Blog
Thoughts on engineering, design, and building great products.
Remote State on S3 With use_lockfile
State sitting on your personal machine can't be shared, isn't safe, and two people running at once will overwrite each other. This article moves state to S3: bootstrap a bucket with versioning and encryption, configure the backend, and enable state locking with use_lockfile — the current approach replacing the deprecated DynamoDB. With a real lock-conflict demo.
The Dependency Graph: Implicit, depends_on, and -target
Terraform infers the order of creating and deleting resources from a dependency graph. This article dissects that graph: implicit dependencies arise from references, viewing it directly with the graph command, why destroy reverses the order, when you need depends_on, and why -target is only an escape hatch.
State: What Terraform Stores, Why It's Needed, and Drift
Dig into the state file: why Terraform needs it instead of asking AWS directly each time, what exactly it stores, and the refresh mechanism that compares config, state and reality three ways. Create drift by hand with the AWS CLI then watch Terraform detect it, and the difference between a normal plan and plan -refresh-only.
HCL Inside Out: Blocks, Data Types, Expressions
Dissect the HCL language thoroughly: what a block is made of, the string/number/bool/list/map/null data types, expressions and functions, string interpolation. Use terraform console to try things directly, and see what else the terraform{} block can declare.
Provider, Your First Resource, and the init plan apply destroy Lifecycle
Stand up your first real AWS resource: declare a provider and pin its version, create an S3 bucket, then walk the full init → plan → apply → destroy cycle. What each command does inside, why plan writes 'known after apply', what state stores, and why a second apply creates nothing new.
Infrastructure as Code, What Terraform Is, and Getting to Know the CLI
The series opener: why managing infrastructure by hand eventually breaks, what Infrastructure as Code solves, and where Terraform fits in that picture. We dissect the core and provider architecture, install Terraform 1.15, and tour the main CLI commands.