Understanding the Key Differences Between Terraform and CloudFormation

In the dynamic realm of DevOps, where the mantra "automate everything" echoes through every corner of the industry, infrastructure as code (IaC) has emerged as a cornerstone practice. At the heart of IaC lie provisioning tools, such as Terraform and CloudFormation, which empower teams to codify and manage infrastructure effortlessly. But amidst the scores of options, why does Terraform stand out? Let's embark on a journey to explore the nuances that set Terraform apart from its counterparts.

Terraform: Embracing the Multiverse of Clouds

Terraform, a brainchild of HashiCorp, epitomizes versatility in the realm of infrastructure provisioning. With its open-source nature and support for a plethora of cloud service providers, including AWS, Azure, and Google Cloud Platform, Terraform transcends the boundaries of vendor lock-in. Its HashiCorp Configuration Language (HCL), JSON-compatible yet tailored for infrastructure needs, serves as a beacon for DevOps professionals navigating the IaC landscape.

CloudFormation: A Glimpse into AWS's Domain

Amazon CloudFormation, a stalwart within the AWS ecosystem, offers a streamlined approach to automate infrastructure provisioning exclusively within the AWS cloud environment. Leveraging JSON or YAML templates, CloudFormation furnishes developers with the tools to sculpt and orchestrate AWS resources effortlessly. However, its domain remains confined to the AWS ecosystem, presenting a trade-off between simplicity and vendor agnosticism.

Unveiling the Distinctions

1. Scope:

• Terraform: A multi-cloud juggernaut spanning across various cloud platforms.
• CloudFormation: Tailored exclusively for AWS infrastructure provisioning.

2. Language:

• Terraform: HCL, a JSON-compatible language designed for infrastructure definition.
• CloudFormation: JSON or YAML templates, facilitating ease of readability and management.

3. State Management:

• Terraform: State stored locally or in a remote backend, ensuring resilience and consistency.
• CloudFormation: Managed by AWS, providing real-time insights into infrastructure state changes.

4. Cost:

• Both Terraform and CloudFormation: Free of cost, with additional enterprise options for Terraform.

5. Multi-Cloud Integration:

• Terraform: Seamlessly provisions resources across various cloud vendors.
• CloudFormation: Restricted to AWS, limiting its applicability in multi-cloud scenarios.

Terraform vs. CloudFormation: Finding Your Fit

Incorporating these provisioning tools into your infrastructure warrants a nuanced understanding of their strengths and limitations. Terraform's multi-cloud prowess makes it an ideal candidate for heterogeneous environments, fostering agility and resilience across diverse cloud ecosystems. Conversely, CloudFormation excels within the confines of the AWS universe, offering unparalleled integration and simplicity for AWS-centric deployments.

It is imperative to understand where and how these two IaC solutions fit into your infrastructure. Let’s talk about Terraform first.

In the diagram above, we can see how Terraform integrates with the standard CI/CD pipeline. Terraform plays a significant role in the Continuous Deployment part of the pipeline, where it is responsible for provisioning instances on Amazon’s ECS cluster. Terraform also quickly spins up to three parallel Dev, UAT, and Prod environments in the above scenario.

The below diagram shows the overall workflow of how CloudFormation works.?

CloudFormation involves mainly four steps:

1. Writing your code. This is the code that is defined as the CloudFormation template.

2. This template can be saved in any code repository. In this scenario, the template is saved in an S3 bucket.

3. AWS CloudFormation is then used via AWS CLI or the browser console to create the stack.

4. The final output of the template is provisioning in the form of infrastructure stacks in the AWS cloud.?

How to use Terraform.

This configuration implies that Terraform is ready to create an EC2 instance. This configuration should be copied into a .tf file, and then it can be executed.

Click here to see my article on how to use Terraform.

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 5.0"
    }
  }
}
provider "aws" {
  region  = "ap-south-1"
}
resource "aws_instance" "example" {
  ami           = "ami-830c94e3"
  instance_type = "t2.micro"
}
        

How to use CloudFormation Templates?

The first and foremost prerequisite for using CloudFormation is that you need a template that specifies the resources you want in your stack.

Below is an example of a CloudFormation template to provision an EC2 instance:

"Ec2Instance" : {
      "Type" : "AWS::EC2::Instance",
      "Properties" : {      {"
        "ImageId" : { "Fn::FindInMap" : [ "AWSRegionArch2AMI", {
"Ref" : "AWS::Region" } ,
                                          { "Fn::FindInMap" : [
"AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ]  }  ]  },
        "KeyName" : { "Ref" : "KeyName" },
        "InstanceType" :  { "Ref"   :  "InstanceType"  }, 
        "SecurityGroups"  : [{ "Ref"  : "Ec2securityGroup"  }] , 
        "BlockDeviceMappings"  : [
          {   
            "DeviceName" : "/dev/sdal",
            "Ebs" : { "VolumeSize  : "50" }
          },{
            "DeviceName" : "/dev/sdm",
            "Ebs" : { "VolumeSize" : "100"  }
          }
        ]
      }
    }        

Advantages and Disadvantages: A Comprehensive Analysis

Terraform: Advantages

1. Terraform modules allow us to separate resources into dedicated and re-usable templates.
2. You can use specific versions and different branches of the same module, so changing it to add new features is more straightforward, which provides flexibility.
3. Terraform has a robust CLI that makes it easier to see the infrastructure’s status through simple commands.
4. Terraform supports multi-cloud integration. Users can use Terraform to deploy applications on multiple cloud platforms.
5. It simplifies the management and orchestration of multi-tier infrastructure. CloudFormation also has the same advantage when it comes to infra management and orchestration.

Terraform: Disadvantages

1. When AWS launches new services, it takes longer to get compliance checks in Terraform.
2. The learning curve in Terraform is steeper as compared to CloudFormation.
3. Security of “state files” is a concern. The users need to ensure that the state files are handled in the remote backend because they have confidential information.
4. In addition to security, state files are a concern because managing the resources is impossible if the terraform state is ever lost; using a backend to store the state files is a best practice

CloudFormation: Advantages

1. Works best for new AWS services.
2. YAML is friendly and easier to use and configure.
3. Many tools help in Unit Testing for the CloudFormation templates. It makes finding errors, warnings, and other info in the code easier.
4. It integrates easily with other Infrastructure-as-a-code solutions.
5. CloudFormation supports conditionals, enabling the user to decide whether to create a resource.

CloudFormation: Disadvantages

1. Nested stacks are not as good as Terraform. It is a bit more challenging to implement and manage. CorssStacks references, the DependsOn attribute, or the GetAtt function can help manage the outputs of one template as the input to another template.
2. There is a size limit of 51MB on the stacks that don’t work in the developers’ favor all the time.
3. Modularization of code in CloudFormation is not as mature as in Terraform. This is a very new feature that has been introduced by AWS in CloudFormation.

While both Terraform and CloudFormation offer robust solutions for infrastructure provisioning, the choice ultimately hinges on the specific needs and nuances of your environment. Whether you're traversing the multi-cloud cosmos with Terraform or diving deep into the AWS ecosystem with CloudFormation, embracing the principles of infrastructure as code: a new era of efficiency and scalability in the realm of DevOps.

Thanks for the read.

Follow for the upcoming part of the Terraform learning journey.