Which IaC Tool is Best for You CloudFormation or Terraform
- October 06, 2020
According to the Cloud Native Computing Foundation, cloud native development is growing rapidly with more than 6.5 million cloud native developers around the world. Commensurate with this growth is growing popularity for cloud native technologies like containers, microservices, and Infrastructure as Code (IaC). Those developing cloud native applications have increasingly used IaC to automate platform provisioning and streamline DevOps practices within the application development process, resulting in a greater repeatability of builds that reduces risk and speeds time to market. While this all sounds great, let’s back up a little and walk through what IaC is and how two of the leading tools used to achieve IaC can help you.
What is IaC?
Wikipedia defines IaC as follows:
Infrastructure as code is the process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools.
As far as definitions go, this one isn’t bad, but it’s somewhat wordy. Let’s try and rewrite a simpler version:
Infrastructure as code (IaC) means to manage your IT infrastructure using configuration files.
The next question then becomes “Why would you want to do that?”
Why do you need IaC?
Speed and Simplicity
IaC allows you to spin up an entire infrastructure architecture by running a script. You can do this quickly and easily for development, staging, and production environments, which can make your software development process much more efficient.
Also, you can easily deploy standard infrastructure environments in other regions where your cloud provider operates so they can be used for backup and disaster recovery.
Configuration Consistency
IaC completely standardizes the setup of infrastructure so there is reduced possibility of any errors or deviations. This will decrease the chances of any incompatibility issues with your infrastructure and help your applications run more smoothly.
Cost Savings
Automating the infrastructure deployment process allows engineers to spend less time performing manual work, and more time executing higher-value tasks. IaC script can automatically spin down environments when they’re not in use, which will further save on cloud computing costs.
What is AWS CloudFormation?
AWS defines CloudFormation as follows:
“AWS CloudFormation is a service that helps you model and set up your Amazon Web Services resources so that you can spend less time managing those resources and more time focusing on your applications that run in AWS. You create a template that describes all the AWS resources that you want (like Amazon EC2 instances or Amazon RDS DB instances), and AWS CloudFormation takes care of provisioning and configuring those resources for you.”
What is HashiCorp Terraform?
HashiCorp defines Terraform as follows:
“Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.”
What’s the Difference between CloudFormation and Terraform?
While these two definitions sound similar and different all at the same time, let’s examine the differences between the two, helping you ascertain which tool to use in which situation.
| CloudFormation | Terraform | |
| Coverage | Covers almost all services provided by AWS. | Cloud agnostic, covering almost all AWS and other cloud provider services. Offers 3rd party support as well. |
| Cost | Free managed service by AWS. | Open Source project by HashiCorp. |
| State | State is managed by CloudFormation. | State is stored locally, in S3 or in DynamoDB. |
| Change | Using change set you can verify changes before executing your stack. | You can create a detailed execution plan before applying changes. |
| Language | Supports YAML and JSON. | Uses HashiCorp Configuration Language (HCL) exclusively. |
Two Example Use Cases
Company A wants to deploy a three-tier web application on AWS and is looking for an IaC solution to manage the infrastructure. They have several requirements including:
- Professional Support
- Easy to integrate with other AWS services
- Requires little to no learning
In this case, we would recommend CloudFormation as it’s very much in line with the company’s needs. CloudFormation provides professional support without any extra cost. It is YAML or JSON based which means that not much learning is required. And, it can easily integrate with other AWS services like CodeDeploy.
Now let’s imagine Company B that also wants to deploy and manage a three-tier web application and is looking for an IaC too. It has two key requirements:
- Support for multi-cloud
- Easy manageability
In this case, we would recommend HashiCorp Terraform as it has multi-cloud support, and it would allow the company to have a state file to manage the infrastructure state.
As you can see, AWS CloudFormation and HashiCorp Terraform are both powerful and mature tools. Both are strong choices for managing IaC. Reviewing the similarities and differences, as well as the use cases above can help you determine which tool will best address your business and technology needs.
To learn more, explore our resource pages for AWS CloudFormation, HashiCorp Terraform, and Cloud Configuration Services.
Subscribe to our blog
Benjamin Draper is a Solutions Architect at NTT DATA. With his DevOps engineering experience, he helps enterprises speed time to market with new technologies and methodologies that improve client outcomes.