Blog Post

arrow_back Back to All Articles
Infrastructure

Terraform vs CloudFormation: Choosing the Right IaC Tool

person
Apoorv Katiyar
schedule 7 min read
Terraform AWS CloudFormation IaC

When it comes to Infrastructure as Code (IaC), Terraform and AWS CloudFormation are two of the most popular choices. Let's compare them to help you make an informed decision.

Overview

Terraform

  • Provider: HashiCorp
  • Language: HCL (HashiCorp Configuration Language)
  • Cloud Support: Multi-cloud (AWS, Azure, GCP, and 1000+ providers)
  • State Management: Remote state with backends
  • Open Source: Yes (with enterprise version available)

CloudFormation

  • Provider: AWS
  • Language: JSON or YAML
  • Cloud Support: AWS only
  • State Management: Managed by AWS
  • Open Source: No (AWS managed service)

Key Differences

1. Multi-Cloud Support

Terraform:

# AWS Resources
resource "aws_instance" "web" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t2.micro"
}

# Azure Resources (same configuration file)
resource "azurerm_virtual_machine" "vm" {
  name                  = "myVM"
  location              = "East US"
  resource_group_name   = azurerm_resource_group.main.name
  # ...
}

CloudFormation:

  • AWS only - no multi-cloud support
  • Need different tools for other clouds

2. Syntax and Readability

Terraform (HCL):

resource "aws_s3_bucket" "data" {
  bucket = "my-data-bucket"
  
  versioning {
    enabled = true
  }
  
  tags = {
    Environment = "Production"
    Team        = "DevOps"
  }
}

CloudFormation (YAML):

Resources:
  DataBucket:
    Type: AWS::S3::Bucket
    Properties:
      BucketName: my-data-bucket
      VersioningConfiguration:
        Status: Enabled
      Tags:
        - Key: Environment
          Value: Production
        - Key: Team
          Value: DevOps

3. State Management

Terraform:

  • Explicit state file
  • Requires backend configuration
  • State locking with DynamoDB
  • Manual state management
terraform {
  backend "s3" {
    bucket         = "my-terraform-state"
    key            = "prod/terraform.tfstate"
    region         = "us-east-1"
    dynamodb_table = "terraform-locks"
    encrypt        = true
  }
}

CloudFormation:

  • State managed automatically by AWS
  • No manual state management needed
  • Built-in change sets for preview

4. Modularity and Reusability

Terraform Modules:

module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "3.0.0"
  
  name = "my-vpc"
  cidr = "10.0.0.0/16"
  
  azs             = ["us-east-1a", "us-east-1b"]
  private_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
  public_subnets  = ["10.0.101.0/24", "10.0.102.0/24"]
}

CloudFormation Nested Stacks:

Resources:
  VPCStack:
    Type: AWS::CloudFormation::Stack
    Properties:
      TemplateURL: https://s3.amazonaws.com/templates/vpc.yaml
      Parameters:
        VPCName: my-vpc
        CIDR: 10.0.0.0/16

Pros and Cons

Terraform

Pros:
✅ Multi-cloud support
✅ Large community and module registry
✅ Better for complex infrastructures
✅ Plan command shows changes before apply
✅ More readable HCL syntax
✅ Extensive provider ecosystem

Cons:
❌ Requires state management
❌ State file security concerns
❌ Learning curve for state management
❌ Potential state drift issues

CloudFormation

Pros:
✅ Native AWS integration
✅ No state management needed
✅ Change sets for preview
✅ Drift detection built-in
✅ Free to use
✅ IAM integration

Cons:
❌ AWS only
❌ Verbose YAML/JSON syntax
❌ Slower updates for new AWS services
❌ Limited modularity
❌ Stack limits (200 resources, 500 outputs)

When to Use Terraform

Choose Terraform if you:

  • Need multi-cloud support
  • Want better modularity and reusability
  • Prefer HCL over JSON/YAML
  • Have complex infrastructure requirements
  • Want access to community modules
  • Need to manage non-AWS resources

When to Use CloudFormation

Choose CloudFormation if you:

  • Only use AWS
  • Want AWS-native integration
  • Prefer managed state
  • Need built-in drift detection
  • Want simpler setup (no state backend)
  • Require AWS-specific features quickly

My Experience

At Accenture, I've used both tools:

Terraform:

  • Managed multi-environment AWS infrastructure
  • Used modules for VPC, EKS, RDS
  • Implemented remote state with S3 and DynamoDB
  • Created reusable modules for teams

CloudFormation:

  • Quick AWS-specific deployments
  • Serverless applications with SAM
  • Simple stack management
  • AWS service catalog integration

Hybrid Approach

You can use both:

  • Terraform for core infrastructure (VPC, networking)
  • CloudFormation for application stacks
  • CDK (AWS Cloud Development Kit) as alternative to CloudFormation

Best Practices

For Terraform:

  1. Always use remote state
  2. Enable state locking
  3. Use modules for reusability
  4. Version your modules
  5. Use workspaces for environments

For CloudFormation:

  1. Use nested stacks for modularity
  2. Leverage change sets
  3. Use parameters for flexibility
  4. Enable termination protection
  5. Tag all resources

Conclusion

Both tools are excellent for IaC. Your choice depends on:

  • Cloud strategy - Multi-cloud → Terraform
  • Team expertise - Existing knowledge matters
  • Requirements - Complexity and scale
  • Integration needs - AWS-native vs. multi-cloud

In my opinion, Terraform is better for:

  • Complex, multi-cloud environments
  • Teams wanting flexibility
  • Long-term infrastructure management

CloudFormation is better for:

  • AWS-only shops
  • Quick AWS deployments
  • Teams preferring managed services

What's your experience? Let me know in the comments!