Are you looking for the best free Terraform tools to help you out with your multi-cloud infrastructure?
Terraform tools are pre-written codes that add multiple functionalities to advance the capabilities of Terraform.
This short article will show you the best Terraform tools that will 10x your efficiency when working with multi-cloud infrastructure.
I have used and studied many Terraform modules and open-source projects. So, the Terraform tools on the list are tried and tested by many developers.
For me, these 6 Terraform projects are best Terraform tools:
In one line, Terraformer makes a Terraform copy of your existing infrastructure. A reverse Terraform, you can say.
Many small businesses and organizations find it challenging to make sense of their existing infrastructure. Multiple developers join, work on infrastructure, and quit the organization. Add shadow IT, and it leads to a difficult-to-read infrastructure.
But the infrastructure keeps working. Mix the multi-cloud, multiple VMs, storage buckets etc., and the entire environment becomes complex.
Manually configuring and writing the Terraform script for the infrastructure is a time-consuming and resource-draining process. Also, you may not have bandwidth and permission to build infrastructure from scratch.
Terraform allows engineers to transform the existing infrastructure into the Terraform code. Developers can edit the code and make quick changes as required.
With only read permissions, Terraformer cannot make changes to the infrastructure. It can only read and create a .tf script out of it.
By definition:
Terragrunt is a thin wrapper that provides extra tools for keeping your configurations DRY, working with multiple Terraform modules, and managing remote states.
Terraform contains one big state to provision resources from multiple providers. A big state takes time to refresh. If you have a large team, you will find someone is locking the state with their changes.
Having one big state reduces efficiency. Terragrunt can split the big Terraform state into multiple smaller states. Also, if you deploy the same infrastructure on multiple accounts, Terragrunt can save lots of time by providing you with self-repeating modules.
Terragrunt helps with:
Download from their website here.
Infracost reads your Terraform code and tracks over 3 million price points to display an easily understandable cost estimate. You can evaluate all the prices before the launch.
If you want to reduce your infrastructure cost, Infracost is a no-brainer. Moreover, it maps the cost to resources in your pull requests. This will tell you which line of code has a heftier cost impact. Then you can make changes if you like. You can discuss the changes with your team members in the existing workflow, as Infracost integrated into the CI/CD.
Finally, you can run the What-If analysis. It tells you the cost impact if you change the instance type, region, or cloud provider. It also estimates the price if the usage increases.
Infracost estimates your infra cost and forecasts the price after the changes in infra and usage.
Download from their website here.
Tfsec - as the name suggests - is a security scanner for the Terraform code.
It runs locally and in the CI pipelines to provide developer-friendly output. In addition, the documentation helps in quick and efficient security detection and remediation.
Tfsec uses static analysis and deep integration with the official HCL parse to ensure the security issues can be tracked before the infrastructure changes go live.
Recently Tfsec has joined Aquasecurity. The software will remain open source but will have more touch points for security audits. It has more data to compare and evaluate the security leaks in the Terraform code.
Tfsec is a small tool but can save you from big problems by detecting the security issue before deploying the code.
Download from the company's GitHub here.
Created by Airbnb engineers, StreamAlert is a real-time data analysis framework with point-in-time alerting. It solves one of the biggest challenges in multi-cloud infrastructure strategy – SECURITY MONITORING.
StreamAlert is serverless and can be scalable to TB’s/hour. In addition, the infrastructure deployment is automated and utilizes Terraform for deployment.
Being cloud-agnostic, StreamAlert can monitor multiple cloud and data sources. It can accept data from any device and operating system - Android, Windows etc. In addition, if the environment is connected to the internet, StreamAlert can accept its data.
StreamAlert comes with a flexible alerting framework that integrates new or existing case/incident management tools. It enables your Rules to send alerts to one or many outputs.
Download from their website here.
Lint, or a linter, is a quick tool to analyse the static code. It identify and point out the programming errors, bugs, stylistic errors and suspicious constructs. TfLint does this for the terraform code.
TFLint is a framework, and plugins provide each feature; the key features are as follows:
With over 700 rules built-in, including regular Terraform rules and significant cloud providers rules (AWS, Azure, Google), it is one of the most comprehensive Terraform linters.
It is very helpful to find the eros that could not be found in the Plan stage. Once you do Apply, many errors could arise from the provider side. For example, wrong EC2 instances will not show up in Plan but will cause errors in the application.
Tflint finds all these scenarios that can cause trouble while deploying the code. TFLint was created in Go and had a plugin system that allows anyone acquainted with the Go language.
There are so many Terraform tools out there. - both free and commercial. I only mentioned the free Terraform tools to help you out in this article.
You can download them and incorporate them with any Terraform project to improve the workflow.
Suggest more tools in the comments if you like, and I will add them to the article. :)