Terraformcloud~3 mins

Why provisioners are a last resort in Terraform - The Real Reasons

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

The Big Idea

Discover why running commands directly on servers can cause more harm than good in your cloud setup!

The Scenario

Imagine you have to set up a new server every day by logging in manually and running commands one by one.

You write scripts that run on the server after it is created to install software or configure settings.

The Problem

This manual or script-based approach is slow and fragile.

If the server setup fails halfway, you must start over or fix it by hand.

Scripts can break if the server environment changes or if commands run in the wrong order.

The Solution

Terraform encourages using built-in resource settings and external configuration tools instead of running commands directly on servers.

This keeps infrastructure setup predictable, repeatable, and easier to manage.

Before vs After

✗ Before

resource "aws_instance" "example" {
  # ...
  provisioner "remote-exec" {
    inline = ["sudo apt-get update", "sudo apt-get install -y nginx"]
  }
}

✓ After

resource "aws_instance" "example" {
  # ...
  user_data = <<-EOF
              #!/bin/bash
              apt-get update
              apt-get install -y nginx
              EOF
}

What It Enables

It enables infrastructure to be created and configured reliably without fragile manual steps or scripts that can fail unexpectedly.

Real Life Example

Instead of running commands on a new virtual machine to install software, you provide a startup script or use a configuration management tool that runs automatically and consistently.

Key Takeaways

Manual commands on servers are slow and error-prone.

Provisioners run commands but can cause fragile setups.

Using built-in features or external tools leads to stable, repeatable infrastructure.