Not everything in your cloud account was created by Terraform. Maybe the VPC was built by another team using CloudFormation. Maybe the DNS zone was set up manually in the console two years ago. Maybe you need the latest Amazon Linux AMI and its ID changes every week. Data sources let Terraform read information from your cloud provider without managing the resource itself.
67 posts tagged with "Cloud"
Cloud computing fundamentals and best practices
View All TagsA developer once asked me: "Why can't my Lambda function reach the internet after I put it in a VPC?" The answer took 15 minutes to explain. VPC networking is where most AWS engineers hit a wall — and it's because nobody taught them the fundamentals first.
A developer hardcodes a storage account key in a GitHub repo. Twelve minutes later, a bot scrapes it and racks up $14,000 in crypto mining charges. This is not a hypothetical — it happens every week. Microsoft Entra ID exists to make sure your applications authenticate without secrets lying around in code.
Here's a scenario that happens every single day: a team launches a c5.4xlarge for an app that uses 8% CPU. That's $500/month wasted. Multiply by 50 instances and you're throwing away $25,000 every month. Let's fix that.
Your application generates 500 GB of log files per month, serves images to millions of users, and needs a message queue to coordinate background jobs. Three different problems, one Azure service. Azure Storage handles all of them — if you know which sub-service to pick.
Terraform by itself does not know how to create an EC2 instance, a Kubernetes pod, or a DNS record. It delegates that work to providers — plugins that translate your HCL into API calls. Understanding providers is understanding how Terraform actually talks to the outside world.