Skip to main content

What is OpenTF?

OpenTF is an infrastructure as code tool that lets you define both cloud and on-prem resources in human-readable configuration files that you can version, reuse, and share. You can then use a consistent workflow to provision and manage all of your infrastructure throughout its lifecycle. OpenTF can manage low-level components like compute, storage, and networking resources, as well as high-level components like DNS entries and SaaS features.

How does OpenTF work?

OpenTF creates and manages resources on cloud platforms and other services through their application programming interfaces (APIs). Providers enable OpenTF to work with virtually any platform or service with an accessible API.

OpenTF creates and manages cloud platforms and services through their APIs

The OpenTF community have already written thousands of providers to manage many different types of resources and services. You can find all publicly available providers on the Public Terraform Registry, including Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), Kubernetes, Helm, GitHub, Splunk, DataDog, and many more.

The core OpenTF workflow consists of three stages:

  • Write: You define resources, which may be across multiple cloud providers and services. For example, you might create a configuration to deploy an application on virtual machines in a Virtual Private Cloud (VPC) network with security groups and a load balancer.
  • Plan: OpenTF creates an execution plan describing the infrastructure it will create, update, or destroy based on the existing infrastructure and your configuration.
  • Apply: On approval, OpenTF performs the proposed operations in the correct order, respecting any resource dependencies. For example, if you update the properties of a VPC and change the number of virtual machines in that VPC, OpenTF will recreate the VPC before scaling the virtual machines.

The OpenTF workflow has three steps: Write, Plan, and Apply

Why OpenTF?

Manage any infrastructure

Find providers for many of the platforms and services you already use in the Public Terraform Registry. You can also write your own. OpenTF takes an immutable approach to infrastructure, reducing the complexity of upgrading or modifying your services and infrastructure.

Track your infrastructure

OpenTF generates a plan and prompts you for your approval before modifying your infrastructure. It also keeps track of your real infrastructure in a state file, which acts as a source of truth for your environment. OpenTF uses the state file to determine the changes to make to your infrastructure so that it will match your configuration.

Automate changes

OpenTF configuration files are declarative, meaning that they describe the end state of your infrastructure. You do not need to write step-by-step instructions to create resources because OpenTF handles the underlying logic. OpenTF builds a resource graph to determine resource dependencies and creates or modifies non-dependent resources in parallel. This allows OpenTF to provision resources efficiently.

Standardize configurations

OpenTF supports reusable configuration components called modules that define configurable collections of infrastructure, saving time and encouraging best practices. You can use publicly available modules from the Terraform Registry, or write your own.

Collaborate

Since your configuration is written in a file, you can commit it to a Version Control System (VCS) and use a cloud backend to efficiently manage OpenTF workflows across teams. A cloud backend runs OpenTF in a consistent, reliable environment and provides secure access to shared state and secret data, role-based access controls, a private registry for sharing both modules and providers, and more.

Community

We welcome questions, suggestions, and contributions from the community.