Why Infrastructure as Code & Terraform Are Game Changers

M ChidrupM Chidrup
5 min read

Why Infrastructure as Code (IaC)?

Infrastructure as Code (IaC) is the practice of managing and provisioning infrastructure through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools.

🔑 Key Benefits of IaC:

  • Version Control: Infrastructure changes can be tracked and audited using Git.

  • Consistency: No more “it works on my machine” — deployments are reproducible.

  • Automation: Fast, error-free infrastructure provisioning using pipelines.

  • Scalability: Easily scale environments across dev, staging, and production.

With IaC, your infrastructure becomes repeatable, reliable, and easy to manage — just like application code.

Why Terraform?

Terraform by HashiCorp is one of the most widely adopted open-source IaC tools. It allows you to define infrastructure in a declarative language (HCL - HashiCorp Configuration Language).

🚀 Key Features of Terraform:

  • Multi-Cloud Support: AWS, Azure, GCP, and even on-prem.

  • Declarative Syntax: You write what you want, and Terraform figures out how to get there.

  • Execution Plans: Shows you what will change before applying.

  • Modular: Use reusable components (modules) to standardize infrastructure.

1. What is Infrastructure as Code (IaC)?

Infrastructure as Code (IaC) is the process of managing and provisioning computing infrastructure using machine-readable configuration files rather than manual setups. It allows teams to version, test, and deploy infrastructure in the same way they do application code.


2. What is Terraform and how does it work?

Terraform is an open-source Infrastructure as Code tool by HashiCorp that lets you define and provision infrastructure using a declarative configuration language (HCL). You write code describing your desired infrastructure, and Terraform:

  • Initializes the environment (terraform init)

  • Plans the changes (terraform plan)

  • Applies them to the cloud or on-prem provider (terraform apply)

  • Tracks the state of your infrastructure using a state file


3. What are providers in Terraform?

Providers are plugins in Terraform that interact with APIs to manage and provision resources. Examples include:

  • aws for Amazon Web Services

  • azurerm for Microsoft Azure

  • google for Google Cloud Platform
    You must define the provider in your Terraform code to use it.


4. What’s the use of terraform init, plan, apply, and destroy?

CommandDescription
terraform initInitializes a Terraform working directory. Downloads required providers.
terraform planShows the execution plan—what Terraform will do if you run apply.
terraform applyApplies the changes needed to reach the desired state.
terraform destroyDestroys the infrastructure defined in the configuration.

5. What is the difference between declarative and imperative languages?

  • Declarative: You define what you want (e.g., "I want 3 EC2 instances"). The system figures out how to achieve it. Terraform is declarative.

  • Imperative: You define how to do something step-by-step (e.g., "First create network, then create EC2 instance").


⚙️ Intermediate Questions

6. How does Terraform manage state?

Terraform keeps track of infrastructure using a state file (terraform.tfstate). This file records the current configuration and resource mappings so Terraform knows what it manages and can detect drift (changes made outside Terraform).


7. What is terraform.tfstate? Why is it important?

terraform.tfstate is a JSON file that holds the current state of your infrastructure. It’s critical for:

  • Planning accurate changes

  • Keeping track of resource IDs and attributes

  • Enabling collaboration (via remote state backends)

Never manually edit it, and always back it up or store it securely.


8. How do you handle secrets securely in Terraform?

  • Use environment variables (e.g., AWS_ACCESS_KEY_ID)

  • Use Terraform variables and mark them as sensitive = true

  • Avoid hardcoding secrets in .tf files

  • Store secrets in tools like Vault, AWS Secrets Manager, or Azure Key Vault

  • Use remote backends with encryption and access control


9. What is a Terraform module and why use it?

A module is a reusable package of Terraform code (like a function in programming). Benefits:

  • Code reuse across environments

  • Easier management of complex infrastructure

  • Better organization and testing

You can use public modules from Terraform Registry or create your own.


10. How would you manage infrastructure across multiple environments?

Approaches:

  • Use workspaces in Terraform for dev/staging/prod

  • Create separate .tfvars files for each environment

  • Use Terraform modules with environment-specific parameters

  • Maintain separate state files or use remote backends with environment separation

  • Integrate with CI/CD pipelines to promote code from one environment to the next

Installing Terraform

On macOS or Linux (Homebrew):

bashCopyEditbrew tap hashicorp/tap
brew install hashicorp/tap/terraform

On Ubuntu/Debian:

bashCopyEditsudo apt-get update && sudo apt-get install -y gnupg software-properties-common curl
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update
sudo apt install terraform

On Windows:

  1. Download the Terraform zip from the official Terraform website

  2. Extract and add it to your system’s PATH.

  3. Verify:

bashCopyEditterraform -version

📦 Use Case: Launching an AWS EC2 Instance with Terraform

Step 1: Define your infrastructure

main.tf

hclCopyEditprovider "aws" {
  region = "us-west-2"
}

resource "aws_instance" "demo" {
  ami           = "ami-0c55b159cbfafe1f0"  # Replace with a valid AMI ID
  instance_type = "t2.micro"

  tags = {
    Name = "Terraform-EC2"
  }
}

Step 2: Execute Terraform

bashCopyEditterraform init      # Initializes the working directory
terraform plan      # Previews changes
terraform apply     # Applies configuration to create resources
terraform destroy   # Tears down the infrastructure

🌐 Real-World Use Case: Multi-Environment Deployment

Imagine a company with dev, staging, and production environments. Instead of configuring each manually, they use Terraform modules for reusable code and separate .tfvars files for environment-specific values. This ensures consistency, minimizes errors, and streamlines deployments via CI/CD.

0
Subscribe to my newsletter

Read articles from M Chidrup directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

M Chidrup
M Chidrup

Certified Azure Cloud Enthusiast and Full Stack Developer with a strong foundation in building secure, scalable cloud-native applications. Passionate about integrating AI and automation in DevOps pipelines and exploring intelligent cloud systems. I specialize in React, Node.js, Azure, Kubernetes, and DevSecOps, and I love solving real-world problems through code, collaboration, and continuous learning.