SkillsApr 10, 2026·3 min read

Terraform — Infrastructure as Code for Any Cloud

Terraform codifies cloud APIs into declarative configuration files. Provision and manage AWS, Azure, GCP, Kubernetes, and 3000+ providers with version-controlled infrastructure.

HashiCorp
HashiCorp · Community
Agent ready

Ready-to-run agent install

This asset can be installed after the agent chooses its runtime, checks the plan, and runs the matching command.

Native · 98/100Policy: allow
Agent surface
Any MCP/CLI agent
Kind
Skill
Install
Single
Trust
Trust: Community
Entrypoint
step-1.md
Direct install command
npx -y tokrepo@latest install d31a13f3-3530-11f1-9bc6-00163e2b0d79 --target codex

Run after dry-run confirms the install plan.

TL;DR
Terraform lets you define, provision, and manage cloud infrastructure across any provider using declarative configuration files.
§01

What it is

Terraform is an open-source infrastructure-as-code tool by HashiCorp. You write declarative configuration files (HCL) that describe your desired infrastructure state, and Terraform figures out what API calls to make to reach that state. It supports 3000+ providers including AWS, Azure, GCP, Kubernetes, Cloudflare, and Datadog.

Terraform targets DevOps engineers, platform teams, and any developer who provisions cloud resources. Whether you manage a single VPS or a multi-cloud enterprise environment, Terraform provides a consistent workflow: write, plan, apply.

§02

How it saves time or tokens

Without Terraform, provisioning infrastructure means clicking through cloud consoles or writing imperative scripts that break when APIs change. Terraform replaces that with a declarative approach: you describe what you want, not how to get there. The plan step shows exactly what will change before you apply, eliminating surprise modifications. State tracking means Terraform knows what already exists and only modifies the delta.

§03

How to use

  1. Install Terraform:
brew install terraform            # macOS
apt install terraform             # Debian/Ubuntu
  1. Write a configuration file defining your resources.
  1. Run the standard workflow:
terraform init       # Download providers
terraform plan       # Preview changes
terraform apply      # Apply changes
terraform destroy    # Tear down when done
§04

Example

# main.tf -- Create an AWS S3 bucket
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 5.0"
    }
  }
}

provider "aws" {
  region = "us-east-1"
}

resource "aws_s3_bucket" "data" {
  bucket = "my-app-data-bucket"

  tags = {
    Environment = "production"
    ManagedBy   = "terraform"
  }
}

Run terraform apply and Terraform creates the S3 bucket. Run it again and nothing changes because the state already matches.

§05

Related on TokRepo

§06

Common pitfalls

  • Storing Terraform state locally works for learning but breaks in teams. Use remote state backends (S3 + DynamoDB, Terraform Cloud, or GCS) for shared environments.
  • Importing existing resources into Terraform state requires terraform import and manually writing the matching HCL. It is tedious but necessary to avoid duplicates.
  • Provider version pinning is important. An unpinned provider can upgrade and introduce breaking changes on your next terraform init.

Frequently Asked Questions

Is Terraform free?+

Terraform CLI is open source under the BSL license (formerly MPL 2.0). It is free to download and use. HashiCorp offers Terraform Cloud with a free tier for small teams and paid plans for larger organizations.

What is the difference between Terraform and Pulumi?+

Terraform uses its own HCL language for configuration. Pulumi lets you write infrastructure code in general-purpose languages like Python, TypeScript, or Go. Both achieve infrastructure-as-code but differ in language approach and ecosystem.

Can Terraform manage Kubernetes resources?+

Yes. The Kubernetes provider lets Terraform manage namespaces, deployments, services, and other K8s resources. However, many teams prefer Helm or Kustomize for in-cluster resources and use Terraform for the underlying cloud infrastructure.

How does Terraform handle secrets?+

Terraform state files can contain sensitive values in plain text. Use remote backends with encryption, mark variables as sensitive, and integrate with secret managers like Vault or AWS Secrets Manager to protect credentials.

What happens if someone changes infrastructure outside Terraform?+

Terraform detects drift on the next plan or apply. It compares the real infrastructure state with the desired configuration and shows you what changed. You can then decide to reconcile by applying the Terraform configuration or updating it to match.

Citations (3)
Related on TokRepo
DevOps ToolsAutomation ToolsFeatured Workflows

Discussion

Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.

Related Assets

Pulumi — Infrastructure as Code in Any Programming Language

Pulumi is infrastructure as code using general-purpose languages: TypeScript, Python, Go, C#, Java, YAML. Unlike Terraform HCL, Pulumi lets you use loops, functions, classes, and real package ecosystems to describe cloud infra.

Skills
AI Open Source

Terraformer — Reverse-Engineer Existing Cloud Infrastructure to Terraform

Terraformer is a CLI tool by Google that reads live cloud resources from AWS, GCP, Azure, and 30+ other providers and generates corresponding Terraform HCL files and state, enabling infrastructure-as-code adoption on brownfield environments.

Skills
Script Depot

tfsec — Static Security Scanner for Terraform Code

Catch security misconfigurations in Terraform before they reach production. tfsec scans HCL files for hundreds of cloud security rules across AWS, Azure, and GCP with zero configuration.

Skills
Script Depot

Infracost — Cloud Cost Estimates for Infrastructure as Code

See cloud cost breakdowns before you deploy. Infracost integrates with Terraform and CI/CD to show how every change impacts your bill.

Skills
AI Open Source
Home🔍Search👤Me