AWS CloudFormation vs Terraform

Home » Amazon Web Services » AWS CloudFormation vs Terraform
Comparing AWS CloudFormation Terraform

In the modern world of Cloud Computing, developers and builders are always looking for a more iterative, secure and reliable way to deploy their infrastructure on which to host their applications.

One of the main technologies that is now used widely to achieve this goal is a category of provisioning tools known as Infrastructure as Code (IaC).

What is Infrastructure as Code?

IaC is simply put a way of provisioning your applications using code, instead of using manual processes. This can be done using several different technologies, the most popular being Terraform and AWS Cloudformation.

Both Terraform and CloudFormation behave in an identical way and follow the same underlying steps to deploying your code – however, using different technologies.

First, the IaC requires a defined template or configuration describing the target state of your infrastructure, written in different ways depending on the tool you use. Next, the tool behind the scenes calculates the best possible way and all of the required steps necessary to host your architecture. The tool’s engine then runs in the background to start building what you have defined in your template or configuration.

The advantages of using a form of Infrastructure as Code are numerous, like rapid deployment of your infrastructure (no manual deployments), consistent configuration across environments, and IaC can also help save money by limiting unused resources.

Let’s break down the two technologies, and then we will compare, and contrast Terraform vs CloudFormation.

What is AWS CloudFormation?

AWS CloudFormation is AWS’s native Infrastructure as code tool. With AWS CloudFormation, you write your templates which in turn build and host your application. With simple instructions, you can provision full stack applications and spin up and spin down environments at will by creating and deleting CloudFormation stacks.

AWS covers the vast majority of AWS services natively, without needing to install dependencies or any packages and you can use the console, the CLI or the CloudFormation API to leverage the power of this tool.

What is Terraform?

Terraform is a third-party tool (owned by HashiCorp). It is an open-source tool that uses configuration files to build your architecture. The main difference immediately is that Terraform is not an AWS product, and it is in fact a cloud-agnostic tool, permitting use with other Cloud Service Providers (CSPs), directly out of the box.

Terraform uses the APIs of the CSPs. Configuration files can be treated securely using version control systems and it supports updates, versioning, and deployments.

Now we understand how these technologies work we can break down the different features available in both tools, and the differences between Terraform and CloudFormation, in different categories.

License and support

AWS CloudFormation is always free – you only pay for the resources that you provision. Terraform is a bit different in that you don’t have to pay, but there are different support options available depending on the size of your organization.

State management

Terraform stores the infrastructure state on the local disk. There are options however to store your session state remotely (S3 Bucket, etc).  

When storing the state remotely, Terraform employs flexible versioning that helps develop the infrastructure in parallel. This remote state is best utilized when there are multiple users working together in parallel.  

AWS CloudFormation bundles templates into stacks, which are handled as one unit. When you interact with these stacks you can delete or modify dependencies in bulk.

The stacks are handled within the CloudFormation console, and you have no insight into how it works – it just does.

Modularity

Modularity means flexibility, and Terraform excels with modularity. HashiCorp built Terraform to be cloud-agnostic and able to incorporate any resource whether it is AWS, Azure or GCP.

It includes native support for many third-party modules. You can add any resource, whether it’s AWS or third-party, by adding a provider to your configuration – allowing you to benefit from a multi-cloud strategy in a way AWS CloudFormation can’t.

Modules in CloudFormation instead are sets of “nested stacks” or templates. These nested stacks serve as building blocks for your infrastructure and allow you to import and export standard configuration settings. As an example, you might have different configurations of resources used for different applications or infrastructures. When this happens, you can create a template for such resources that you can import into every stack that needs them – giving you relative flexibility and portability.

How does each IaC tool handle Wait Conditions?

Use conditions can be useful for things like waiting for scripts to run, or wait for a machine to load up, and gives you that extra level of flexibility in how your applications are provisioned.

AWS CloudFormation is superior here as it supports wait conditions, whereas Terraform doesn’t.

Rollback behavior

Rollbacks can help you ensure you are not provisioning extra resources as part of a failed stack or configuration.  You can roll back to before the failed stack was created, so you can debug and try again.

This again may be an issue which cannot be addressed directly using Terraform, but with AWS CloudFormation you can implement specific rollbacks, using either as a whole stack or just when things go slightly wrong and need correcting. You can do full roll backs or partial rollbacks also depending on your preference.

Which language to use for either product?

CloudFormation may be the most accessible in this domain also, as you can choose to either write your templates in either JSON or YAML, so if you have experience with either of these languages – your learning curve will be that much shorter when learning how to use AWS CloudFormation.

Terraform uses its own configuration language, specifically designed for Terraform – HashiCorp Configuration Language (HCL), Configuration Language or HCL. HCL is based on JSON, but it is ultimately different, and you will have to learn it when you are writing Terraform configurations.

Conditions vs Loops

In CloudFormation, we have conditions and in Terraform we have loops, which perform similar tasks.

With AWS CloudFormation, you can apply specific and granular sets of conditions, and ensure certain actions happen when conditions are met. The value in this is undeniable – and in Terraform, this isn’t the case. Loops are used instead.

Loops provide a number of different uses within Terraform, and it comes with support for loops and uses those loops to enable or disable a resource if a condition is met, much in the same way – enabling similar functionality when comparing AWS CloudFormation vs Terraform.

Does Terraform use CloudFormation?

The short answer is no. Terraform would perform exactly the same if AWS CloudFormation didn’t exist.

Everything on AWS is built using APIs. When you are using Terraform to interact with AWS Services, it doesn’t use the CloudFormation API, it directly uses the APIs of the services which you are interacting with.

So ultimately which is better?

This isn’t a straightforward answer, but it depends on what you are trying to do. We have put together pros and cons for each service so you can make your own decision on what is best for your particular use case.

AWS CloudFormationTerraform
ProsConsProsCons
Comes with many pre-built templatesThere is a hard limit of 500 resources per templateOpen-sourceThe Enterprise plan is expensive
Rapid deployment and iterative deployment of resourcesYou cannot rename the stack after deploymentTerraform has a useful ‘planning step’ which is useful for pre-deployment checkingDifficult debugging process
Repetitive use of resourcesIs not an option for multi-cloud deploymentsMulti-cloud readyIs not specialized to any one particular cloud platform
Integrates with most AWS Services easilyDense documentation and difficult to learnEasily supports multi-tier applications No GUI element     
CloudFormation Designer is a useful tool for designing your architectureIf you change resources outside of the stack after deployment, it becomes difficult to delete the stack itselfEasily integrates with other third-party services If State files are lost, management of resources is impossible  

Thanks for reading this article exploring AWS CloudFormation vs Terraform.  We trust that you now have learned how to choose which of these Infrastructure as Code tools is right for your particular deployment.

Learn how to Master the AWS Cloud

AWS Training – Our popular AWS training will maximize your chances of passing your AWS certification the first time.
Membership – For unlimited access to our cloud training catalog, enroll in our monthly or annual membership program.
Challenge Labs – Build hands-on cloud skills in a secure sandbox environment. Learn, build, test and fail forward without risking unexpected cloud bills.

Related posts:

Responses

Your email address will not be published. Required fields are marked *