Migrating from CloudFormation to Terraform: A Step-by-Step Strategy for Infrastructure as Code Modernization
Forget the hype about “one-size-fits-all” IaC tools—CloudFormation’s AWS-centric approach can limit agility. As your cloud environment evolves beyond AWS or becomes more complex, sticking with CloudFormation alone may slow your ability to innovate quickly. This guide cuts through the noise to show why and how Terraform can future-proof your infrastructure management with practical migration tactics.
Why Move from CloudFormation to Terraform?
CloudFormation is a powerful Infrastructure as Code (IaC) tool tightly integrated with AWS. It’s great for managing AWS resources, but as organizations embrace multi-cloud strategies or require enhanced modularity and flexibility, Terraform increasingly becomes the go-to solution:
- Multi-cloud support: Manage AWS, Azure, GCP, and many other providers with a consistent IaC language.
- Extensibility & Modularity: Terraform modules enable reusable, shareable components.
- Vibrant community & ecosystem: Access a wide variety of providers, plugins, and community-written modules.
- State management & plan robustness: Terraform’s state file and
terraform planoffer clearer visibility into changes.
Preparing for the Migration: Initial Considerations
Migrating existing infrastructure definitions from CloudFormation to Terraform can be challenging if not handled carefully. Here’s your checklist before you start:
-
Assess Your Existing CloudFormation Templates
Take inventory of all your CloudFormation stacks and templates. Understand:
- What resources are deployed?
- Resource dependencies and stack relationships.
- Use of custom resources or macros.
-
Define Your Target Terraform Architecture
Decide on the Terraform project structure:
- Divide by environment (
prod,dev,stage) or by service/domain. - Define reusable modules for common components.
- Choose your state backend (e.g., Terraform Cloud, S3 with DynamoDB locking).
- Divide by environment (
-
Establish Ground Rules for Cutover
Consider whether you want a gradual, resource-by-resource migration or a one-time full transition. Typically, a gradual approach reduces risk.
Step 1: Translate CloudFormation Resources to Terraform Code
There is no direct automated tool that perfectly converts CloudFormation templates to Terraform configs, but you can accelerate the process with these strategies:
- Manual rewriting: Use CloudFormation docs alongside Terraform AWS Provider documentation to rewrite resources.
- Use former2 (https://former2.com): This online tool lets you generate Terraform configurations by inspecting your live AWS environment, which can help create baseline Terraform files corresponding to what’s currently deployed.
Example: Let’s take a CloudFormation snippet that provisions an S3 bucket:
Resources:
MyBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: my-app-bucket
VersioningConfiguration:
Status: Enabled
Equivalent Terraform:
resource "aws_s3_bucket" "my_bucket" {
bucket = "my-app-bucket"
versioning {
enabled = true
}
}
Step 2: Import Existing Resources into Terraform State
To avoid destroying and recreating live infrastructure, you can import existing AWS resources into Terraform state:
- Write the Terraform resource block that matches the resource.
- Run the import command:
terraform import aws_s3_bucket.my_bucket my-app-bucket
This tells Terraform to manage the existing bucket without modifying it during the next apply.
Tips:
- Import resources one at a time, verifying each after import.
- Use
terraform planto ensure no unwanted changes are detected.
Step 3: Modularize your Terraform Configuration
With your resources now represented in Terraform, it's best practice to:
- Extract common patterns into reusable modules, e.g., a module for S3 buckets.
- Parameterize configurations to support multiple environments.
- Use workspaces or separate state files per environment.
Example module structure:
modules/
└── s3_bucket/
├── main.tf
├── variables.tf
└── outputs.tf
environments/
├── prod/
│ └── main.tf
└── dev/
└── main.tf
Step 4: Handle CloudFormation-Specific Constructs
CloudFormation sometimes involves features Terraform doesn’t map to one-to-one:
- Custom AWS Lambda-backed resources: Rewrite the logic or recreate with Terraform’s
null_resourceand external scripts. - Stack Sets: May require more complex Terraform orchestration or external automation.
- Outputs and Parameters: Translate them into Terraform outputs and variables accordingly.
Step 5: Validate and Test Thoroughly
Before decommissioning CloudFormation stacks:
- Run
terraform planto verify expected changes. - Apply Terraform configs to non-production environments first.
- Use CI/CD pipelines to automate validations.
- Monitor resources post-migration closely.
Step 6: Decommission CloudFormation Stacks
Once your resources are fully managed in Terraform and tested:
- Delete the old CloudFormation stacks.
- Adjust your operational runbooks and documentation to align with Terraform workflows.
- Train the team on Terraform commands and state management.
Bonus: Using Terraform Cloud or Terraform Enterprise
For teams scaling Terraform usage, adopting Terraform Cloud or Terraform Enterprise for remote state management, collaboration, and policy enforcement is recommended as part of modernization.
Summary
Migrating from CloudFormation to Terraform doesn’t need to be daunting if you approach it stepwise:
| Step | Description |
|---|---|
| 1. Translate Templates | Convert CloudFormation YAML to Terraform HCL files |
| 2. Import Existing Resources | Use terraform import to onboard live infra |
| 3. Modularize | Build reusable modules for cleaner code |
| 4. Handle CloudFormation Nuances | Adapt custom resources and unique features |
| 5. Validate & Test | Confirm Terraform plans match expectations |
| 6. Decommission CloudFormation | Remove legacy stacks carefully |
Moving your IaC to Terraform modernizes your operations with multi-cloud flexibility, better modularity, and a vibrant ecosystem — future-proofing your infrastructure as your cloud footprint grows.
Ready to get started?
Begin by auditing one CloudFormation stack and recreate it in Terraform using former2 for resource discovery. Test importing resources, and slowly replace CloudFormation resources piece by piece. With clear steps and a careful approach, the migration will empower your team with a modern, scalable IaC platform.
Have you migrated from CloudFormation to Terraform? Share your experience or questions below!