3. Providers

Providers in Terraform are the translation layer between Terraform code and the API calls needed to actually do anything. Terraform without providers would be of no use, though it does come with various generic providers built-in. More commonly, users would use an external provide to build resources on that platform, e.g. the Akamai provider can be used to build Akamai resources, the AWS provider for AWS, and so on.

Provider code is written in GoLang (as is Terraform itself) and is beyond the scope of this course, but it is useful to know that there is nothing preventing you writing your own provider and adding functionality to Terraform. Hashicorp, the company behind Terraform, provides a gallery of Providers, which you can reference in your code, and Terraform will be able to download directly. You can also configure custom providers elsewhere (on an internal repository, for example) which your code can reference.

Using a provider

In your Terraform code (any .tf file in your code directory), you must declare which providers (and you can use multiple ones) you need, and which version of each provider you wish to use. This is done in the required_providers map within the terraform configuration block. Then, if required, you can provide configuration options to that provider in its own provider block.

terraform {
  required_providers {
    akamai = {
      source  = "akamai/akamai"
      version = ">= 6.1.0"
    }
  }
  required_version = ">= 1.8"
}
 
provider "akamai" {
  edgerc         = "~/.edgerc"
  config_section = "default"
}

Required Providers

In the required_providers block, we state that we need the provider akamai from the org akamai, and at least version 6.4.0. When you run terraform init Terraform will go to the Hashicorp gallery and retrieve the compiled code of the version in question, storing it in the .terraform directory where you ran the command. If there is a newer version Terraform will install it, but only during terraform init, it will not be updated each time. You can also specify a maximum version, or an exact version, or even state that any minor updates beyond v6 are fine, but not major ones. This is useful when working collaboratively, as new provider versions could change how your code works, or which options it supports.

Full info on version constraints are available here (opens in a new tab)

Also in the terraform block is the statement required_version. Don't be confused with this one, as it is unrelated to the version parameter of the akamai block above. required_version outside the required_providers block refers to the required (commonly minimum) version of the terraform binary itself. Hashicorp is constantly updating Terraform, so it is good practice to set this to the version of Terraform you are running at a minimum, but not exact, version. This allows users to use later versions, which are commonly backward compatible.

Provider Configuration

The following provider block configures the Akamai provider. This is dynamic and is evaluated when running terraform plan, terraform apply, terraform delete etc. and informs Terraform how to use the provider. In our case we provide the authentication options, but there are additional options in most providers (such as request_limit) which you can use here.

Best Practices

1. Use Variables for Sensitive Information: Never hardcode API tokens or other sensitive data directly in your provider blocks. Use variables instead.
2. Version Constraints: Always specify version constraints for your providers to ensure reproducibility and avoid issues caused by breaking versions.
3. Minimize Provider Block Usage: Try to define your provider configuration in one place and use it throughout your project.

Exercise