Terraform Provisioners

  • Terraform way of bootstrapping custom scripts, commands or actions

  • Can run either locally (on the same system where Terraform commands are being issued from) or remotely on resources spun up through the terraform deployment

  • Within Terraform code, each individual resource can have it owns "provisioner" defining the connection method (if required such as SSH or WinRM) and the actions/commands or script to execute

  • There are 2 types of provisioners: "Creation-time" or "Deploy-time" provisiners which you can set to run when a resource is being created or destroyed

Best practice and caution when using Provisioners

  • Disclaimer: Hashicorp recommends using Provisioners as last resource and try using inherent mechanisms within your infrastructure deployment to carry out custom tasks where possible

  • Terraform cannot track changes to provisioners as they can take any independent action, hence they are not tracked by terraform state files.

PreviousTerraform OutputNextTerraform State

Last updated