Hacking Terraform for fun and profit

If you’ve been using Terraform just by following the official documentation, you are not getting all from it.

As soon as one cloud provider announces a new service or a feature, you dream that Terraform has zero-day support for it. Well, it is not always like this, and I will show what we can do about it.

Are you using Terraform and keep asking yourself why I should copy-paste so much? What if you need to manage more than a dozen resources with Terraform (e.g., hundreds of GitHub repositories with permissions, or hundreds of IAM users and their permissions)? How can I use Terraform to manage absolutely ANY type of resource? What is beyond Terraform modules? What is a really dynamic module and what Terraform 0.12 will help us with?

Let's see the advanced and very unusual solutions of how Terraform can be extended, integrated, executed, or merely hacked to get the job done with the help of external open-source services and integrations.

From Zero to Hero With Terraform, AWS and Friends

It is easy to get started with Terraform to manage infrastructure as code. Just read the documentation on terraform.io, and you are done. Almost.

The harder part begins when infrastructure grows in all directions (several AWS/GoogleCloud/Azure accounts, regions, teams, projects, environments, external integrations). One of the most frequent questions is "how to structure code".

As the main developer of verified [Terraform AWS modules](https://github.com/terraform-aws-modules), I want to show how to use those modules to build real infrastructures. We'll make it in an interactive way where everyone is involved.

In this workshop, I will explain many of challenges related to that, what works, what does not work, why so, and most importantly I will show all the code which works from small projects to very-large infrastructures (featuring multi-cloud and multi-region setup).

This workshop is best suitable for people who have been using Terraform at least for some time and already have practical questions, but there will be some basic information for newcomers also.

Previous experience using Terraform and AWS is not required but recommended to better understand the workshop.

Participants will be provided with AWS access prior to the workshop.

Most of the content used for the workshop you can find here - [www.terraform-best-practices.com](https://www.terraform-best-practices.com)

This workshop was given at several AWS community days (SF Bay, Manchester, London), DevOpsDays events and other conferences. Every time feedback from attendees was positive.

How to build, scale, and maintain 45 public Terraform modules with over 100 million provisions

Copy and paste of Terraform reduce reusability, maintainability, and scalability of our configuration. In an effort not to repeat ourselves, we might start moving our configuration into modules and run into new scaling and collaboration challenges! In this talk, I will describe some of the challenges and lessons learned in building, scaling, and maintaining the public Terraform modules for AWS components and how to apply them to your modules.

I defined an initial goal for those modules to provide a powerful and flexible way to manage infrastructure on AWS but with more than a couple thousand issues and pull-requests opened since the beginning, the goal had to change. What started as an initial set of basic Terraform AWS modules for common architectural patterns on AWS soon became a base for many customers using Terraform and required radical changes and improvements.

I will describe some of the challenges along the way and lessons learned when building entirely open-source Terraform modules used by thousands of developers. Some problems are technical such as versioning, quality assurance, documentation, compatibility promises, and upgrading. Other problems are around collaboration and software design principles, such as how to reason about feature-requests or how small should a module be. I will also examine the testing strategy for terraform-aws-modules and discuss the reasoning for not having tests!

I will provide a list of dos and don’ts for Terraform modules that highlight the critical features (e.g., documentation, feature-rich, sane defaults, examples, etc.), which make terraform-aws-modules scalable in collaboration and use.

By the end of the talk, attendees will understand proven practices around building useful, maintainable, and scalable modules, learn about public modules available to them, and how they can participate in making those open-source projects better.

Comprehending Terraform Infrastructure as Code: How to Evolve Fast & Safe

Even after a few years of using Terraform, many users still don’t have enough certainty about the infrastructure changes they make. There are a “terraform plan” command, staging environments, and code reviews - everything works with various successes. What are the ways to know the consequences of the changes in advance (literally, as you type)?

In the talk, I will explain how we can “shift left” the understanding of Terraform infrastructure as code to developers using Terraform so that they can make correct decisions faster and safer.

I will cover several common patterns, IDE and plugins, pre-commit git hooks, CI/CD integrations, and demo some of them in action by doing live coding.

Doing serverless on AWS with Terraform for real

More and more companies are adopting serverless technologies as the community is defining the best practices, tools, and patterns.

Companies using Terraform as their infrastructure as a code tool are often required to reinvent the wheel when they work with serverless.

In the talk, I will explain why managing serverless applications with Terraform is a good idea and how https://serverless.tf open-source project has started as an organic response to the accidental complexity of many existing tools used by serverless developers.

I will demo a complete serverless application (including building and deploying it) using Terraform and open-source components.

I have a few live streams on my YouTube channel where I was talking about it - https://www.youtube.com/c/AntonBabenkoLive/search?query=serverless

My ideal way of testing Terraform configurations

A hands-on guide for developers who wanted to perform testing of the Terraform configurations but always felt it was a complicated task. I will show how this can be done more straightforwardly and powerfully using open-source projects (including Open Policy Agent and Terraform AWS modules).

The main open-source project/framework is currently in development.