Let's now move on to consider infrastructure as code. Moving to the cloud requires a mindset change. The on-demand pay-per-use model of cloud computing is a different model to traditional on-premise infrastructure provisioning. A typical on-premise model would be to buy machines and keep them running continuously. The compute infrastructure is typically built from fewer, larger machines. From an accounting view, the machines are capital expenditure that deprecates over time. When using the cloud, resources are rented instead of purchased, and as a result, we want to turn the machines off as soon as they are not required to save on costs. The approach is to typically have lots of smaller machines, scale out instead of scale up, and to expect an engineer for failure. From an accounting view, the machines are a monthly operating expenditure. In other words, in the cloud, all infrastructure needs to be disposable. The key to this is infrastructure as code, IaC, which allows for provisioning, configuration, and deployment activities to be automated. Having the process automated minimizes risks, eliminates manual mistakes, and supports repeatable deployments, scale, and speed. Deploying one or 100 machines is the same effort. The automation can be achieved using scripts or declarative tools such as Terraform, which we will discuss later. It is really important that no time is spent trying to fix broken machines or installing patches or upgrades. These will lead to problems recreating the environment at a later date. If a machine requires maintenance, remove it and create a new one instead. Costs can be reduced by provisioning ephemeral environments such as test environments that replicate the production environment. Terraform is one of the tools used for infrastructure as code or IaC. Before we dive into understanding Terraform, let's look at what infrastructure as code is. In essence, infrastructure as code allows for quickly provisioning and removing of infrastructures. On-demand provisioning of a deployment is extremely powerful. This can be integrated into a continuous integration pipeline that smoothens the path to continuous deployment. Automated infrastructure provisioning means that the infrastructure can be provisioned on-demand and the deployment complexity is managed in code. This provides the flexibility to change infrastructure as requirements change. All the changes are in one place. Infrastructure for environments such as development and test can now easily replicate production and can be deleted immediately when not in use, all because of infrastructure as code. Several tools can be used for IaC. Google Cloud supports Terraform, where deployments are described in a file known as a configuration. This details all the resources that should be provisioned. Configurations can be modularized using templates, which allows for the abstraction of resources into reusable components across deployments. In addition to Terraform, Google Cloud also provides support for other IaC tools, including Chef, Puppet, Ansible, and Packer. In this course, however, we will focus on Terraform. Terraform is an open-source tool that lets you provision Google Cloud resources. Terraform lets you provision Google Cloud resources such as virtual machines, containers, storage, and networking with declarative configuration files. You just specify the resources needed in your application in a declarative format and deploy your configuration. HashiCorp configuration language, or HCL, allows for concise descriptions of resources using blocks, arguments, and expressions. This deployment can be repeated over and over with consistent results, and you can delete a whole deployment with a one command or click. The benefit of a declarative approach is that it allows you to specify what the configuration should be and let the system figure out the steps to take. Instead of deploying each resource separately, you specify a set of resources which compose the application or service, allowing you to focus on the application. Unlike Cloud Shell, Terraform will deploy resources in parallel. Terraform uses the underlying APIs of each Google Cloud service to deploy your resources. This enables you to deploy almost everything we have seen so far from instances to instance templates and groups, to VPC networks, firewall rules, VPN tunnels, cloud routers, and load balancers. For a full list of supported resource types, a link to the using Terraform with Google Cloud documentation page is included in the course resources. The Terraform language is a user interface to declare resources. Resources are infrastructure objects such as Compute Engine, storage, containers, etc. A Terraform configuration is a complete document in the Terraform language that tells Terraform how to manage a given collection of infrastructure. A configuration can consist of multiple files and directories. The syntax of the Terraform language includes blocks that represent objects and can have zero or more labels. A block has a body that enables one to declare arguments and nested blocks. Arguments are used to assign value to name and expressions, which are used to assign values to various identifiers. Terraform can be used on multiple public and private clouds. Terraform is already installed in Cloud Shell. The example configuration file shown on the right begins by indicating that the provider is Google Cloud. What follows is the configuration of a Compute Engine instance and its disk. The output section allows for the IP addresses of the provisioned instance to be obtained from the deployment.