Mr Cheng bio photo

Mr Cheng

Why Use Terraform

versus chef-provisioning

Personally I get the impression you can/should go chef-provisioning when you are already deeply invested in Chef, or you plan to be that way. Or maybe you're making a tool like habitat: https://github.com/habitat-sh/habitat/tree/master/terraform

a basic reason

(note: move to a separate page/post.. )
A fundamental reason why you do this... save on mouse clicks and keyboard button pressing (intended audience: people who don't automate things) Terraform may be hard to appreciate if you haven't created things manually via the AWS web interface. Let's say you start from scratch, and you want to open SSH to the world on an AWS instance:
- point browser at your AWS console's region
- scroll down so Security Group link shows
- point mouse at the link
- click mouse
- find "create security group" button
- click mouse
- enter "security group name"
- hit tab
- enter a description
- hit tab
- ensure selection of VPC is what you want, in the case you have multiple VPCs
- move mouse to "Add Rule"
- click
- move mouse to "type" dropdown
- select SSH
- move mouse to source dropdown
- select "anywhere"
- move mouse to "create"
- click

Great! Now your SG is created. Now you need to associate it to your instance:
- scroll around so the instances link shows
- point mouse at the link
- locate the instance in question
- right click it
- select networking
- select "Change Security Groups" - find the SG you created
- select it
- move mouse to "Assign Security group"
- click

.. or do all the above with terraform:
terraform apply