Terraform

Terraform & Terragrunt Zero-to-Hero

A five-tier mastery path — Foundation to Specialist — for Terraform & Terragrunt: author modules for every service, orchestrate multi-environment infrastructure, enforce approval gates, and run an enterprise IaC platform.

Foundation → Intermediate → Advanced → Expert → Specialist ~160 hours 42 of 42 lessons ready HashiCorp Terraform Associate (003)
Start the course

A complete, job-oriented path through Terraform and Terragrunt: HCL and the core workflow, state and remote backends, authoring and versioning reusable modules, Terragrunt DRY multi-environment orchestration, CI/CD approval gates, policy-as-code, testing, drift recovery, and enterprise IaC platforms — plus Pulumi, CDKTF, CloudFormation and Ansible.

What you’ll be able to do

  • Write Terraform confidently — HCL, providers, the core workflow and state
  • Author, test, version and publish reusable modules for any cloud
  • Orchestrate dev/uat/staging/prod with Terragrunt — DRY, dependencies, remote state
  • Enforce approval gates, policy-as-code and OIDC keyless auth in CI/CD
  • Recover from drift and state corruption, and operate state at scale
  • Architect an enterprise IaC platform and be Terraform-Associate-ready

Prerequisites

  • Basic IT literacy and a terminal — no prior IaC experience required
  • A free cloud account (AWS/Azure/GCP) for the hands-on labs

Who it’s for

Engineers new to IaC, cloud engineers standardising infrastructure, and people preparing for the HashiCorp Terraform Associate or real platform-engineering work.

Curriculum

Tier 1 · Foundation — Terraform Basics (Associate)

Start at zero: what IaC is, HCL, the core workflow, state, and authoring your first reusable module.

  1. 1 Terraform Fundamentals: HCL, Providers, State & the Core Workflow Junior 21 min read
  2. 2 Infrastructure as Code: Core Concepts — State, Plan/Apply, Drift & Idempotency Junior 17 min read
  3. 3 Authoring Terraform Modules: Structure, Inputs/Outputs, Versioning & Publishing Intermediate 24 min read

Tier 2 · Intermediate — State, Remote Backends & HCL Depth

Scale beyond a laptop: remote state, dynamic blocks & complex types, and safe refactoring.

  1. 4 Terraform Remote State at Scale: Backends, Locking, Splitting, and State Surgery Advanced 14 min read
  2. 5 Mastering Terraform Dynamic Blocks, Complex Types, and Variable Validation Advanced 15 min read
  3. 6 Refactoring Terraform Safely with moved, import, and removed Blocks Advanced 14 min read

Tier 2 · Intermediate — Terragrunt

Stay DRY at scale: Terragrunt fundamentals, multi-account environments, and monorepo run-all.

  1. 7 Terragrunt Fundamentals: DRY Configurations, Remote State & Dependencies Intermediate 24 min read
  2. 8 DRY Multi-Environment Infrastructure with Terragrunt: Stacks, Dependencies, and Promotion Intermediate 13 min read
  3. 9 Scaling Terragrunt Monorepos with Dependency Graphs and run-all Advanced 16 min read

Tier 3 · Advanced — Multi-Environment & CI/CD Approval Gates

Promote dev→uat→staging→prod safely: the 3-tier pattern, OIDC PR automation, Atlantis and Spacelift.

  1. 10 Multi-Environment 3-Tier Infrastructure with Terragrunt & CI/CD Approval Gates Advanced 24 min read
  2. 11 A Production Terraform CI/CD Pipeline on GitHub Actions with OIDC Advanced 16 min read
  3. 12 Deploy Atlantis for Pull-Request Terraform Automation with Server-Side Workflows Intermediate 18 min read
  4. 13 Configure Spacelift Stacks, OPA Policies, and Drift Detection for Terraform GitOps Advanced 18 min read

Tier 3 · Advanced — Policy-as-Code & Security

Guardrails on every plan: Checkov/tfsec/Trivy, OPA/Conftest, Sentinel, and secrets in IaC.

  1. 14 Building a Multi-Tool IaC Security Scanning Gate with Checkov and Trivy Advanced 16 min read
  2. 15 Policy-as-Code for Terraform with OPA and Conftest on the Plan JSON Advanced 15 min read
  3. 16 Enforcing Governance with HashiCorp Sentinel Policy Sets and Mocks Advanced 15 min read
  4. 17 Eliminating Long-Lived Secrets in IaC with Vault Dynamic Credentials Expert 14 min read

Tier 3 · Advanced — Testing & Provider Development

Prove modules work: native testing + Terratest, and building your own provider.

  1. 18 Testing Terraform for Real: Native terraform test, Terratest, and Policy Checks in CI Advanced 13 min read
  2. 19 Building a Custom Terraform Provider with the Plugin Framework Expert 16 min read

Tier 3 · Advanced — State Operations, Drift & Orchestration

Operate state in anger: drift reconciliation, state surgery/recovery, and stacks orchestration.

  1. 20 Detecting and Reconciling Terraform Drift Without Nuking Production Advanced 14 min read
  2. 21 Terraform State Surgery: Recovering from Corruption, Locks, and Split-Brain Expert 16 min read
  3. 22 Orchestrating Multi-Environment Infrastructure with Terraform Stacks Expert 16 min read

Tier 4 · Expert — IaC Tool Selection

Choose the right tool: Terraform vs Terragrunt vs Ansible vs Pulumi.

  1. 23 Terraform vs Terragrunt vs Ansible vs Pulumi: Which IaC Tool, When? Intermediate 17 min read

Tier 5 · Specialist — Alternative IaC & Multi-Cloud

Beyond Terraform: Pulumi, CDKTF, CloudFormation, Crossplane and Bicep.

  1. 24 Programmatic IaC with Pulumi and TypeScript: Component Resources and the Automation API Intermediate 13 min read
  2. 25 Advanced Pulumi in Python: Dynamic Providers and Stack References Advanced 16 min read
  3. 26 Programmatic Infrastructure with CDK for Terraform in TypeScript Advanced 15 min read
  4. 27 Advanced CloudFormation: StackSets, Custom Resources, Hooks, and Drift at Org Scale Expert 16 min read
  5. 28 Extending CloudFormation with Macros, Transforms, and CDK Escape Hatches Expert 16 min read
  6. 29 Building an Internal Cloud API with Crossplane Compositions and XRDs Expert 17 min read
  7. 30 Shipping Azure Workloads with Bicep: Deployment Stacks, what-if, and a CI Pipeline Intermediate 14 min read
  8. 31 Operating a Bicep Private Module Registry and Templating at Scale Advanced 15 min read

Tier 5 · Specialist — Configuration Management (Ansible)

Configure servers idempotently: Ansible collections/testing and dynamic inventory.

  1. 32 Engineering Idempotent Ansible Collections with Molecule Testing Advanced 16 min read
  2. 33 Dynamic Inventory and Secure Secrets for Ansible at Cloud Scale Advanced 16 min read

Tier 5 · Specialist — 3rd-Party Integrations & On-Prem Provisioning

Terraform everywhere: Datadog, Snowflake, vSphere/Packer, Nutanix and OpenStack.

  1. 34 Configure Datadog Monitors, SLOs, and Synthetic Browser Tests as Code with Terraform Advanced 18 min read
  2. 35 Set Up Snowflake RBAC, Resource Monitors, and Warehouse Auto-Suspend with Terraform Intermediate 17 min read
  3. 36 Provision VMware vSphere Clusters with Packer and Terraform Golden Images Intermediate 18 min read
  4. 37 Set Up Nutanix AHV Clusters with Prism Central and the Terraform NX Provider Advanced 18 min read
  5. 38 Provision OpenStack Compute and Networking with Terraform and Heat Templates Advanced 18 min read

Track · Troubleshooting (Easy → Complex)

Diagnose anything: state, providers, drift, dependencies and CI/CD failures.

  1. 39 Terraform Troubleshooting: State, Providers, Drift, Dependencies & Debugging Intermediate 26 min read

Track · Architecting (Easy → Complex)

Turn requirements into IaC platforms: a six-rung ladder from a single module to an enterprise platform.

  1. 40 The Terraform Architecting Ladder: From a Single Module to an Enterprise IaC Platform Advanced 30 min read

Track · Certification Center

Pass the exam: the HashiCorp Terraform Associate (003) prep kit.

  1. 41 HashiCorp Terraform Associate (003) Prep Kit: Objectives, Practice Questions & Cheat Sheet Advanced 26 min read

Track · Job-Ready — Projects

Get hired: a six-project portfolio ladder from a first module to a multi-cloud platform.

  1. 42 Real-World Terraform Portfolio Projects: From a First Module to a Multi-Cloud Platform Advanced 19 min read
All courses Browse all Terraform articles