What Is Alibaba Cloud Terraform?
Use Terraform, an open-source infrastructure as code (IaC) tool, to define and manage Alibaba Cloud resources through declarative configuration files.
What Is Terraform?
Terraform is an open source, declarative IaC tool by HashiCorp. “Declarative” means you describe the desired state of resources in configuration files—for example, “an ECS instance with 2 vCPUs and 4 GiB of memory in the China East 1 region”—and Terraform handles API calls, dependencies, and execution order automatically.
This differs fundamentally from console-based operations:
|
Console operations |
Terraform |
|
|
How you operate |
Click and enter parameters step by step in the interface |
Describe the desired state of resources in configuration files |
|
Execution process |
Create resources manually, one at a time, and handle dependencies manually |
Automatically resolve dependencies and create resources |
|
Environment replication |
Repeat manual steps—hard to ensure consistency |
Deploy multiple environments using the same configuration file |
|
Change tracking |
Rely on operation audit logs |
Store configuration files in version control (such as Git). Changes are traceable and reversible. |
|
Team collaboration |
Rely on documentation and verbal agreements |
Configuration files are reviewable, shareable, and reusable |
Terraform shifts infrastructure management from manual operations to code. It works best for managing many resources, multiple environments, or cross-team collaboration. For one-off tasks, the console may be simpler.
Terraform and Alibaba Cloud
Terraform connects to cloud platforms through providers. Each provider translates resource definitions into API calls for its platform.
Alibaba Cloud was the first cloud provider in China to integrate with Terraform. The official alicloud provider supports most Alibaba Cloud resource types, including:
-
Compute and containers: Elastic Compute Service (ECS), ACK, Function Compute, Auto Scaling
-
Networking: Virtual Private Cloud (VPC), Server Load Balancer (SLB), Application Load Balancer (ALB), Network Load Balancer (NLB), NAT Gateway, Cloud Enterprise Network (CEN)
-
Storage and databases: Object Storage Service (OSS), NAS, ApsaraDB RDS (RDS), PolarDB, Redis, ApsaraDB for MongoDB
-
Security and management: Resource Access Management (RAM), Key Management Service, Web Application Firewall
-
Big data and AI: MaxCompute, PAI
How Terraform Manages Resources
Terraform compares your desired state against the actual state and calculates the required actions automatically.
The workflow has three steps:
-
Write: Describe cloud resources and their properties in configuration files—for example, ECS instance type, image, and VPC.
-
Preview: Terraform compares your configuration to the current resource state and generates a change plan. Review this plan before applying.
-
Execute: After confirming the plan, Terraform uses Alibaba Cloud OpenAPI to perform all operations and records the latest resource state.
On each run, Terraform processes only the differences—creating, updating, or destroying resources as needed. Unchanged resources stay intact.
Benefits of Using Terraform
-
Preview before execution: Before every run, Terraform generates a change plan listing resources to create, modify, or delete—preventing unintended changes.
-
Incremental updates: Terraform applies only the changes you make. It does not rebuild unchanged resources.
-
Unified multi-cloud management: Terraform supports providers for multiple cloud platforms. Manage Alibaba Cloud, AWS, and other resources in the same workflow.
-
Modular reuse: Package common resource combinations—such as VPC, subnets, and security groups—into modules. Reuse them across projects and environments.
-
Continuous state tracking: Terraform maintains a state file that maps each resource to its cloud counterpart, ensuring consistent management.
FAQ
Is Terraform free?
Yes. Terraform is free and open source. Resources created through Terraform follow standard Alibaba Cloud billing.
Do I need programming experience to use Terraform?
No. Terraform uses HashiCorp Configuration Language (HCL), a declarative language for describing resource properties. For a no-code option, useExplorer to generate and run configurations through a graphical interface.
How do Terraform operations affect existing cloud resources?
Terraform manages only resources defined in your configuration files and does not affect others. Its operations act directly on live cloud resources—always review the change plan before execution.
Can I import existing resources created in the console into Terraform?
Yes. Use the import command to bring existing resources under Terraform management, then write matching configuration files to manage them going forward.
Can I still manage Terraform-managed resources in the console?
You can, but it is not recommended. Manual console changes cause state file mismatches, and Terraform may overwrite those changes on the next run. Manage Terraform-controlled resources exclusively through Terraform.
How does Terraform differ from ROS?
Both are declarative IaC tools. Terraform is an open source, third-party tool that supports multi-cloud management. ROS (Resource Orchestration Service) is a native Alibaba Cloud service deeply integrated with the console. Choose Terraform for multi-cloud support or if you already use it elsewhere. Choose ROS if you manage mostly Alibaba Cloud resources and prefer a native tool. What is Resource Orchestration Service?