormation as a resource.