Hey everyone 👋
If you're getting into Terraform or cloud infrastructure automation, you've probably heard people talk about dependencies — specifically “implicit” and “explicit” ones.
At first, these terms confused me. But once I understood how Terraform builds things (and what happens when it builds them in the wrong order 😅), it clicked. And now I want to explain it the way I wish someone had explained it to me 👇
🍰 Think of It Like Cooking With a Recipe
Imagine you're baking a cake. Before you can mix the batter, you obviously need to have the ingredients. You don’t need someone to tell you “buy eggs before cracking them” — that’s obvious. But you might need a reminder to preheat the oven before putting the cake in.
Some steps are naturally ordered (implicit), and others need to be clearly stated (explicit).
Terraform works the same way.
🧠 What Are Dependencies in Terraform?
In Terraform, you’re defining what cloud resources you want (like an EC2 instance or an S3 bucket). But some resources rely on others being ready first.
So Terraform needs to know:
- What should be created first?
- What should wait?
- What’s okay to build at the same time?
There are two ways to define this:
| 🛠 Dependency Type | 🤖 How Terraform Knows |
|---|---|
| Implicit | Resource A uses values from Resource B |
| Explicit | You manually declare with depends_on
|
✅ Implicit Dependencies: Terraform Just Knows
Let’s say you're creating an EC2 instance that needs to be attached to a security group. You don’t need to explicitly tell Terraform to build the security group first — because you reference it in the EC2 code.
resource "aws_security_group" "prod" {
name = "production-sg"
}
resource "aws_instance" "app" {
ami = "ami-xyz"
instance_type = "t2.micro"
vpc_security_group_ids = [aws_security_group.prod.id] # 👈 Implicit dependency
}
Since the EC2 instance uses the ID from the security group, Terraform knows the security group must be created first.
💡 Analogy: Like saying “Use eggs from the fridge.” You’re not spelling out “Buy eggs first,” but the dependency is obvious.
⚠️ Explicit Dependencies: You Have to Say So
But what if you have an EC2 instance that relies on an S3 bucket, but you’re not referencing that bucket anywhere in the EC2 config?
Terraform won’t know the bucket needs to be created first unless you explicitly say so.
resource "aws_instance" "app" {
ami = "ami-xyz"
instance_type = "t2.micro"
depends_on = [aws_s3_bucket.mybucket] # 👈 Explicit dependency
}
💡 Analogy: Like writing on a recipe: “Step 1: Preheat the oven.” Without it, someone might skip the step — and your cake comes out a gooey mess.
🎯 When Do You Use Each?
| 🧩 Scenario | ✅ Use This |
|---|---|
One resource uses another’s value (like .id, .arn) |
Implicit |
| Resources don’t reference each other but must be ordered |
Explicit (depends_on) |
🧪 Real-World Example: Security Group and EC2
✅ Implicit Example:
vpc_security_group_ids = [aws_security_group.prod.id]
Terraform sees that the EC2 instance needs the ID from the security group, so it will:
- Build the security group
- Grab the ID
- Plug it into the EC2 config
- Then build the EC2 instance
⚠️ Explicit Example:
Imagine your EC2 instance must wait for an S3 bucket (used by your app), but there's no reference like .id or .arn. In that case:
depends_on = [aws_s3_bucket.storage]
Otherwise, Terraform might build the EC2 instance before the bucket — and your app could fail.
🧠 Why It Matters
Terraform is awesome because it parallelizes work. But if it builds things in the wrong order, bad things can happen:
- Your EC2 instance boots up without the required storage
- Your Lambda function deploys before the IAM role exists
- Your app tries to connect to a service that hasn’t been provisioned yet
Understanding how Terraform figures out resource order — and when you need to step in — is key to writing safe, production-grade infrastructure code.
✅ Quick Recap
| 📌 Thing to Remember | 🧠 Why It’s Important |
|---|---|
| Implicit dependencies use resource attributes | Safer, cleaner, more automated |
Explicit dependencies use depends_on
|
Required when no attribute link exists |
| Terraform builds in parallel by default | You must control the order if needed |
| Reference docs are your friend | Always check if you can reference .id or .arn
|
💬 Final Thoughts
Implicit and explicit dependencies are core Terraform skills. The more you understand them, the more confidently you can build real-world infrastructure — and avoid weird bugs or failed deployments.
If you're learning Terraform or building out your first real cloud project, I’d love to hear how you're handling dependencies (and if you’ve run into weird ordering issues before).
Let’s connect LinkedIn! I'm always down to learn and share from others building in the cloud 💬☁️
Top comments (0)