Terraform Provisioner : The Best Tool to Manage Your Cloud Infrastructure 

Terraform is a popular Infrastructure as Code (IAC) solution for provisioning and managing cloud infrastructure. Utilizing "provisioners" to automate the installation and configuration of your infrastructure is one of Terraform's primary features. 

In this article, we'll explore the advantages of using a Terraform provisioner and how it can make it easier for you to effectively manage your cloud infrastructure. We'll also examine some popular provisioner examples and how to include them in your Terraform code.

What Are Terraform Provisioners and How Do They Work?

Terraform Provisioners allow you to run scripts on a local or remote workstation as part of the resource generation or destruction process in Terraform. They are used to configure and provision Terraform's infrastructure resources.  

A provisioner can be used to install software on a freshly formed virtual machine, run a script to configure a database, or copy files to a remote server, for example.

Provisioners are added as a resource block to Terraform resources. They are carried out after the resource has been created but before it is destroyed.

There are other provisioner kinds available, such as "local-exec" and "remote-exec," which allow you to perform commands on local or remote machines, respectively.

Terraform builds a resource by first creating the resource and then running any provisioners linked with it. Terraform will mark the resource as created after the provisioners have finished.

If a resource is being destroyed, Terraform will first run any provisioners linked with it before destroying the resource.

Provisioners are a significant Terraform feature that allows you to automate infrastructure setup and configuration, making it easier to manage and maintain your cloud environment.

What Are the Main Uses of Terraform Provisioners?

Terrafor Provisioners have a wide range of applications and can be used to automate numerous operations related to infrastructure setup and configuration. Terraform Provisioners are commonly used for the following purposes:

  • Provisioners can be used to install software on freshly constructed virtual machines such as a web server or database server.

  • Provisioners can be used to customize software after it has been installed, such as setting up a database or configuring a web server. 

  • To copy files to distant servers, such as configuration files or application code.

  • You can use provisioners to run scripts on a local or remote machine, such as one that sets environment variables or configures a firewall.

  • Users and groups can be created on a server, and permissions can be specified using provisioners.  

  • As part of the infrastructure provisioning process, provisioners can be used to run commands on local or remote machines. 

Common Examples of Terraform Provisioners Uses in Action

Here are some examples of how Terraform Provisioners are commonly utilized in practice:

  1. 1

    Installing a Web Server 

    In this, an Apache web server is installed on a freshly built virtual machine using a Terraform provisioner. The command to install Apache and set it up to launch automatically upon booting would be executed by the provisioner.

  2. 2

    Setting Up a Database 

    In this case, a virtual machine's MySQL or PostgreSQL database is set up using a Terraform provisioner. The commands to create a new database, a user, and a password would be executed by the provision.

  3. 3

    File Transfer to a Distant Server

    In this illustration, a Terraform provisioner is utilized to transfer files to a distant server. The files would be copied by the provisioner using a command like scp, and the permissions would be set on the copied files using other commands.

  4. 4

    Implementing a Firewall Configuration Script

    In this illustration, a Terraform provisioner is used to implement a firewall configuration script on a virtual machine. The firewall would be set up by the script to allow some ports while blocking others.

  5. 5

    Making a User and Group

    In this case, a virtual machine's user and group are made using a Terraform provisioner. Useradd and Groupadd are two commands that the provisioner would use to create users and groups and establish permissions.

  6. 6

    Run a Command to Set Environment Variables

    In this example, a Terraform provisioner is used to execute a command on a virtual machine that sets environment variables. The command may be something like export VAR1=value1.

What Types of Terraform Provisioners Are Available?

Terraform includes numerous provisioners that can be used to automate infrastructure setup and configuration activities. The following are the most prevalent types of provisioners.

  • file

    You can use the file provisioner to copy files or directories from your local workstation to a distant resource. Copying files such as configuration files, scripts, certificates, and keys is beneficial.

  • local-exec

    The local-exec provisioner allows you to run a command on the Terraform machine. This can be used to perform local scripts or commands, such as copying files or configuring software.

  • chef

    The Chef configuration management tool can be used to provision resources using the chef provisioner. Chef cookbooks can be used to install and configure the software as well as maintain system configurations.

  • remote-exec 

    The remote-exec provisioner allows you to run a command on a Terraform-created remote machine. This can be used to execute scripts or commands on a virtual machine or other remote resources, for example, to install software or configure a database.

  • puppet

    The puppet provisioner is a resource provisioning tool that works with the Puppet configuration management tool. Using Puppet manifests may be used to install and configure the software as well as manage system configurations.

  • ansible 

    The Ansible configuration management tool can be used to provision resources using the Ansible provisioner. This can be used to manage system configurations using Ansible playbooks and to install and configure the software.

    These are the most common Terraform Provisioners, but there are other provisioners available for automating specialized activities. The salt-masterless provisioner for SaltStack and the PowerShell provisioner for Windows systems are two examples.

Steps to Install and Run a Terraform Provisioner

The following are the steps for installing and running a Terraform Provisioner

  1. 1

    Install Terraform

    Before you can utilize Terraform Provisioners, you must first install Terraform on your local system. The Terraform website has the right version for your operating system.

  2. 2

    Make a Terraform Configuration File 

    Next, make a Terraform configuration file that defines your infrastructure. This file should contain the resources you wish to build as well as any provisioners you intend to employ.

  3. 3

    Initialize Terraform 

    Terraform must be initialized before it can be used. Run the terraform init command to download the required provider plugins and set up the backend for storing the state files.

  4. 4

    Apply the Terraform Configuration 

    Once Terraform has been initialized, use the command terraform apply to apply your configuration. This will generate the resources indicated in your configuration file as well as run any provisioners you've specified.

  5. 5

    Verify the Provisioning 

    After Terraform has been completed, you may view the status of the resources that were generated. You can also review the provisioner logs to see if there were any issues.

  6. 6

    Destroy the Resources 

    When you're finished with them, use the terraform destroy command to destroy them. This will delete the resources that were produced and clear up any resources or settings that the provisioner left behind.

What Are the Advantages and Drawbacks of Terraform Provisioners?

Terraform Provisioners have several advantages and disadvantages.


  • Automation 

    Terraform Provisioners automate the process of installing and configuring infrastructure, saving time and lowering the risk of human error.

  • Reusability 

    Terraform Provisioners can be reused across various resources, making infrastructure management and maintenance simple.

  • Flexibility 

    Terraform Provisioners can be used in conjunction with a variety of configuration management tools, such as Chef, Puppet, and Ansible, allowing for a great deal of flexibility in infrastructure management.

  • Integrability

    Terraform Provisioners can be combined with other tools to automate the process of constructing and upgrading infrastructure, such as Jenkins, CircleCI, and other CI/CD systems.


  • Complexity

    Since Terraform Provisioners involve additional configuration and setup, they might complicate infrastructure management. 

  • Limited Functionality

    Terraform Provisioners may not be able to execute all of the activities you require, necessitating the usage of other tools or scripts.

  • Debugging

    Debugging provisioner can be tough because the provisioning process is not always simple and can be difficult to troubleshoot.

  • Limited Control

    Terraform provisioner will execute on the same machine that runs Terraform, which may pose a security risk. You must also open ports or implement firewall rules to allow the connection while using a remote-exec provisioner.

Why Are Terraform Provisioners Usually the Last Resort?

Terraform Provisioners are normally used as a last resort to do activities that cannot be easily accomplished with Terraform's built-in resources and modules. One of the primary reasons is that they can complicate infrastructure management. 

Provisioners necessitate additional configuration and setup, which can make managing and maintaining your infrastructure more complicated. Another reason is that they may introduce security problems.

What Are the Best Alternatives to Terraform Provisioners?

Various Terraform Provisioners alternatives can be used to configure and manage software and packages on your instances. These are some examples:

  • Cloud-Init

  • Configuration Management Tools

  • Jenkins, CircleCI, and other CI/CD tools

  • Scripts

Each of these options have pros and cons, and the ideal option will rely on your individual needs and use case. It is important to thoroughly weigh your options and select the one that best meets your requirements.

Final Thoughts

In order to maintain the security, scalability, and reliability of your infrastructure, Terraform Provisioners are a valuable addition to your infrastructure management toolkit.

However, Terraform Provisioners should be used in conjunction with other tools and best practices should be followed to maximize the output. 

Terraform Provisioners should only be used when absolutely necessary because they can complicate your infrastructure management which is a drawback.

About the author


Youssef is a Senior Cloud Consultant & Founder of ITCertificate.org

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Related posts