Infrastructure & DevOps23 December 2025·11 min read

Terraform for Beginners: Infrastructure as Code Guide

Core Terraform concepts, AWS and GCP examples, modules, workspaces, CI/CD integration, and how Terraform compares to Pulumi for infrastructure management.

TerraformInfrastructure as CodeAWSGCPDevOpsPulumi

What Is Infrastructure as Code?

Infrastructure as Code (IaC) means defining your servers, databases, networks, and services in configuration files rather than clicking through cloud provider consoles. The configuration is version-controlled, reviewable in pull requests, and reproducible — run the same file and get the same infrastructure every time.

Terraform, created by HashiCorp, is the most widely adopted IaC tool. It works across AWS, Google Cloud, Azure, and dozens of other providers through a plugin architecture. At The Beyond Horizon, we use Terraform for all client infrastructure that goes beyond simple Vercel deployments.

Core Concepts

Providers

Providers are plugins that let Terraform interact with cloud platforms. The AWS provider manages EC2 instances, RDS databases, S3 buckets, and hundreds of other AWS resources. The Google Cloud provider manages Compute Engine, Cloud SQL, Cloud Storage, and GCP resources. You can use multiple providers in the same configuration.

Resources

Resources are the infrastructure objects Terraform manages. Each resource has a type, a name, and configuration arguments. A resource block like resource "aws_instance" "web" defines an EC2 instance named "web" with a specified AMI, instance type, and tags.

State

Terraform tracks the current state of your infrastructure in a state file. When you run terraform plan, Terraform compares your configuration to the state file and shows what changes are needed. When you run terraform apply, it makes those changes and updates the state.

Critical rule: Never edit state manually. Never store state in version control. Use a remote backend (S3 + DynamoDB for locking, or Terraform Cloud) to store state securely and enable team collaboration.

AWS Example: VPC + EC2 + RDS

A typical web application infrastructure on AWS includes:

A VPC with public and private subnets across multiple availability zones

An Application Load Balancer in public subnets

EC2 instances or ECS containers in private subnets

An RDS PostgreSQL instance in private subnets

Security groups controlling network access between components

Each of these is defined as a Terraform resource. References between resources use Terraform's interpolation syntax: the EC2 instance references the VPC's subnet ID, the security group references the VPC's ID, and the RDS instance references the private subnet IDs.

GCP Example: Cloud Run + Cloud SQL

Google Cloud's serverless offerings simplify infrastructure. A production setup includes:

A Cloud Run service for your Next.js application container

A Cloud SQL PostgreSQL instance with private networking

A VPC connector linking Cloud Run to Cloud SQL

Cloud CDN for static asset caching

Terraform manages the service configuration, environment variables, scaling limits, and network connectivity. Changes to any of these go through the same pull request review process as code changes.

Modules

Modules are reusable Terraform configurations. Instead of duplicating VPC configuration across projects, create a VPC module with configurable parameters (CIDR block, number of subnets, environment name) and reference it from each project.

Module Best Practices

Keep modules small and focused — one module per logical concern (networking, compute, database)

Use input variables for all configurable values

Output important values (IDs, endpoints, ARNs) for use by other modules

Version your modules using Git tags

Use the Terraform Registry for battle-tested community modules when available

Workspaces

Terraform workspaces enable managing multiple environments (staging, production) from the same configuration. Each workspace has its own state file. Use terraform.workspace in your configuration to vary instance sizes, replica counts, and other parameters between environments.

For complex multi-environment setups, consider Terragrunt — a wrapper around Terraform that provides better DRY configuration and environment management.

CI/CD Integration

Infrastructure changes should go through the same review process as code:

Pull request: Developer modifies Terraform files and opens a PR

Plan in CI: GitHub Actions runs terraform plan and posts the output as a PR comment

Review: Team reviews the planned changes — additions, modifications, and destructions are clearly shown

Apply on merge: Merging the PR triggers terraform apply in CI

This workflow prevents manual infrastructure changes, provides an audit trail, and catches mistakes before they reach production.

Terraform vs Pulumi

Pulumi uses general-purpose programming languages (TypeScript, Python, Go) instead of Terraform's HCL configuration language. This provides loops, conditionals, and type checking without HCL's limitations.

Choose Terraform if: your team prefers declarative configuration, you want the largest ecosystem of providers and modules, or you need to hire for infrastructure skills (Terraform is the industry standard).

Choose Pulumi if: your team prefers writing TypeScript over learning HCL, you need complex logic in your infrastructure definitions, or you want to share code between your application and infrastructure.

Infrastructure as code is not optional for serious production systems. Start with Terraform, grow from there. Need help setting up your infrastructure? Contact us.

The Beyond Horizon Team

We are a digital agency based in Ajmer, India, specializing in Next.js web applications, React Native mobile apps, and UI/UX design. 150+ projects delivered.

About Us →

Web Development