Terraform Provisioners

• Terraform way of bootstrapping custom scripts, commands or actions

• Can run either locally (on the same system where Terraform commands are being issued from) or remotely on resources spun up through the terraform deployment

• Within Terraform code, each individual resource can have it owns "provisioner" defining the connection method (if required such as SSH or WinRM) and the actions/commands or script to execute

• There are 2 types of provisioners: "Creation-time" or "Deploy-time" provisiners which you can set to run when a resource is being created or destroyed

Best practice and caution when using Provisioners

• Disclaimer: Hashicorp recommends using Provisioners as last resource and try using inherent mechanisms within your infrastructure deployment to carry out custom tasks where possible

• Terraform cannot track changes to provisioners as they can take any independent action, hence they are not tracked by terraform state files.