Infrastructure-as-a-code is a big buzz in the IT industry right now, and when it comes to IaC, Terraform vs CloudFormation is a hot topic to discuss. Terraform and CloudFormation are referred to as software that defines infrastructure, which helps your IT team to provision and manages your infrastructure with different tools. Infrastructure automation is one of the pillars of implementing DevOps practices in your project.
When asked about the best tools to automate infrastructure provisioning, two prevalent names come to mind: Terraform and AWS CloudFormation. This blog discusses the different aspects of Terraform vs CloudFormation in detail.
This blog is also available on Medium
Amazon CloudFormation is a fantastic tool that gives the development and operations team the liberty to automate AWS’s infrastructure provision easily. It is a managed AWS service that allows you to design and provision AWS and third-party resources for your cloud environment. Cloudformation handles the configuration in a JSON format called templates. These templates enable the user to attain re-usability and scalability of infrastructure. Cloudformation templates can also be in YAML format.
A Hashicorp product, Terraform, is an open-source solution that enables the development of infrastructure as a code. It is a powerful tool that helps the employees work in IT operations, provision, upgrade, and maintain infrastructure. Terraform has its domain-specific language called Hashicorp Configuration Language (HCL). This is a fully JSON compatible language that helps the DevOps professionals to define the infrastructure-as-a-code.
At ClickIT, we can help you manage your infrastructure with our DevOps Outsourcing Services; contact us!
The first question that comes to our mind is why do we need tools like Terraform and Cloudformation when we already have configuration management tools like Ansible and Puppet? These CM tools can handle almost all system-related configurations. What if a user needs to maintain a layer of abstraction between the underlying bare-metal components and the services. In such cases, the two powerful tools, CloudFormation and Terraform, come into the picture.
The primary difference between Terraform and CloudFormation is that Terraform is a multi-cloud platform, while CloudFormation is specific to AWS. Terraform provides a common language to define and provision cloud infrastructure, while CloudFormation is an AWS-specific solution that provides a standard way to provision and manage AWS resources.
You can discover more about AWS services in the video below:
Let’s have a side-by-side comparison of the difference between Terraform and CloudFormation:
While CloudFormation is confined to the services offered by AWS, Terraform spans across multiple Cloud Service Providers like AWS, Azure, Google Cloud Platform, and many more. Terraform enables users to dynamically create and configure resources. There are several built-in functions for every day tasks. While CloudFormation is easy to use, there are limitations when it comes to customization and flexibility.
CloudFormation uses either JSON or YAML. This makes CloudFormation easy to read and manage. But there is a constraint that doesn’t allow AWS developers to create CloudFormation templates greater than 51MB in size. In case the template exceeds this size limit, developers need to create a nested stack for the templates. CloudFormation also supports Java, Python, TypeScript and .NET.
On the other hand, Terraform uses Hashicorp’s proprietary language called HCL (Hashicorp Configuration Language). This is also a JSON compatible language. Terraform also supports TypeScript, Java, Python, Go (Golang) and C# for writing infrastructure code.
Since CloudFormation is a managed AWS service, it checks the infrastructure consistently to detect whether the provisioned infra is maintaining its state or not. CloudFormation receives a detailed response if anything changes.
On the other hand, Terraform stores the state of the infrastructure on the provisioning machine, may it be a virtual machine or a remote computer. The state is saved in the form of a JSON file, which serves as a map for Terraform describing the resources it manages.
To summarize, in Cloudformation, the state is governed by CloudFormation out-of-the-box, which prevents conflicting changes. In Terraform, the state is stored in a virtual machine or a remote computer. Another best practice for state management is that Terraform states can also be saved in storage services like S3. This has to be defined in the backend, hence making it easier and safer to manage.
Cloudformation is free and the only fee that users incur is the cost of AWS services provisioned by CloudFormation. Terraform is a free and open-source tool. Terraform also offers paid versions that have additional collaboration and governance options. The HCP free version offers up to 500 resources per month and the HCP Standard version starts at $0.00014 per resource per hour. There are two other versions called HCP Plus and HCP Enterprise that come with a custom pricing model.
Both tools enjoy the support of large communities and code contributions from members
If you are looking to provision services on multiple cloud platforms, Terraform is your go-to option. While Terraform supports all cloud vendors like AWS, GCP, Azure, and many others, CloudFormation is confined only to AWS. So, in case your environment involves multiple cloud deployments, Cloudformation is not for you. Suppose you are using AWS resources like EC2, S3, etc., you are best advised to stick to Cloudformation.
To deal with AWS’s compatibility, the latest version of Terraform now fully supports all the services in AWS. This version of Terraform is considered to be at par with CloudFormation to manage AWS cloud resources.
It is imperative to understand where and how these two IaC solutions fit into your infrastructure. Let’s talk about Terraform first.
In the diagram above, we can see how Terraform integrates with the standard CI/CD pipeline. Terraform plays a significant role in the Continuous Deployment part of the pipeline, where it is responsible for provisioning instances on Amazon’s ECS cluster. Terraform also quickly spins up to three parallel Dev, UAT, and Prod environments in the above scenario.
The diagram below shows the overall workflow of how CloudFormation works.
CloudFormation involves mainly four steps:
1. Writing your code. This is the code that is defined as the CloudFormation template.
2. This template can be saved in any code repository. In this scenario, the template is saved in an S3 bucket.
3. AWS CloudFormation is then used via AWS CLI or the browser console to create the stack.
4. The final output of the template is provisioning in the form of infrastructure stacks in the AWS cloud.
Read about our stories of success implementing AWS CloudFormation as Infrastructure as Code solution!
Let’s look at an example where we will see how we can provision EC2 instances using Terraform on AWS. Now, let’s see the configuration part.
1. AWS account
2. Terraform CLI
3. AWS credential configured locally. The credentials can be stored in a file, and the path can be specified on the provider.
Here is the configuration part:
terraform {
required_providers {
aws = {
source = “hashicorp/aws”
version = “~> 5.51.1”
}
}
}
provider “aws” {
profile = “default”
region = “us-west-2”
}
resource “aws_instance” “example” {
ami = “ami-0922553b7b0369273”
instance_type = “t2.micro”
}
This configuration implies that Terraform is ready to create an EC2 instance. This configuration should be copied in a .tf file, and then it can be executed.
The first and foremost pre-requisite for using CloudFormation is that you need a template that specifies the resources you want in your stack.
Below is an example of a CloudFormation template to provision an EC2 instance:
{
“AWSTemplateFormatVersion”: “2010-09-09”,
“Description”: “CloudFormation template to provision an EC2 instance”,
“Parameters”: {
“KeyName”: {
“Description”: “Name of an existing EC2 KeyPair to enable SSH access to the instances”,
“Type”: “AWS::EC2::KeyPair::KeyName”
},
“InstanceType”: {
“Description”: “EC2 instance type”,
“Type”: “String”,
“Default”: “t2.micro”,
“AllowedValues”: [“t2.micro”, “t2.small”, “t2.medium”],
“ConstraintDescription”: “must be a valid EC2 instance type.”
},
“Ec2securityGroup”: {
“Description”: “Security group for the instance”,
“Type”: “AWS::EC2::SecurityGroup::Id”
}
},
“Mappings”: {
“AWSRegionArch2AMI”: {
“us-west-2”: {
“HVM64”: “ami-0922553b7b0369273”
}
},
“AWSInstanceType2Arch”: {
“t2.micro”: {“Arch”: “HVM64”},
“t2.small”: {“Arch”: “HVM64”},
“t2.medium”: {“Arch”: “HVM64”}
}
},
“Resources”: {
“Ec2Instance”: {
“Type”: “AWS::EC2::Instance”,
“Properties”: {
“ImageId”: {
“Fn::FindInMap”: [
“AWSRegionArch2AMI”,
{ “Ref”: “AWS::Region” },
{ “Fn::FindInMap”: [“AWSInstanceType2Arch”, { “Ref”: “InstanceType” }, “Arch”] }
]
},
“KeyName”: { “Ref”: “KeyName” },
“InstanceType”: { “Ref”: “InstanceType” },
“SecurityGroupIds”: [{ “Ref”: “Ec2securityGroup” }],
“BlockDeviceMappings”: [
{
“DeviceName”: “/dev/sda1”,
“Ebs”: { “VolumeSize”: “50” }
},
{
“DeviceName”: “/dev/sdm”,
“Ebs”: { “VolumeSize”: “100” }
}
]
}
}
}
}
While both tools are robust and have their benefits, let’s look at the comprehensive list of advantages and disadvantages of Terraform vs CloudFormation.
There are many other advantages to using Terraform. Some of the major ones are:
Terraform | |
Advantages | Disadvantages |
Has Modular Design | When AWS releases new services, it takes some time for Terraform providers to support them |
You can use specific versions and different branches of the same module | Syntax and Hashicorp Configuration Language can be complex |
Offers a robust CLI | The Security of State Files |
Supports integration with multiple cloud providers | The State File Management |
simplifies the management and orchestration of multi-tier infrastructure | |
Implements the IaC approach | |
Extensive Community and Ecosystem | |
Maintains a state file |
CloudFormation | |
Advantages | Disadvantages |
Seamlessly Integrates with AWS Services | Nested stack are complex to manage. |
Implements Infrastructure as Code Principles | Stack size limit is 51 MB |
Simplifies Resource Management | Modularization of code is not as mature as in Terraform |
Offers Template-driven Infrastructure | Writing and managing large complex templates in YAML/JSON can be challenging. |
Offers Change Management | May have longer deployment times for complex stacks with multiple resources. |
Cost Management made easy | Limited cross-cloud support |
Highly Secure | |
Highly Scalable and Flexible | |
Strong Community Support and Rich EcoSystem | |
Compliance Governance and Policy Enforcement made easy |
Having reviewed the differences between Terraform vs CloudFormation, let’s conclude this article with some meaningful tips!
Custom resources are an advantage of CloudFormation. You can use Lambda functions for this. When you associate a Lambda function with a custom resource, the function is invoked whenever the custom resource is created, updated, or deleted. AWS CloudFormation calls a Lambda API to invoke the function and pass all the request data (such as the request type and resource properties).
Lambda’s power and customizability functions combined with AWS CloudFormation enable a wide range of scenarios, such as dynamically looking up AMI IDs during stack creation or implementing and using utility functions, such as string reversal functions.
Meanwhile, in CloudFormation, it is harder to manage different environments due to the lack of workspaces. You can work around this using Parameter Inputs and conditionals.
Terraform is a powerful tool for provisioning, maintaining, and having useful versioning on the cloud infrastructure. Terraform can manage existing and popular solutions as well as on-premise applications as well.
CloudFormation supports almost all the services on AWS. It also integrates well with serverless and all the services offered by AWS, e.g., AWS Lambda, etc.
It is free and easy to use. Terraform’s support spans across multiple cloud providers. Besides, Terraform has many in-built modules, which makes its code reusable and flexible.
Terraform has contributed a lot in the DevOps space, changing the way infrastructure is provisioned and managed. Terraform DevOps is a practice of using Terraform in DevOps framework to automate and manage infrastructure provisioning.
Yes, Terraform can be used in AWS with the help of access and secret keys.
Yes, Terraform is also free. The resources you create using Terraform on the cloud are not free. You will have to pay the fee to the cloud service provider for the resources you provision using Terraform. However, Terraform has an Enterprise edition, which comes with a price. It offers better collaboration and governance features.
Have you ever wondered how businesses easily process enormous volumes of data, derive valuable insights,…
Discover the steps for developing cloud applications, from costs to cloud app deployment
Imagine launching your product with just the core features, getting honest user feedback, and then…
When a tight deadline is non-negotiable, every second counts! Here’s how we developed and launched…
You may have considered hiring a nearshore software development company or services, but you still have doubts…
End-to-end project management goes as far back as you can remember. Every project in history, even…