Modern infrastructure has grown increasingly complex. Organizations now rely heavily on cloud environments, containers, microservices, and scalable distributed systems. Managing such infrastructure manually is time-consuming, error-prone, and difficult to maintain across teams. This is exactly where Infrastructure as Code (IaC) comes in.

What is Infrastructure as Code (IaC)?

Infrastructure as Code (IaC) is the practice of defining and managing IT infrastructure using configuration files rather than physical hardware configuration or interactive configuration tools, such as GUI or CLI. In IaC, the infrastructure setup – VMs, servers, networks, databases, storage, load balancers, etc. – is written as code and stored in version control systems. This approach is gaining increasing importance today due to the rise of cloud computing, DevOps practices, and the need for faster, more reliable, and scalable infrastructure management. IaC allows teams to automate infrastructure setup, version control configurations, and reduce human errors, enabling efficient and consistent deployments across multiple environments.

The key benefits of IaC can be summarized as follows:

• Speed: it automates the provisioning process, allowing teams to deploy complete environments in minutes rather than days
• Scalability: it enables easy replication and scaling of infrastructure to handle growth or changing system demands
• Consistency: it ensures every environment (dev, staging, production) is configured exactly the same, preventing configuration drift and reducing errors
• Version Control: it treats infrastructure definitions like application code, allowing changes to be tracked, reviewed, and rolled back through standard version control tools like Git

Common examples of IaC tools include Terraform, Ansible, and AWS CloudFormation.

What is Terraform?

Terraform is an open-source IaC software tool created by HashiCorp that enables users to define and provision data center infrastructure using a high-level configuration language known as HashiCorp Configuration Language (HCL), or optionally JSON. Terraform manages both low-level components such as compute instances, storage, and networking, as well as high-level components such as DNS entries. It is cloud-agnostic, supporting a wide range of service providers (AWS, Azure, GCP, private clouds, etc.).

The relationship between IaC and Terraform can be represented as follows:

Terraform Components

Terraform manages infrastructure in a predictable and repeatable way by combining configuration files with a state management system. Having a solid understanding of these components is key to working effectively with Terraform.

Terraform uses the following types of files:

Configuration files – these files end with the .tf extension and they define what infrastructure should exist. While all configuration could technically live in a single file, best practices recommend splitting it into logical parts (separate files) for readability and maintainability:

• Provider file – specifies which cloud or platform to interact with
• Resource file – defines the actual infrastructure that Terraform will create
• Variable file – allows configuration values to be reused and dynamically set. This often works in conjunction with the .tfvars file which inputs the actual variable data
• Output file – exposes values (e.g., IP addresses) after infrastructure is provisioned

State file – When Terraform creates or updates infrastructure, it needs to remember what exists. To do this, Terraform maintains a state file called terraform.tfstate. This file tracks the real-world infrastructure and maps it to the resources defined in the configuration files (by the way, since this file often contains sensitive data you do not commit it to Git).

Why does the state file matter?

• It allows Terraform to see what already exists and avoid recreating resources unnecessarily
• It is required for Terraform to compute differences (terraform plan command)
• It acts as the “source of truth” for the current deployed infrastructure

Instead of storing the state file locally, Terraform is often stored remotely, allowing teams to collaborate safely. Common remote backends include AWS S3, Google Cloud Storage or Terraform Cloud.

Other files – Terraform may also generate additional internal files (such as lock files) to prevent multiple processes from modifying the state at the same time. These files help maintain consistency and prevent unintended changes.

In summary, Terraform relies on configuration files to describe infrastructure and state files to remember what exists, ensuring predictable, controlled, and automated provisioning.

Terraform Installation

Before you can start defining and managing infrastructure, you need to install Terraform on your local machine. Terraform is a lightweight binary that runs on all major operating systems, including Windows, macOS, and Linux, and it can be installed in two primary ways: by manually downloading and adding the binary to your system’s PATH, or by using a package manager for a faster, automated setup.

Manual installation involves downloading the Terraform binary from the official HashiCorp website, extracting it to a chosen directory, and then adding that directory to your system’s PATH, so Terraform can be run from any terminal window.

For easier updates, Terraform can also be installed using popular package managers:

• Homebrew (macOS/Linux): brew install terraform
• Chocolatey (Windows): choco install terraform

To confirm Terraform is installed correctly, open a terminal and run terraform -version. If you see output showing the Terraform version number, your installation was successful.

How to use Terraform?

Once Terraform is installed and your configuration files are ready, you interact with it primarily through a set of commands that control the entire infrastructure lifecycle. These commands tell Terraform when to initialize, preview, apply, or remove resources. Understanding these commands is essential to using Terraform effectively:

• terraform init – initializes your working directory and downloads the necessary provider plugins. This must be the first command you run before creating or modifying infrastructure
• terraform plan – previews the changes Terraform will make to reach the desired state. It shows what will be created, modified, or destroyed, allowing you to review the outcome before applying it
• terraform apply – executes the plan and provisions the infrastructure defined in your configuration files. Terraform builds or updates resources in your chosen cloud provider to match your declared state
• terraform destroy – removes all resources defined in your configuration. It’s used when you want to tear down infrastructure cleanly and avoid lingering costs or unused components

Terraform Example

The following example demonstrates a Terraform configuration that deploys a Debian-based virtual machine on Google Cloud (authentication keys and GCP project ID are not shown):

Once the code is executed, Terraform provisions the configured resources, and you’ll see a new Debian VM instance listed in your Google Cloud Console:

Conclusion

In summary, IaC is revolutionizing infrastructure management by allowing automated, repeatable, and version-controlled deployments; Terraform is a powerful and widely adopted tool in this space. Understanding Terraform’s syntax and core commands enables developers and operators to efficiently manage infrastructure lifecycle with code, bringing agility and reliability to their environments.

Relevant Training

If you’d like to gain practical, hands-on experience with Terraform, check out our Automating FortiGate Deployment on Google Cloud with Terraform video course. The course introduces the core concepts of Infrastructure as Code (IaC) and Terraform, guides you through the installation process, and provides a step-by-step demonstration of how to use Terraform to deploy a FortiGate VM instance on Google Cloud. It’s an excellent starting point for anyone looking to build real-world skills in cloud automation and IaC.