Terraform in Depth Book Review

The book Terraform in Depth: Infrastructure as Code with Terraform and OpenTofu by Robert Hafner, is an advanced, yet approachable, guide designed to teach professionals how to deploy, manage, and automate infrastructure within a production environment. It is highly recommended for DevOps engineers, Site Reliability Engineers (SREs), cloud engineers, software developers, and system administrators who want to build production-grade Infrastructure as Code (IaC).

The book is structured to guide readers from foundational concepts to advanced implementation techniques, using real-world examples and experienced insights.

Core themes and scope

A central focus of Terraform in Depth is to equip readers with the skills needed to use Terraform effectively as part of a high-performing team. The book’s premise is to “provision, update, scale, and replicate your infrastructure with the same ease as your application code”.

Key areas of coverage include:

1. OpenTofu and Licensing: A significant feature is the inclusion of OpenTofu, the open-source fork of Terraform, which is discussed as a viable alternative. The author breaks down the Terraform licensing controversy that led to OpenTofu’s creation and details how to leverage OpenTofu, switch between OpenTofu and Terraform as needed, and maintain compatibility between the two.
2. Production and Team Practices: The book moves beyond basic syntax to focus on creating production-grade infrastructure. It provides real-world scenarios and advice on deployment, organizing Terraform projects for team-based use, and managing complex multi-environment deployments.
3. Comprehensive Tooling: It covers a wide variety of IaC tooling and services, offering a fair and balanced view of the ecosystem. Examples often use AWS as the cloud provider of choice for illustration.

Organization and content breakdown

The book is comprehensively structured into three parts containing 12 chapters:

Part 1: Getting started with Terraform (Chapters 1–5)

This section builds a solid foundation in the Terraform language and core concepts, enabling immediate utilization while laying the groundwork for later topics.

• IaC and Terraform Overview (Chapter 1): Introduces Infrastructure as Code practices, Terraform’s core components (language, CLI, providers, backends, workspaces), and the advantages of declarative languages over imperative ones, including dependency resolution through Directed Acyclic Graphs (DAGs). It also introduces the history of Terraform and the OpenTofu fork.
• HCL Components (Chapter 2): Focuses on the HashiCorp Configuration Language (HCL), describing basic syntax, block types, Terraform settings, providers, resources, data sources, and meta arguments.
• Variables and Modules (Chapter 3): Discusses modules as the primary tool for code reuse and project composability. It details input, output, and local variables, stressing the importance of input validation and handling sensitive data.
• Expressions and Iterations (Chapter 4): Expands capabilities by teaching functions, operators, conditionals, and logic, allowing for dynamic configuration and data transformation. It covers multiplication of resources using count and for_each.
• The Terraform Plan (Chapter 5): Breaks down the plan and apply phases, tying them back to computer science theories (specifically DAGs) to aid debugging and understanding resource relationships and dependency resolution.

Part 2: Terraform in production (Chapters 6–9)

This section details the necessary practices for running Terraform in a team and production setting.

• State Management (Chapter 6): Explores why Terraform uses state, the structure of the state file, and critical considerations for storing, securing, and protecting state to ensure project resilience. It covers remote backends and techniques for dealing with state drift.
• Code Quality and CI (Chapter 7): Discusses continuous integration practices, source control management (SCM), code reviews, and local development techniques. It emphasizes tools for quality assurance, standardizing deployment (e.g., using Makefiles), and validating security using scanners like Checkov and Trivy.
• Continuous Delivery and Deployment (Chapter 8): Explores strategies for delivering modules and infrastructure, including GitOps workflows. It reviews and compares various CD platforms and TACOS (Terraform Automation and Collaboration Software) such as HCP Terraform, Spacelift, and Env0.
• Testing and Refactoring (Chapter 9): Provides a comprehensive overview of testing IaC. It covers using modern testing frameworks like Terratest and the new Terraform Testing Framework, and addresses the nuances of testing infrastructure versus traditional software. It also covers internal and external refactoring strategies, including managing backward compatibility.

Part 3: Advanced Terraform topics (Chapters 10–12)

This part focuses on niche use cases, complex integrations, and extending Terraform itself.

• Advanced Topics (Chapter 10): Covers design patterns for naming and domains, dynamic network creation (subnetting), provisioners for breaking out of Terraform when necessary, external and local providers, and using checks and conditions for robust validation.
• Alternative Interfaces (Chapter 11): Details non-HCL interactions, such as creating wrapper programs in other languages (e.g., Python) to control the Terraform CLI. It covers using JSON as an alternative to HCL and leveraging the Cloud Development Kit for Terraform (CDKTF) to define infrastructure using familiar programming languages like Typescript, Python, or Go.
• Terraform Providers (Chapter 12): Explains how to develop and maintain custom providers, which is the primary method to expand Terraform’s capabilities to manage new systems. It details using the Terraform Plugin Framework for implementation.

The overall style of Terraform in Depth is masterful, with clear explanations and easily digestible concepts, making even advanced concepts approachable. The focus on exercises and practical application helps readers quickly build confidence to apply the concepts in real projects. The book is fully up to date with the latest versions and standards for both Terraform and OpenTofu.