Bletchley Park Mansion

Terraform vs Cloudformation

New employer uses Terraform, so I’ve finally had a reason to grok Terraform and what it can do. I’m not convinced it is better than CloudFormation. Here are my thoughts on it.

Pros

  1. Terraform can manage more than just AWS Resources. Useful if you need to orchestrate across multiple clouds, but I’d fear the dependency issues there. At my ex-job I’d have been very interested in how Terraform could control both AWS and Chef.
  2. terraform plan is way easier to read that CF ChangeSets
  3. Back in the day it probably supported more AWS Products. CF has caught up in the last year.
  4. Before YAML templates, Terraform was much easier to read and could even be commented.
  5. Modules are good for code re-use, and can be versioned with git commit or version tags.
  6. You can actually add existing resources into terraform management with terraform import
  7. Terraform can manage files locally (useful for uploading a lambda.zip)

Cons

  1. Remote state is awful. I hear it’s better in the latest version 0.9.
  2. CloudFormation can tell you what stack a resource is owned by. No such ability in Terraform. Hope you thought of and enforce a good tagging strategy before you deployed your first resources.
  3. CloudFormation has much better options for generating and managing Instance UserData. Heaven help you if accidentally change your UserData in terraform.
  4. Terraform ignores the aws:: tags when showing a plan. You need to manually check for that if doing an import/plan/apply.

I’m not about to go and re-write all my automation CloudFormation Templates as terraform. I like deploying these via templates in an a-la-carte fashion depending on my needs. My latest automation did get a terraform module to wrap the CFT since Terraform does support CloudFormation as a resource.