Blog
Thoughts on engineering, design, and building great products.
Variables, Outputs, Locals and Catching Bad Values Early
Parameterize configuration so the same code runs for multiple environments: variables take input, outputs return results, locals name derived expressions. More important is catching errors early — validation blocks bad input right at plan, precondition and postcondition check assumptions around each resource.
State Operations: import Block, state mv, state rm
Working with state day to day: bring existing infrastructure under management with the import block and auto-generate configuration with -generate-config-out, rename a resource in state with state mv, and remove a resource from management without deleting it with state rm. All run live against a bucket built by hand beforehand.
The Dependency Graph: Implicit, depends_on, and -target
Terraform infers the order of creating and deleting resources from a dependency graph. This article dissects that graph: implicit dependencies arise from references, viewing it directly with the graph command, why destroy reverses the order, when you need depends_on, and why -target is only an escape hatch.
State: What Terraform Stores, Why It's Needed, and Drift
Dig into the state file: why Terraform needs it instead of asking AWS directly each time, what exactly it stores, and the refresh mechanism that compares config, state and reality three ways. Create drift by hand with the AWS CLI then watch Terraform detect it, and the difference between a normal plan and plan -refresh-only.
HCL Inside Out: Blocks, Data Types, Expressions
Dissect the HCL language thoroughly: what a block is made of, the string/number/bool/list/map/null data types, expressions and functions, string interpolation. Use terraform console to try things directly, and see what else the terraform{} block can declare.
Provider, Your First Resource, and the init plan apply destroy Lifecycle
Stand up your first real AWS resource: declare a provider and pin its version, create an S3 bucket, then walk the full init → plan → apply → destroy cycle. What each command does inside, why plan writes 'known after apply', what state stores, and why a second apply creates nothing new.
Infrastructure as Code, What Terraform Is, and Getting to Know the CLI
The series opener: why managing infrastructure by hand eventually breaks, what Infrastructure as Code solves, and where Terraform fits in that picture. We dissect the core and provider architecture, install Terraform 1.15, and tour the main CLI commands.