/ academy
Join today
Write your awesome label here.

Terraform: The Complete Course

Master Infrastructure as Code. Learn solid fundamentals of Terraform and HCL, build production-ready modules, automate state management, and implement secure, production-ready workflows.
🏅 Included in the PRO membership!
Write your awesome label here.

236 Lectures

Comprehensive Knowledge

21 Hours

Video Duration

60+ Labs

Focus on Practice

Course Certificate

Validate Your Learning
What you are going to learn

Your Path to Scalable, Secure Infrastructure Automation

This course takes you from understanding why Infrastructure as Code matters to confidently managing real AWS infrastructure with Terraform. You will learn the HashiCorp Configuration Language from the ground up, covering resources, variables, locals, outputs, and data sources. Every concept is reinforced through practical projects including deploying a networked EC2 instance with Nginx, provisioning IAM users and roles from configuration files, and deploying a production-grade RDS database module with comprehensive validation.

By the end of this course, you will be able to write modular, reusable Terraform code with proper variable validation, manage state safely using remote backends, import and refactor existing infrastructure, and integrate Terraform Cloud with OIDC-based authentication for secure, keyless CI/CD workflows. You will leave with the practical skills and professional habits needed to own infrastructure-as-code in a real team environment.

By completing this course, you will be able to:

  • Explain the principles of Infrastructure as Code and the benefits Terraform brings to cloud teams
  • Write Terraform configurations using resources, data sources, variables, locals, and outputs
  • Manage resource dependencies, lifecycle behaviors, and meta-arguments like count and for_each
  • Validate input variables with custom conditions and meaningful error messages
  • Provision real AWS infrastructure including VPCs, EC2 instances, security groups, IAM, and RDS
  • Organize code into reusable modules with clean interfaces and documentation
  • Manage Terraform state with remote backends, state locking, and workspace isolation
  • Import existing cloud resources into Terraform state and refactor configurations
  • Move and remove resources from state safely without destroying infrastructure
  • Use functions, expressions, and complex types to handle dynamic configurations
  • Apply YAML-driven configuration patterns for non-technical team input
  • Implement pre-conditions and post-conditions for deployment-time validation
  • Apply professional best practices for code organization, naming, security, and team collaboration

Course Contents

01

Introduction

Course Introduction
01:44
How to Make the Most of This Course
03:48
Let's Stay Connected!
00:28
Course Resources
00:55

02

Tools & Setup

Establish the secure foundation required for your infrastructure journey by creating an AWS account and implementing security best practices, such as enabling MFA and creating a dedicated administrative user. You will also configure your local environment by installing Terraform, the AWS CLI, and essential VS Code extensions, ensuring you are fully prepared to write and deploy infrastructure code.
AWS Account Setup - Creating the Account
05:07
AWS Account Setup - Adding MFA to the Root User
01:57
AWS Account Setup - Creating a New Admin User
07:00
[Windows Users] Note about enabling the WSL Windows feature
00:47
Windows only users - Installing Windows Subsystem for Linux
03:54
Windows only users - Windows Subsystem for Linux Features
06:10
Terraform Setup - Installing Terraform
02:07
Terraform Setup - Installing the AWS CLI
01:00
Terraform Setup - Note about the directory!
00:23
Terraform Setup - Authenticating into AWS
03:20
IDE Setup - VS Code Useful Extensions
01:09

03

Introduction to Infrastructure as Code (IaC) and Terraform

Explore the fundamental shift from manual infrastructure management to Infrastructure as Code (IaC) by building a VPC using both methods to compare the workflow. You will examine the architecture of Terraform, including how providers interact with APIs and the importance of the Registry. Finally, execute the full Terraform lifecycle—init, plan, apply, and destroy—to provision and clean up real AWS resources.
What Is Infrastructure as Code (IaC)?
05:03
Benefits of Infrastructure as Code
08:45
[Exercise] Creating Infrastructure Manually in AWS - Overview
00:19
[Exercise] Creating Infrastructure Manually in AWS
08:53
[Exercise] Creating Infrastructure with Terraform - Overview
00:38
[Exercise] Creating Infrastructure with Terraform
08:05
Why Use Terraform?
03:13
Terraform’s Architecture
06:13
Stages of Provisioning Infrastructure
04:35
[Exercise] Exploring Terraform Stages - Overview
00:25
[Exercise] Exploring Terraform Stages
09:07

04

Terraform Building Blocks

Gain a solid understanding of the HashiCorp Configuration Language (HCL) syntax by exploring core blocks such as resources, data sources, variables, and outputs. You will build your first fully functional Terraform project, diving deep into state management, configuring remote backends with S3, and leveraging multiple providers to deploy resources across different AWS regions.
[Exercise] The HashiCorp Configuration Language (HCL) - Overview
00:59
Introduction to HashiCorp Configuration Language (HCL)
10:36
Terraform Configuration
04:56
[Exercise] Our First Terraform Project - Overview
00:25
[Exercise] Our First Terraform Project - Creating Resources
05:09
[Exercise] Terraform CLI - Overview
00:17
[Exercise] Terraform CLI - Exploring the Most Common Commands
11:52
Terraform State
04:42
[Demo] Inspecting the State of Our Project
06:29
Backends in Terraform
04:37
[Exercise] Setting Up a Remote S3 Backend - Overview
00:20
[Exercise] Setting Up a Remote S3 Backend
09:55
IMPORTANT - Deprecation of DynamoDB Table for State Locking
01:21
[Exercise] - Partial Backend Configuration - Overview
00:22
[Exercise] - Partial Backend Configuration
08:13
Terraform Providers
02:16
[Exercise] - Working with Providers - Overview
00:33
[Exercise] - Working with Providers
09:52

05

Resources

Gain a deep understanding of Terraform resources, the fundamental units of your infrastructure. This section covers how to define resources, manage implicit and explicit dependencies, and utilize meta-arguments like count, for_each, and lifecycle rules. You will apply this knowledge by building a complete project that deploys a web server inside a custom VPC, handling security groups, public access, and resource cleanup.
Introduction to Resources
03:34
Resource Dependencies
03:27
Meta-Arguments
05:28
VPC and EC2 Project - Project Overview
01:14
VPC and EC2 Project - Launching the VPC and Subnet
11:14
VPC and EC2 Project - Provisioning the Internet Gateway
08:05
VPC and EC2 Project - Extracting Common Tags
07:16
VPC and EC2 Project - Launching the EC2 Instance
12:54
VPC and EC2 Project - Understanding Security Groups
05:26
VPC and EC2 Project - Creating a Custom Security Group
08:42
VPC and EC2 Project - Deploying an NGINX EC2 Instance
10:50
VPC and EC2 Project - Wrap-Up and Destroying Resources
06:52

06

Project - S3 Static Website

Create a fully functional static website hosted on AWS S3 by automating the entire provisioning process with Terraform. You will configure an S3 bucket with a randomized name, enforce security policies to allow public read access, upload HTML content directly via code, and expose the website URL as an output for easy access.
Project Overview
00:59
Deploying an S3 Bucket
04:14
Disabling Public Access Block
12:12
Configuring the S3 Static Website
05:54
Uploading Files to S3 via Terraform
06:48

07

Data Sources

Unlock the power of Data Sources to reference infrastructure components not managed by your current Terraform configuration. You will learn how to dynamically query AWS for the latest Ubuntu AMIs, retrieve context-aware details like the current region and account ID, and construct complex IAM policy documents programmatically. By the end, you will be able to integrate existing resources such as VPCs and Subnets into your projects without hardcoding values.
Introduction to Data Sources
02:50
[Exercise] Fetching AMI Data - Overview
00:36
[Exercise] Fetching AMI Data
19:26
[Exercise] Fetching AWS Account Information and Region - Overview
00:28
[Exercise] Fetching AWS Account Information and Region
06:58
[Exercise] Fetching VPC Data - Overview
00:33
[Exercise] Fetching VPC Data
06:18
[Demo] Fetching AWS Availability Zones
06:19
[Exercise] Creating AWS IAM Policies - Overview
00:36
[Exercise] Creating AWS IAM Policies
06:23

08

Input Variables, Locals and Outputs

Learn how to parameterize your Terraform code using input variables to make your configurations reusable and dynamic. You will explore advanced techniques such as type validation, complex data structures, and the use of tfvars files. Additionally, you will master locals for intermediate calculations and outputs to expose critical information, enabling better modularity and data sharing across your infrastructure.
Input Variables
03:41
[Exercise] Declaring and Using Input Variables - Overview
00:35
[Exercise] Declaring and Using Input Variables
14:40
[Exercise] Typing and Validating Input Variables - Overview
00:20
[Exercise] Typing and Validating Input Variables
08:26
[Exercise] Map and Object Variables - Overview
00:23
[Exercise] Map and Object Variables
06:27
[Exercise] Working with .tfvars Files - Overview
00:33
[Exercise] Working with .tfvars Files
07:30
[Exercise] Working with .auto.tfvars Files - Overview
00:17
[Exercise] Working with .auto.tfvars Files
05:08
[Demo] Variable Precedence Order
09:06
[Demo] Code Cleanup
02:26
[Exercise] Working with Locals - Overview
00:37
[Exercise] Working with Locals
11:20
[Exercise] Working with Outputs - Overview
00:18
[Exercise] Working with Outputs
07:43
[Exercise] Working with Sensitive Values - Overview
00:18
[Exercise] Working with Sensitive Values
07:29

09

Expressions and Functions

Unlock the full potential of Terraform's configuration language by mastering expressions and built-in functions. You will learn to perform mathematical and logical operations, manipulate lists and maps with for loops and splat expressions, and dynamically load and decode data from external files like YAML and JSON. These skills will enable you to write more concise, dynamic, and powerful infrastructure code.
[Exercise] Operators in Terraform - Overview
00:18
[Exercise] Operators in Terraform
05:32
[Exercise] Using for Expressions with Lists - Overview
00:44
[Exercise] Using for Expressions with Lists
10:41
[Exercise] Using for Expressions with Maps - Overview
00:21
[Exercise] Using for Expressions with Maps
07:05
[Exercise] Transforming Lists into Maps and Vice Versa - Overview
00:26
[Exercise] Transforming Lists into Maps and Vice Versa
12:02
[Demo] Using Splat Expressions
05:45
Introduction to Functions
05:59
[Exercise] Working with Functions - Overview
00:29
[Exercise] Working with Functions
07:49

10

Creating Multiple Resources

Unlock the ability to deploy scalable infrastructure by creating multiple resource instances from a single configuration block. You will master the count meta-argument for simple replications and progress to for_each for more complex, map-based deployments. Along the way, you will learn to manage dependencies, validate configurations, and dynamically assign attributes like subnets and AMIs to avoid code duplication.
Working with count and for_each
04:35
[Exercise] Creating Multiple Subnets with the Count Meta-Argument - Overview
00:22
[Exercise] Creating Multiple Subnets with the Count Meta-Argument
11:29
[Exercise] Referencing Resources with the Count Meta-Argument - Overview
00:18
[Exercise] Referencing Resources with the Count Meta-Argument
10:51
[Exercise] Creating EC2 Instances based on a List Variable - Overview
00:25
[Exercise] Creating EC2 Instances based on a List Variable
07:48
[Exercise] Allowing Multiple AMIs in the EC2 Configuration Variable - Overview
00:28
[Exercise] Allowing Multiple AMIs in the EC2 Configuration Variable
07:15
[Exercise] Adding Validation to the List Variable - Overview
00:28
[Exercise] Adding Validation to the List Variable
11:50
[Exercise] Creating EC2 Instances based on a Map Variable - Overview
00:27
[Exercise] Creating EC2 Instances based on a Map Variable
11:14
[Exercise] Adding Validation to the Map Variable - Overview
00:18
[Exercise] Adding Validation to the Map Variable
06:28
[Exercise] Extending the Configuration to Receive Subnet Information - Overview
00:22
[Exercise] Extending the Configuration to Receive Subnet Information
13:36

11

Project - IAM User Management

This section presents an advanced project where you will implement a complete IAM management system. You will learn to parse external YAML files to dynamically create IAM users and assign them specific roles based on configuration. Through practical exercises, you will master the creation of roles, attachment of AWS managed policies, and the implementation of strict AssumeRole policies to ensure least-privilege access for each user.
Project Overview
01:42
Storing User and Role Information in YAML
08:25
Creating Users in AWS
04:23
IMPORTANT! Update Regarding Outputting Passwords
01:39
Creating User Passwords
07:30
Understanding AWS Managed Policies
04:54
Creating Roles
09:47
Defining Assume Role Policies for Each Role
11:04
Restricting Which Principals Can Assume Each Role
18:13
Testing, Wrap-Up and Project Conclusion
13:32

12

Modules

Master the full lifecycle of Terraform modules, from consuming public modules to designing and publishing your own. You will learn the standard module structure, implement a robust VPC module with advanced features like dynamic subnet creation and input validation, and finally publish your module to the Terraform Registry for broader consumption.
What Are Modules?
03:38
The Standard Module Structure
02:38
Browsing Public Modules in the Terraform Registry
09:35
Exploring the AWS VPC Module GitHub Repository
10:45
[Exercise] Using the Public AWS VPC Module - Overview
00:13
[Exercise] Using the Public AWS VPC Module
10:52
[Exercise] Using the Public AWS EC2 Module - Overview
00:33
[Exercise] Using the Public AWS EC2 Module
17:19
Module Design Best Practices
07:56
[Exercise] Building Our Own VPC Module - Overview
00:24
[Exercise] Building Our Own VPC Module
09:55
[Exercise] Migrating to Object Variables - Overview
00:22
[Exercise] Migrating to Object Variables
04:25
[Exercise] Receiving Subnet Configuration via Variables - Overview
00:26
[Exercise] Receiving Subnet Configuration via Variables
07:47
[Exercise] Validating the Received Availability Zones - Overview
00:23
[Exercise] Validating the Received Availability Zones
08:33
[Exercise] Supporting Public and Private Subnets - Overview
00:31
[Exercise] Supporting Public and Private Subnets
10:59
[Exercise] Defining the Module’s Outputs - Overview
00:18
[Exercise] Defining the Module’s Outputs
13:03
[Demo] Populating the License and README Files
05:26
[Exercise] Testing the Module with EC2 Instances - Overview
00:20
[Exercise] Testing the Module with EC2 Instances
05:09
Publishing Modules in the Terraform Registry
02:34
[Demo] Publishing Our Networking Module
14:09

13

Object Validation

Ensure the reliability and correctness of your infrastructure by implementing advanced validation techniques. You will learn to use precondition blocks to validate inputs before resource creation, postcondition blocks to verify resource attributes after deployment, and check blocks to issue warnings for best practice violations without halting the execution flow.
Preconditions and Postconditions
02:50
[Exercise] Working with Preconditions - Overview
00:21
[Exercise] Working with Preconditions
06:47
[Exercise] Working with Postconditions - Overview
00:29
[Exercise] Working with Postconditions
16:04
When Are Preconditions and Postconditions Run?
03:37
[Exercise] Working with Check Blocks - Overview
00:24
[Exercise] Working with Check Blocks
11:35

14

State Manipulation

Gain control over your infrastructure's lifecycle by mastering advanced state manipulation techniques. You will learn how to refactor your code without destroying resources using moved blocks, import existing infrastructure into Terraform management, and force resource recreation using taint and the -replace flag when things go wrong.
Introduction to State Manipulation
03:32
[Exercise] Refactoring Terraform Resources - Overview
00:24
[Exercise] Refactoring Terraform Resources
17:06
[Exercise] Importing Existing Infrastructure into Terraform - Overview
00:24
[Exercise] Importing Existing Infrastructure into Terraform
16:52
[Exercise] Removing Infrastructure from Terraform - Overview
00:31
[Exercise] Removing Infrastructure from Terraform
09:08
[Exercise] Replacing Resources with the Taint Command - Overview
00:26
[Exercise] Replacing Resources with the Taint Command
16:03

15

Project - Importing Lambda Resources

Tackle the challenge of managing legacy or manually created infrastructure with Terraform. You will start by building a Lambda function in the AWS console and then methodically import the function, its IAM roles, and CloudWatch log groups into your Terraform state using code generation and manual refinement. By the end, you will have a fully code-managed deployment that can be updated, tagged, and destroyed programmatically.
Project Overview
00:59
Creating a Lambda Function Manually
04:48
Importing the Lambda Function
06:58
Importing the Function Code
11:57
Importing the Function Role
07:00
Importing the Role Policy
10:07
Refactoring the Imported Policy
06:39
Importing the CloudWatch Log Group
09:27
Creating Additional Resources and Project Wrap-Up
08:48

16

Project - RDS Module

Create a production-ready RDS module that encapsulates database provisioning logic. You will implement extensive variable validation using regex and data sources to enforce security best practices, such as ensuring private subnet deployment and restricting security group rules. By the end, you will have a modular solution that simplifies database management while maintaining strict compliance standards.
Project Overview
00:36
Defining the Necessary Steps and Validations
02:51
Exploring the AWS RDS Resource in Terraform
04:10
Defining Necessary Module Variables
11:31
Testing Variable Validation
08:55
Creating Module Variables for Subnet and Security Group IDs
08:15
Implementing Default VPC Validation
09:11
Testing Default VPC Validation
06:47
Implementing and Testing Private Tag Validation
11:13
Implementing Security Group Rule Validation
10:33
Testing Security Group Rule Validation
08:48
Understanding the Different Data Sources for Security Group Rules
05:03
IMPORTANT! PostgreSQL Version Update for Upcoming Lecture
03:13
Deploying the RDS Instance
15:40
Project Wrap-Up and Clean Up
01:11

17

Terraform Workspaces

Manage multiple environments, such as development, staging, and production, from a single configuration directory using Terraform workspaces. You will learn to create and switch between workspaces, isolate state files, and dynamically configure resources based on the active environment without resorting to complex logic. This section also covers best practices for avoiding pitfalls and efficiently managing environment-specific variables.
Introduction to CLI Workspaces
02:47
[Exercise] Creating Workspaces in the CLI - Overview
00:28
[Exercise] Creating Workspaces in the CLI
06:10
[Exercise] Working with Multiple Workspaces - Overview
00:25
[Exercise] Working with Multiple Workspaces
06:22
[Exercise] Using .tfvars to Store Workspace-Specific Configuration - Overview
00:25
[Exercise] Using .tfvars to Store Workspace-Specific Configuration
06:06
[Demo] Resource and Workspace Cleanup
04:15

18

Terraform Cloud

Execute Terraform code securely in a remote environment using Terraform Cloud. You will learn to manage workspaces, trigger runs via CLI and VCS integrations, and utilize advanced features like speculative plans and private module registries. This section guides you through the full lifecycle of a Terraform Cloud project, from initial setup and authentication to resource deployment and cleanup.
What is Terraform Cloud?
02:07
Terraform Cloud Workspaces
03:06
Triggering Runs in Terraform Cloud
02:13
[Exercise] - Creating a Workspace in Terraform Cloud - Overview
00:18
[Exercise] - Creating a Workspace in Terraform Cloud
04:12
[Demo] - Logging into Terraform Cloud in the Terminal
04:03
[Exercise] - Creating Our First Resource with Terraform Cloud - Overview
00:27
[Exercise] - Creating Our First Resource with Terraform Cloud
02:24
[Exercise] - Authenticating into AWS and Creating an S3 Bucket - Overview
00:43
[Exercise] - Authenticating into AWS and Creating an S3 Bucket
10:32
[Exercise] - Working with Workspace Variables - Overview
00:23
[Exercise] - Working with Workspace Variables
05:01
[Demo] - Exploring State and Other Workspace Information in Terraform Cloud
05:39
[Demo] - Integrating a GitHub Repository with Terraform Cloud
04:06
[Exercise] - Creating a VPC and Subnet via VCS Integration - Overview
00:20
[Exercise] - Creating a VPC and Subnet via VCS Integration
06:54
[Exercise] - Triggering Speculative Plans from Pull Requests - Overview
00:27
[Exercise] - Triggering Speculative Plans from Pull Requests
04:28
[Exercise] - Publishing Modules in Private Registries - Overview
00:23
[Exercise] - Publishing Modules in Private Registries
12:14
[Exercise] - Terraform Cloud Resource Cleanup - Overview
00:19
[Exercise] - Terraform Cloud Resource Cleanup
02:34

19

Project - Terraform Cloud OIDC

Implement a robust security posture by configuring OpenID Connect (OIDC) authentication between Terraform Cloud and AWS. You will manually create the necessary identity providers and roles in AWS, test the integration, and then import these resources into Terraform for management. Finally, you will extend the configuration to allow multiple workspaces to assume roles dynamically, replacing risky static credentials with short-lived tokens.
Project Overview
00:56
Creating the Identity Provider in AWS
05:17
Implementing the Terraform Cloud Role
07:55
Attaching the Necessary Role Policies
02:56
Initializing the Terraform Cloud CLI-Driven Project
05:40
Creating Variable Sets for Role Information
06:30
Importing the OIDC Provider into Terraform
10:06
Importing the Role into Terraform
10:29
Importing the Policy Attachment into Terraform
05:39
Extending the OIDC Provider to Allow Other Workspaces + Project Wrap-Up
12:23

20

Conclusion

IMPORTANT! Cleaning Up All Our AWS Resources
00:28
Conclusion
00:21
Certificate of Completion

Frequently asked questions

Who is this course designed for?

This course is built for professionals and students who want to master Infrastructure as Code and stop managing resources manually. It is specifically designed for:
  • DevOps Engineers and SREs: Who want to automate infrastructure provisioning, eliminate configuration drift, and implement secure, state-managed workflows.
  • Platform Engineers: Who need to build reusable modules and self-service interfaces that allow development teams to provision their own infrastructure safely.
  • System Administrators: Who are transitioning from on-premises hardware or manual cloud console management to modern, code-defined infrastructure.
  • Software Developers: Who want to understand the infrastructure their applications run on and manage resources like databases and queues alongside their application code.
  • Cloud Architects: Who need to design scalable, modular infrastructure patterns that enforce security and compliance standards across an organization.

What prior knowledge do I need before taking this course?

To get the most out of this training, you should be comfortable using a command line interface (terminal). Basic familiarity with Git operations (clone, commit, push) is required for the Terraform Cloud and VCS integration sections. While no prior Terraform experience is necessary, a general understanding of cloud concepts (what is a virtual machine, what is a load balancer, and so on) will help you grasp the "why" behind the infrastructure we build.

What software or hardware do I need for the hands-on labs?

You will need a computer capable of running Visual Studio Code (or your preferred text editor) and the Terraform CLI. You will also need an active account with a major cloud provider to follow the hands-on labs. The course includes a specific setup guide for Windows users to install the Windows Subsystem for Linux (WSL), ensuring a consistent experience across all operating systems.

Will I incur costs from the cloud provider while taking this course?

The course is designed to stay almost entirely within the Free Tier limits. We primarily use resources that are free or very low cost, such as micro compute instances and standard storage buckets. We also include specific lectures on resource destruction and cleanup to ensure you do not leave active resources running that could generate unexpected bills.

Does this course cover Terraform Cloud?

Yes. This course includes a dedicated module that covers Terraform Cloud. You will move beyond local state management to learn how to use remote workspaces, trigger runs via Version Control Systems (VCS), and implement secure authentication workflows using OpenID Connect (OIDC).

Do I need to know a programming language like Python or Go?

No. Terraform uses HashiCorp Configuration Language (HCL), which is a declarative language designed specifically for infrastructure. We teach HCL from scratch, covering everything from basic syntax to advanced functions and expressions. While logic concepts like loops and conditionals are used, you do not need a background in traditional software development to succeed.

We use cookies to provide you with an optimal experience and relevant communication. Learn more or accept individual cookies.

Necessary

Necessary cookies (First Party Cookies) are sometimes called "strictly necessary" as without them we cannot provide the functionality that you need to use this website. For example, essential cookies help remember your preferences as you navigate through the online school.

Functional

Functional cookies enable this website to provide enhanced functionality and personalization, by remembering information you have entered and choices you make. These preferences are remembered through the use of persistent cookies, so that you will not have to set them again the next time you visit the website.

Analytics

Analytics cookies track information about visits on our website so that we can measure and improve its performance, as well as optimize our course content. These cookies help us analyze user behavior by tracking the number of visits, how visitors use the website, which site or page they come from and how long they are staying for.

Marketing

Marketing cookies are used to deliver advertising material relevant to you and your interests. They are also used to limit the number of times you see an advertisement, resulting to more targeted advertising, as well as help us measure the effectiveness of our campaigns. They are usually placed by advertising networks we collaborate with, with our permission.