Terraform data source vs remote state
HashiCorp Terraform is an excellent tool for setting up and managing cloud resources. A Terraform configuration refers to the collection of files that define the infrastructure, usually contained within a single file system directory.
In certain scenarios, a Terraform configuration may need to refer to resources created by another configuration. For instance, a first configuration might establish a VPC, and then a second configuration may attempt to set up an EC2 instance but needs to refer to the VPC established by the first configuration. To address this need, Terraform provides several options, such as using data sources or remote states, each with its own advantages and disadvantages.
The table below outlines the diffences between two options. A "(+1)" denotes an advantage, while a "(-1)" denotes a disadvantage.
Aspect | Using data source | Using remote state |
---|---|---|
Security: Access sensitive state belonging to other configurations | (+1) Not possible | (-1) Possible |
Security: Accidentally modify resource on other configurations | (-1) Possible, since providers are declared and can be misused. | (+1) Not possible |
Workflow: Require out-of-band knowledge of resource identifier to reference the resource | (-1) Yes | (+1) No, only require declared output in remote state. |
Workflow: Reference resources that are not provisioned using Terraform | (+1) Yes | (-1) No |
Code: Visualise dependency between configurations | (-1) No | (+1) Yes |
Code: Require declaring output to share resources | (+1) No | (-1) Yes |
Code: Referencing shared resources | Require data source declaration for every resource that needs to be shared. | Declare remote state once (or more, dependending on configuration structure), then multiple resources can be referenced from the same remote state. |
Code: Require changing code when migrating states | (+1) No | (-1) Yes, remote state's path has to be updated. |
If you are deciding whether to use a data source or remote state, feel free to select the relevant aspects and carry out a basic scoring tabulation to weigh the advantages and disadvantages. YMMV.