NAME
terraform - define infrastructure using declarative configuration
SYNOPSIS
resource "aws_s3_bucket" "blog" {
bucket = "vgnshlvnz-blog"
tags = {
Name = "ManpageBlog"
Cost = "Minimal"
}
}
DESCRIPTION
Terraform is the industry standard for Infrastructure as Code (IaC). It allows you to define cloud resources using a declarative configuration language (HCL), making infrastructure reproducible, versionable, and testable.
This platform uses Terraform to define all AWS resources, ensuring consistent deployments across environments.
CONFIGURATION
S3 Bucket
The blog content is stored in S3 with versioning enabled:
resource "aws_s3_bucket" "blog" {
bucket = "vgnshlvnz-blog"
}
resource "aws_s3_bucket_versioning" "blog" {
bucket = aws_s3_bucket.blog.id
versioning_configuration {
status = "Enabled"
}
}
resource "aws_s3_bucket_lifecycle_configuration" "blog" {
bucket = aws_s3_bucket.blog.id
rule {
id = "archive-old-content"
status = "Enabled"
transition {
days = 90
storage_class = "STANDARD_IA"
}
transition {
days = 180
storage_class = "GLACIER_IR"
}
}
}
CloudFront Distribution
CDN configuration with aggressive caching:
resource "aws_cloudfront_distribution" "blog" {
origin {
domain_name = aws_s3_bucket.blog.bucket_regional_domain_name
origin_id = "S3-${aws_s3_bucket.blog.id}"
}
enabled = true
is_ipv6_enabled = true
default_root_object = "index.html"
price_class = "PriceClass_100"
default_cache_behavior {
allowed_methods = ["GET", "HEAD", "OPTIONS"]
cached_methods = ["GET", "HEAD"]
target_origin_id = "S3-${aws_s3_bucket.blog.id}"
forwarded_values {
query_string = false
cookies {
forward = "none"
}
}
viewer_protocol_policy = "redirect-to-https"
min_ttl = 86400 # 1 day
default_ttl = 604800 # 7 days
max_ttl = 31536000 # 1 year
compress = true
}
}
Budget Alerts
Cost monitoring with alerts:
resource "aws_budgets_budget" "monthly" {
name = "manpageblog-monthly"
budget_type = "COST"
limit_amount = "10.0"
limit_unit = "USD"
time_unit = "MONTHLY"
notification {
comparison_operator = "GREATER_THAN"
threshold = 80
threshold_type = "PERCENTAGE"
notification_type = "ACTUAL"
subscriber_email_addresses = ["admin@vgnshlv.nz"]
}
}
DEPLOYMENT WORKFLOW
The infrastructure deployment follows this workflow:
# Initialize Terraform
terraform init
# Plan changes
terraform plan -out=tfplan
# Apply changes
terraform apply tfplan
# Verify deployment
terraform show
STATE MANAGEMENT
Terraform state is stored remotely in S3 with DynamoDB locking:
terraform {
backend "s3" {
bucket = "vgnshlvnz-terraform-state"
key = "blog/terraform.tfstate"
region = "us-east-1"
dynamodb_table = "terraform-locks"
encrypt = true
}
}
COST ESTIMATION
Terraform can estimate costs before deployment:
# Using Infracost
infracost breakdown --path .
# Output:
# ┌─────────────────────────────────────────────┐
# │ Monthly cost estimate │
# ├─────────────────────────────────────────────┤
# │ S3 Storage (5GB) $0.12 │
# │ CloudFront (10k requests) $0.85 │
# │ Route53 (hosted zone) $0.50 │
# │ Lambda (within free tier) $0.00 │
# ├─────────────────────────────────────────────┤
# │ TOTAL $1.47/month │
# └─────────────────────────────────────────────┘
BENEFITS
Using Terraform provides:
- Reproducibility - Same config, same infrastructure every time
- Version Control - Infrastructure changes tracked in Git
- Documentation - Code serves as living documentation
- Testing - Infrastructure can be tested before deployment
- Cost Tracking - Estimate costs before applying changes
EXAMPLE PROJECT STRUCTURE
terraform/
├── main.tf # Primary resources
├── variables.tf # Input variables
├── outputs.tf # Output values
├── versions.tf # Provider versions
├── backend.tf # State configuration
└── modules/
├── s3/
├── cloudfront/
└── lambda/
SEE ALSO
- terraform(1), aws(1), cloudformation(1)
- Terraform AWS Provider
- Terraform Best Practices
AUTHOR
vgnshlvnz - Building infrastructure with code since 2025