Choosing Between CloudFormation vs Terraform
These two configuration tools are central to cloud management and devops. Which one should you choose for your project?
Want to get up and running fast in the cloud? Contact us today.
Every problem has more than one solution; the same is true for creating your infrastructure as code. While Terraform and CloudFormation are tools that make it easier for DevOps engineers to automate the creation of cloud infrastructure predictably and repeatably, they have some substantial differences. They each have their strengths and weaknesses that make them better suited for specific projects over others. In this article, we'll explore what makes each tool unique and why you might want to choose Terraform vs CloudFormation or vice versa, depending on the project on which you're working.
Infrastructure as Code
Infrastructure as code (IaC) is an infrastructure engineering practice that treats software configuration management as a first-class citizen. Infrastructure as code aims to use programming languages to describe or define the resources and dependencies of an architecture into which workloads are deployed. Infrastructure as code tools are used for provisioning, configuring, and managing infrastructure.
Terraform, and CloudFormation are popular tools for managing AWS environments using Infrastructure as Code. Because all its resources are specified through templates or configuration files rather than scripts, coding ability isn't required for creating infrastructure with these tools; instead of writing scripts, we essentially list the configuration of the desired state. This feature makes it easier for non-ops people like developers or QA testers to change their environments and get up and running quickly with Terraform or CloudFormation, as they don't have to be seasoned developers to use them.
Terraform is an open-source tool developed by the engineering company HashiCorp. It was initially released in 2014 and has seen rapid growth as a tool for managing cloud infrastructure.
Terraform provides many benefits to users over CloudFormation, including:
Terraform is Free and Open Source With a Strong Ecosystem
Suppose you want to build on or integrate your infrastructure with a third-party provider like Google Cloud or Microsoft Azure. Terraform has you covered because it has many 3rd party providers for different cloud platforms and other services.
Terraform Runs on Your Machine
Terraform is an executable that must be downloaded and installed locally to use it. It's decentralized because unless you use centralized state management (we'll get into that later), all its processing and state management happens on your local computer.
Terraform is Fast
The engineers at HashiCorp created Terraform using Go, which has excellent support for concurrently processing network requests made from multiple threads on multiple cores simultaneously.
CloudFormation is a service created by Amazon Web Services explicitly designed to develop and manage their platform's infrastructure. Its configuration is based on templates you define describing parameters, resources, and other configuration inputs such as users, groups, subnets, IAM roles and policies, security groups etc. All these objects are described in YAML or JSON files (a stack), making it easy for you to version control them with Git or source control platforms like Github and CodeCommit. Subsets of CloudFormation can be used for managing serverless applications in the form of Serverless Application Model (SAM) templates. Everything that can be defined in regular CloudFormation can be defined in a SAM template. SAM, however, adds additional functionality for quickly deploying cloud-native workloads like Lambda functions, API Gateway, and Docker workloads in ECS.
Cloudformation Is an AWS-Specific Tool
You can use it to provision an entire system, including just about any AWS services, such as EC2, RDS, S3, load balancers, VPCs, and Lambda. Nothing can provision AWS as well and in as many ways as CloudFormation.
Cloudformation Runs in the Cloud
You don't need to install CloudFormation on your machine—it runs in the cloud using APIs provided by AWS. CloudFormation templates are deployed using the familiar AWS console or CLI commands such as
aws cloudformation create-stack or
aws cloudformation update-stack that allow developers to build robust infrastructure quickly without needing a great deal of specialized knowledge.
Templates and Modules
The first thing to know about your options is that Terraform and CloudFormation use declarative syntax in either templates or modules. This syntax means you tell the tool what resources you want, and it builds them for you.
Terraform is centred around modules, logical groupings of resources and external data references that can be reused across multiple projects and are written in HCL language. A Terraform module takes variables as inputs and has built-in functions that can be used to transform data structures within the configuration. You can declare local variables within the configuration file, and it provides outputs that other modules can ingest. Terraform does not require creating modules for your code, but it is a best practice to keep your configurations DRY by doing so. Adding Terragrunt, a thin wrapper around Terraform, can bring the modularity of your code to the next level as it enforces the creation of modules for all Terraform code. CloudFormation uses templates, either YAML or JSON files, that specify the resources you want to create. You can organize them into stacks that can be nested to create complex hierarchies of infrastructure with high reusability. CloudFormation's StackSets enable the creation of resources across accounts in a multi-account architecture in AWS.
Terraform has a built-in state management functionality that saves the state of your architecture locally in the case of a single developer project or a centralized state repository, for example, in AWS using an S3 bucket with DynamoDB to manage locks when collaborating in a team. Terraform does not support rollbacks during deployment.
CloudFormation manages your state behind the scenes. It supports rollbacks when errors are encountered during deployment, and it supports drift detection, which can also be configured using other AWS tools to detect drift in your infrastructure automatically.
Configuration Syntax: HCL vs JSON vs YAML
- HCL (HashiCorp Configuration Language) is a lisp-like configuration language that supports data structures, variables and functions. It has excellent support for both custom resources and AWS native ones. This is the configuration language of Terraform.
- YAML (YAML Ain't Markup Language) is a human-readable configuration language which uses whitespace indentation to denote structure instead of braces or brackets like other languages do. YAML templates are much cleaner than JSON, so it is the preferred option for many who use CloudFormation.
Terraform Pros and Cons
Terraform has several advantages and disadvantages. Some of the main benefits include:
- Terraform uses the declarative HCL language, which is easy to understand.
- Because Terraform is an open-source tool, it will be updated with new features regularly by developers on GitHub. You can also contribute to this project if you want more features in the future!
- It supports 3rd party providers such as AWS, Google Cloud Platform, Microsoft Azure, Oracle Cloud and many others, so it is a tool that can be used across a large number of platforms and services.
- Because of all the providers available, Terraform is an excellent tool for multi-cloud projects.
Some disadvantages include:
- Terraform does not support rollbacks, so when a deployment fails, it simply stops processing.
CloudFormation Pros and Cons
CloudFormation is a powerhouse in the AWS ecosystem. Some of its advantages include:
- Because AWS maintains CloudFormation, it can be used with almost all Amazon Web Services (AWS) products, including EC2 and Lambda Functions. This makes it possible to create complete infrastructure stacks soon after new features are released.
- You get more advanced features like drift detection and rollback capabilities with CloudFormation than you do with Terraform alone.
- CloudFormation forms the backbone of many automations in AWS, including the powerful Elastic Beanstalk platform, AWS Serverless Application Model (SAM) and others. Once familiar with it, you unlock the door to understanding how many services work in AWS.
The disadvantages to CloudFormation include:
- It is AWS-only, so while you will learn much about YAML and JSON when writing CloudFormation templates, you can't use those skills to deploy with CloudFormation into other cloud platforms.
Which One Is Better Suited to Your Particular Type of Project?
CloudFormation and Terraform can deliver your infrastructure, but when considering CloudFormation vs Terraform, which one is better suited to a particular type of project?
If you're working on an application that needs to be deployed in multiple regions in AWS and that's expected to grow over time, CloudFormation with StackSets may be the right choice.
If you need the best possible integration with AWS services or to use some bleeding edge features that may not be supported yet by Terraform, then CloudFormation might again be your best bet.
On the other hand, Terraform is the clear choice for multi-cloud or hybrid-cloud projects that require non-AWS providers. It has a robust ecosystem that is second to none.
The language choice is very personal - whether you and your team prefer to work with JSON, YAML, or HCL will influence your decision.
Pilotcore is Your Cloud Consulting Partner
Pilotcore is a cloud and DevOps consulting company that can work with your team with either CloudFormation or Terraform. Are you considering a new project in the cloud? Contact us for a free consultation!