Terraform lets you build, change, and manage infrastructure as code. But it does not do it all on its own. It needs help. That help comes in the form of providers. Think of them as the key that unlocks the door to different platforms and services. Without them, your code would be stuck. You would not be able to connect to the many tools you need to run your infrastructure.
This is why understanding providers is key to using Terraform to its full power. In this ultimate Terraform providers guide, you will learn how to pick the right providers. You will also learn how to use them. And, you will learn how to manage them.
What are Terraform Providers?
Terraform providers are plugins. They let Terraform connect and work with different services. These services can be cloud platforms like AWS, Azure, or GCP. Or they can be other tools like Docker, Kubernetes, or even your company’s own private cloud.
Each provider is like a translator. It knows how to talk to a specific service. It knows the right way to build, change, or delete things. When you use a provider, you tell Terraform what you want to do, and the provider makes it happen on that service.
Think of it this way: you have a universal remote that speaks one language. If your TV speaks a different language, you can’t control it. But, if you get a new remote that speaks the same language as your TV, you’re in business. That is the role that providers play. They bridge the gap. They allow Terraform to control and manage a host of different services.
Providers are more than just simple connections. They also offer specific resources. These are the building blocks for your infrastructure. For example, the AWS provider has resources for EC2 instances, S3 buckets, and VPCs. The Azure provider has resources for virtual machines, storage accounts, and virtual networks.
Each resource has its own set of properties. You define these properties in your Terraform code. These settings tell the provider exactly how you want to set up that part of your infrastructure. So, providers allow you to define infrastructure that can work with any service or platform that has a provider that will communicate with Terraform.
Why are Terraform Providers Important?
Terraform providers are the most important part of Terraform because they bring many key benefits to the table.
Wide Range of Integrations
Terraform’s biggest draw is its ability to work with many different services. That is due to providers. The large list of providers lets you manage a lot of your infrastructure with one tool. This means you don’t have to learn a new tool for every platform you want to use.
The community is also always building new ones. So, if there’s a service you use that does not have a provider, you might be able to find one in the works. Or, if you have the skills, you can build one yourself. This broad support makes Terraform a very flexible tool. It makes it easy to adopt and use in any kind of environment.
Infrastructure as Code (IaC)
Providers enable the best part of Terraform: Infrastructure as Code (IaC). With IaC, you define your infrastructure in code, not by hand. This means you can keep track of changes to your infrastructure. You can also share it with others, and repeat the process.
This is where providers shine. They offer the resources you need to define every part of your infrastructure. This can be from virtual machines to load balancers to databases, all in code. This can all be tracked, shared and repeated with ease. This approach makes setting up complex environments very easy. This also greatly reduces the chance of errors, and it makes it easy to keep your infrastructure in sync.
Consistency and Repeatability
When you set up things by hand, it is easy to make errors. You might miss a step, or make a mistake in one setting. This can lead to big issues. Providers help fix this. They ensure that your infrastructure is built the same way every time.
When you use providers, every change you make is recorded in your Terraform code. This means you can use that code to build the same setup over and over. This is very useful for dev, test, and prod environments. It makes sure your environments are in sync and avoids those errors from manual work.
Easier Infrastructure Management
Providers make it easier to manage your infrastructure. You do not have to log into each service’s website. Instead, you use Terraform code to manage everything. This makes it easier to see, change, and track your whole setup.
With providers, you also have a single place to manage many parts of your infrastructure. It gives you a single view of all the changes you make, which lets you more quickly fix any issues that come up. This is a big step up from handling everything by hand.
Types of Terraform Providers
There are a few types of Terraform providers. They differ in the level of support you can expect, and in how they are made.
Official Providers
Official providers are the ones made by HashiCorp, the team that built Terraform. These are the best supported providers. They are made to work really well with Terraform. They are tested well, and are kept up-to-date.
When you use an official provider, you can have more trust that things will work as you expect. These providers are often the first to get new features. This means they are usually the most stable choice. If you can, you want to stick to the official ones if you can.
Community Providers
Many other providers are made by the community. These are made by folks who use Terraform and need to manage a specific service. They have built the provider and shared it for others to use.
Community providers can be really helpful if an official one does not exist. But you must remember they are not made or supported by HashiCorp. This means the level of support and quality can be different from provider to provider. Always do your homework. You should check how well-used and kept-up to-date a community provider is. It is best to check for open issues and pull requests before committing to use a specific provider.
Partner Providers
Partner providers are made by third-party companies, not HashiCorp. These providers let you use Terraform with a specific tool or platform made by that company. Partner providers are like a bridge between a company’s service and the Terraform world.
These providers are a mix of official and community. They are usually well supported by the company. They also have added features that you might not find in other providers. But like community providers, you should check how well they are supported. And it is wise to look for reviews before using them.
Custom Providers
You can make your own providers, too. This is helpful if you have to manage an internal tool or a service that doesn’t have a provider yet. Making a custom provider is a big project. You need to know how to code in Go, the language Terraform and providers use.
While a custom provider does offer the most freedom, this is not for those who are new to Terraform. If your needs are simple, you may want to see if someone else has already built something that you can use. This is usually the easiest path forward.
How to Find Terraform Providers
Finding the right provider is very important to get the most out of Terraform. There are a few ways to do it.
Terraform Registry
The Terraform Registry is the first place you should go. It has all the official providers. It also has many community and partner providers. You can use the registry to find the providers you need for the services you want to manage.
The Terraform Registry is a good place to see a provider’s page. The page will have info like its version, its docs, and links to its source code. It is an easy way to check a provider before you use it. It is also a great way to see a provider’s documentation before using it.
GitHub
GitHub is also a useful place to find providers. Many community and partner providers are hosted there. If you cannot find a provider in the registry, you may find it on GitHub. You may also check here to see the source code.
When you are checking on GitHub, look at how often the provider is updated. You should also check its issues page to see if others have seen similar issues. A project that is well kept should have lots of commits. And any open issues should be responded to in a timely manner.
Vendor Websites
Sometimes, partner providers are listed on the vendor’s website, not on the Terraform Registry. You can check the vendor website for links to their provider’s documentation. This is another place that you might find other info not found anywhere else.
This is also the place where you can find the support page for their provider. If a provider is used by a company or a vendor, it’s best to contact them directly to report any issues. This will be the place you’ll find all of that info.
Terraform CLI
The Terraform CLI tool can also help you find providers. You can use it to see what providers you have installed and what versions you have. This is a good way to make sure that you are using the right provider, and the right version.
You can run a command that lists your providers. This is usually the fastest way to check providers that you are already using, if you just can’t remember which version you are on. This is a quick way to avoid issues due to an old provider version.
How to Use Terraform Providers
Using a Terraform provider is a simple process. Here are the steps you need to take:
1. Declare the Provider
First, you must tell Terraform that you want to use a specific provider. You do this in your Terraform code. You add a “provider” block and define which provider you want to use.
Here is an example of how to declare the AWS provider:
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
}
}
provider "aws" {
region = "us-west-2"
}
The code block tells Terraform to get the AWS provider from the hashicorp namespace, and to use version 5.0 or higher. The second block tells Terraform that you want to use the us-west-2 region.
Each provider needs different things set up. Check the provider documentation to see what you must set up for it to work. Some providers might need an API key, or other types of secrets for it to work.
2. Configure the Provider
After you declare the provider, you need to set it up. You can do this inside the “provider” block. You may need to give it your access keys, region, or other settings that the provider needs.
Here is an example of how to set up the Azure provider:
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "~> 3.0"
}
}
}
provider "azurerm" {
features {}
subscription_id = "your_subscription_id"
client_id = "your_client_id"
client_secret = "your_client_secret"
tenant_id = "your_tenant_id"
}
This code tells Terraform to get the Azure provider from the hashicorp namespace, and to use version 3.0 or higher. The second block gives the subscription id, client id, client secret, and tenant id. This will allow Terraform to connect to your Azure account.
Make sure that all the required settings are set. If not, the provider won’t work correctly. You may have to check your account on your provider to get the access info. You should also make sure that you do not add secrets to your code, and you should use Terraform’s secrets management capabilities.
3. Use Provider Resources
Once your provider is set up, you can use its resources. Resources are the building blocks that the provider uses. For example, AWS resources are things like EC2 instances, S3 buckets, and VPCs.
Here is an example of how to use the AWS provider to create an S3 bucket:
resource "aws_s3_bucket" "example" {
bucket = "my-example-bucket"
acl = "private"
}
This code tells Terraform to make an S3 bucket named my-example-bucket. And it also sets its permission to private, so that it can’t be seen by anyone on the internet.
Each resource has its own set of settings you can change. See the documentation to see all the settings for a specific resource. This is where you tell the provider exactly how you want it to build this piece of infrastructure.
4. Apply the Configuration
Once you define everything, you can apply the setup by using the Terraform CLI. This will make the changes you defined in the code. Terraform will use the provider to build the resources you told it to make.
To apply, you should run these two commands.
terraform init
terraform apply
The first command, terraform init, downloads the providers that you defined. This happens only once. The second command, terraform apply, makes the changes. Terraform will then connect to each provider. And it will tell each of them to build or change things.
During the apply process, you’ll be asked to review and confirm your changes. This is your last chance to make sure things are correct before you make the changes. Once you approve, the provider will make the changes for you. And you can see how your infrastructure is built.
Managing Terraform Providers
Managing your Terraform providers is as important as setting them up. You must keep them up to date. And make sure they are used in a secure way.
Provider Versioning
Keeping your providers at the right version is very important. Like software, providers have new features, bug fixes, and security updates. If you use a provider that is too old, you may have issues, or even security holes in your infrastructure.
To handle this, you must specify the version of the provider you are using in your Terraform code. Instead of just picking a random version, it is best to use version constraints. You should always start with a specific version, such as 5.0. Then, use other constraints to allow you to get updates.
Here’s an example:
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
}
}
This says that Terraform should use version 5.0 or higher. It should not pick a version higher than 6.0. This way, you will get all the minor updates from the 5.x series, without the risk of getting a version that is not compatible with your code.
It’s important to test provider updates before using them in a production environment. Some updates can bring changes that may cause your existing code not to work as expected. You can test this in your lower-level environments, such as your dev or test setups.
Provider Security
Security is also something you should care about. Providers need access to your accounts. So, it is important to use them in a secure way. Never put sensitive data in your code. This includes your API keys, passwords, and other types of secrets. Use Terraform’s methods to manage this type of data.
When using a cloud provider, use the roles that are made for that provider. This way, you can make sure the role only has the exact permissions it needs. This makes sure that if the provider is compromised, it can’t take over your whole account. If your provider has methods for secrets management, use them over other methods.
It is always a good idea to only use trusted providers. Do not just pick any provider off the internet. Always check the source code. And only use community or partner providers if you really need to, and if you have vetted them well. It is also wise to check that they have not had any recent security incidents.
Provider Updates
Providers are not a “set it and forget it” thing. They must be updated often. When a new update comes out, you should plan a way to update your providers to the latest version.
Check the release notes for each provider for any big changes. You should test these updates on your lower environments first. You can also check GitHub for any breaking changes that may happen when you update the provider. Plan an update period. This will help you reduce issues with your production environment.
Set up alerts to get notified of any updates. This way, you can keep track of new changes. And, you can make sure you are always up to date with your providers. Using an outdated provider is a security risk. So, you should always aim to keep your providers up to date.
Provider Maintenance
It is also good practice to look at the state of your providers from time to time. Check to see if they are still being updated. Check to see if there are any issues that are open that might affect you.
If you use community or partner providers, it is a must that you do this. If they are no longer being maintained, you should look for another way to handle this. If you use providers from large vendors, this may not be as important, because these providers will usually be kept up to date.
You can use Terraform’s CLI tools to check the state of your providers. Check to make sure they are still available, and that their source is still valid. Keeping an eye on your providers is a must to keep your infrastructure running smoothly.
Advanced Concepts
Once you are comfortable with the basics, you can start to learn about more advanced concepts. These can help you make the most of your providers and get better at using them.
Provider Aliases
Provider aliases are useful when you need to use the same provider for different setups. This may happen when you must use two AWS accounts, or two regions. Using aliases lets you tell Terraform which one you want to use in specific cases.
Here is an example of how to use provider aliases:
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
}
}
provider "aws" {
alias = "west"
region = "us-west-2"
}
provider "aws" {
alias = "east"
region = "us-east-1"
}
resource "aws_s3_bucket" "west_bucket" {
provider = aws.west
bucket = "my-west-bucket"
acl = "private"
}
resource "aws_s3_bucket" "east_bucket" {
provider = aws.east
bucket = "my-east-bucket"
acl = "private"
}
This code has two AWS providers set up. One is for the us-west-2 region. The other is for the us-east-1 region. The alias setting tells Terraform which provider to use when you use resources. This way, you can easily use the same provider in different contexts.
This method can also be used to use the same provider with different credentials, or if the provider does not support this type of setup. If you need to work with different setups from the same provider, aliases are a must.
Provider Meta-Arguments
Providers may have a few meta-arguments that can help you customize how they work. These meta-arguments are not resource specific, but provider specific. They are settings that apply to the provider itself.
Some common provider meta-arguments are:
alias: Set the provider alias.version: Set the version to use.features: Set specific provider features.default_tags: Set the default tags to use on all resources.
These settings let you customize the provider to match your needs. They are also a way to streamline your code and to make it easier to read. Check the documentation for your specific provider to see what is available.
Provider Plugin Development
If you have special needs, you may need to make your own custom provider. This is a big undertaking, but it can be worth it if you need to use a service that does not have a provider yet.
To make a provider, you must use Go, the language that Terraform uses. You must also learn the Terraform Plugin SDK. This lets you make providers that are compatible with Terraform. The SDK has many functions that you can use to make the provider. It also makes it easy for Terraform to interface with the custom code that you build.
Make sure you have all the required skills if you want to develop your own provider. If you do not, it may be best to hire a developer, or see if someone else is making one that you can use. You may also find that a community provider can be adapted to your needs.
The Path Forward
Terraform providers are the key that unlocks the many tools and services you need for your infrastructure. They allow you to define infrastructure in code. You can also use the same code to build it over and over. This makes it easy to manage all your infrastructure with one tool.
By now, you should have a grasp of what providers are. How to find them, and how to use them. You should also know how to manage them well and keep them up to date. This will allow you to build more complex setups. And to also avoid security issues.
Terraform is always growing. And so are the providers. So, keep learning. Stay up to date. And you will be able to make the most of Terraform and your infrastructure. Always keep learning. And you will be able to keep using the latest and greatest features of Terraform and its many providers.