Hey everyone 👋
If you're learning Terraform, you’ve probably been told it’s all about creating infrastructure. But here’s the thing — launching a virtual machine is only half the story.
The real question is: What happens after that VM is created? Is it configured? Is the app installed? Is it even usable?
That’s where provisioners come in — and trust me, they’re more powerful than they first appear.
Let me explain it the way I wish someone had when I was learning 👇
🛠️ Think of Provisioners Like a Post-Deployment Setup Crew
Imagine Terraform as a contractor who builds your house (spins up EC2, S3, etc.). Great! You have walls, a roof, electricity.
But… there’s no furniture. No internet. No paint on the walls.
Provisioners are like the team that walks in right after the house is built — setting up your Wi-Fi, installing furniture, and hanging that "Live. Laugh. Love." sign (don’t judge 😅).
⚙️ What Can Terraform Provisioners Do?
Provisioners let you run scripts or commands either:
✅ On your local machine (where Terraform is running)
✅ On a remote server (like an EC2 instance)
This is useful when you want to:
- Install packages (like NGINX)
- Copy configuration files
- Log information locally
- Trigger post-deploy actions
🧰 The Two Main Types You’ll Actually Use
Terraform supports three types of provisioners, but 99% of the time, you’ll only use these two:
| 🔧 Provisioner | 🏠 Runs Where | 💡 Common Use |
|---|---|---|
local-exec |
Your laptop (Terraform CLI) | Log outputs, call APIs, write to local files |
remote-exec |
The deployed server (like EC2) | Install packages, configure app, start services |
The third type is file, which lets you copy files to the remote server — useful, but not as common in most beginner setups.
💬 Real-Life Scenario
Let’s say you’re using Terraform to spin up an EC2 instance. Great!
Now you want to:
- Install NGINX on that EC2 instance
- Save its public IP in a local file for reference
Here’s how the two provisioners help:
| ✅ Task | 🧰 Provisioner |
|---|---|
| Install NGINX via SSH | remote-exec |
Save IP to server_ip.txt
|
local-exec |
Simple. But really useful.
🧪 What It Looks Like in Terraform
Here’s a simplified example combining both provisioners:
resource "aws_instance" "web" {
ami = "ami-123456"
instance_type = "t2.micro"
provisioner "remote-exec" {
inline = [
"sudo yum install -y nginx",
"sudo systemctl start nginx"
]
connection {
type = "ssh"
user = "ec2-user"
private_key = file("terraform-key.pem")
host = self.public_ip
}
}
provisioner "local-exec" {
command = "echo ${self.public_ip} > server_ip.txt"
}
}
🎉 After running terraform apply:
- EC2 is created
- NGINX is installed and running
- IP is saved to
server_ip.txt
That’s infrastructure and setup — all in one go.
🧱 Format Rules You Must Follow
| 🔑 Rule | ✅ What to Remember |
|---|---|
| Must be inside a resource block | Can’t define provisioners globally |
| Must declare the type | e.g., provisioner "remote-exec"
|
remote-exec needs connection info |
SSH username, key, and host |
local-exec only needs a command |
Runs locally, no connection required |
🤔 Should You Use Provisioners?
Here’s the deal:
Provisioners are great for:
- Quick one-off setups
- Demos and proof-of-concepts
- Bootstrapping when other tools aren't in place
But in production, you should ideally:
- Use configuration management tools (like Ansible)
- Bake software into AMIs or Docker images
- Avoid relying too heavily on provisioners (they’re not idempotent)
Still, learning provisioners gives you a deeper understanding of how infrastructure meets configuration — which is super valuable as a cloud or DevOps engineer.
🧠 Final Thoughts
Terraform Provisioners bridge the gap between launching infrastructure and making it usable.
They’re not the main event — but they are that extra touch that turns your deployed resources into real, working systems.
If you’re learning Terraform, try both local-exec and remote-exec. You’ll not only get more confident with scripting, but you’ll also get a feel for how the infrastructure pipeline can be end-to-end — from provisioning to configuration.
Want to share your favorite provisioner use case? Or just geeking out on Terraform? Let’s connect on LinkedIn — I’d love to see what you’re building 💬☁️
Top comments (0)