What is Terraform?

HashiCorp Terraform uses a declarative language rather than a procedural language. Users describe the desired end state for infrastructure resources, and Terraform handles the rest. Terraform automatically creates an execution plan, identifies dependencies between resources and provisions components in the correct order. For example, if a virtual machine (VM) depends on a virtual private cloud (VPC), Terraform ensures the VPC is created before provisioning the VM.

In contrast, with a procedural language, developers must write step-by-step instructions to provision infrastructure.

Terraform configuration files can be versioned, reused and shared. Terraform manages low-level components, such as compute and storage resources, and high-level components, such as Domain Name System (DNS) entries and software as a service (SaaS) features.

In February 2025, IBM acquired HashiCorp and its offerings, including Terraform.

Terraform creates and manages resources on cloud platforms and other services through application programming interfaces (APIs). Terraform works with virtually any platform or service with an accessible API, including Amazon Web Services (AWS), Microsoft Azure, Google Cloud, GitHub, IBM Cloud and Docker.

The core Terraform workflow consists of three stages:

1. Write
2. Plan
3. Apply

A developer writes a human-readable configuration file to define the resource configurations for their desired infrastructure. The file is declarative, meaning the developer describes the infrastructure they want but not how to provision it.  

For example, if a developer wants to provision infrastructure for deploying a cloud-hosted app, they might specify that they need virtual machines in a virtual private cloud, with associated security groups and a load balancer.

A single configuration file can manage resources located across multiple cloud providers and services.

Terraform analyzes both the written configuration provided by the developer and the current state of the organization’s infrastructure. It then creates an execution plan describing how it will reach the desired end state from the current state.

The plan itself takes the form of a list of infrastructure that Terraform will create, update or destroy to bring the real world in line with the developer’s described configurations.

Consider the previous example of a developer deploying an application on virtual machines in a virtual private cloud. Terraform’s plan might include actions such as:

• Provisioning new virtual machines to host the app.
  
  
• Modifying an existing security group to allow traffic to the new virtual machines.
  
  
• Provisioning a load balancer to distribute traffic between the virtual machines.

Developers can review and modify the plan before Terraform executes it.

When the plan is approved, Terraform performs the proposed operations in the correct order, respecting any resource dependencies. That is, if resource A depends on resource B, Terraform ensures that resource B is created before resource A.

For example, if a developer updates the properties of a VPC and changes the number of virtual machines in that VPC, Terraform recreates the VPC with updated properties before scaling the virtual machines.

The primary components of Terraform include:

• Configuration files
• Modules
• State files
• Providers
• Registries
• Terraform CLI

Organizations use Terraform to provision and manage infrastructure throughout its lifecycle. Common use cases include:

• Managing multicloud environments
• Application infrastructure management
• Self-service infrastructure
• Policy and compliance management
• Team collaboration

Multicloud environments can be complex because each cloud provider has its own interfaces, tools and workflows. Furthermore, key resources can be distributed across multiple data centers.

Organizations can use Terraform to simplify the management and orchestration of large-scale multicloud infrastructures. Specifically, Terraform enables organizations to use the same configuration language to provision and manage resources across multiple service providers in a single workflow.

Terraform can deploy and manage infrastructure for multitier applications, enabling organizations to manage resources for each tier in a unified workflow while respecting dependencies.

For example, a multitier application might consist of a pool of web servers, a database tier, an API layer, caching servers and a routing tier. Terraform would provision the database tier before provisioning the web servers that depend on it.

At large organizations, centralized IT operations teams typically receive many repetitive infrastructure requests.

Organizations can use Terraform to build a self-serve infrastructure model that empowers product teams to manage their own infrastructure independently. For example, by using prebuilt modules, teams can directly deploy standardized and approved components.

Organizations can also integrate Terraform with ticketing systems and continuous integration/continuous delivery (CI/CD) DevOps pipelines to help automate new infrastructure provisioning requests. For example, when a user submits an infrastructure request to the ticketing system, Terraform can start a workflow to automatically update resources accordingly. 

Terraform can help organizations enforce security and compliance policies on the types of resources teams can provision and use.

For example, organizations can use Terraform modules to codify standards for deploying and managing resources across the organization. When other teams use these approved modules, they can be sure they are deploying resources in compliance with organizational practices.

Organizations can store Terraform configuration files in a version control system (VCS), which enables DevOps teams to collaborate on code, review definitions, track infrastructure changes and roll back to previous infrastructure versions if necessary.

Kubernetes and Terraform are common components of cloud environments, and they both help automate infrastructure-related tasks. However, the core difference between the two is that Kubernetes focuses on containerized workloads, while Terraform manages all kinds of infrastructure components, including Kubernetes clusters themselves.

Kubernetes is an open-source container orchestration platform for scheduling and automating the deployment, management and scaling of containerized applications. Terraform is an infrastructure as code tool that automates the provisioning and managing of infrastructure.

While these are distinct tools with different functions, they often work together in cloud environments. For example, Terraform can automate the provisioning of Kubernetes clusters on cloud platforms, while Kubernetes manages the deployment of applications within these clusters.

Terraform and Ansible are both infrastructure as code tools that help automate core infrastructure tasks. However, they use different languages and often serve different purposes. Terraform is used to provision infrastructure resources, while Ansible is often used for managing resource configurations.

Terraform uses a purely declarative language, while Ansible combines both declarative and procedural languages. In procedural configuration, a developer specifies the steps for configuring resources in the desired state. Procedural configuration is more labor intensive, but it can also provide more control.

Ansible playbooks, written in YAML, allow for fine-grained control over tasks such as installing software and updating system settings. Ansible also has a variety of prebuilt modules for common configuration management tasks, including package management and operating system updates. And Ansible can apply changes to resources idempotently—meaning that, after an operation is applied the first time, further applications of the same operation do not change the resource.

Taken together, these characteristics help explain why Ansible is a common choice for configuration management.

While Terraform can provision infrastructure resources, it cannot manage software inside of resources as effectively as Ansible. For example, Terraform can define a new virtual machine, including properties such as instance type and disk size, but it cannot update the operating system on the virtual machine.

However, Terraform can work hand-in-hand with configuration management tools such as Ansible to simplify and streamline infrastructure configuration. For example, an organization might use Terraform to provision virtual machines and Ansible to configure the software on those machines.