Why This Matters
This example is where Terraform connects directly with later SKILLY paths: AKS operations, Helm application deployment, and CI/CD automation.
Providers & Resources
Learn how Terraform talks to cloud APIs through providers and how resources map directly to real infrastructure objects.
Simple Explanation (ELI5)
Terraform is the planner. Providers are translators for each cloud platform. Resources are the real things Terraform creates, like a resource group, VNet, or AKS cluster.
Technical Explanation
A provider plugin handles API communication and authentication. A resource block describes desired infrastructure Terraform should manage. A data source reads existing values without creating new infrastructure.
hcl
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "~> 4.0"
}
}
}
provider "azurerm" {
features {}
}| Block | Purpose |
|---|---|
provider | Defines how Terraform authenticates and targets a platform |
resource | Defines infrastructure Terraform creates or manages |
data | Reads existing platform data without creating objects |
Real-World Example: RG + VNet + AKS (Simplified)
This pattern appears in production platform repositories: build a resource group, create network boundaries, then provision AKS into the subnet.
hcl
resource "azurerm_resource_group" "platform" {
name = "rg-platform-dev"
location = "eastus"
}
resource "azurerm_virtual_network" "platform" {
name = "vnet-platform-dev"
location = azurerm_resource_group.platform.location
resource_group_name = azurerm_resource_group.platform.name
address_space = ["10.40.0.0/16"]
}
resource "azurerm_subnet" "aks" {
name = "snet-aks"
resource_group_name = azurerm_resource_group.platform.name
virtual_network_name = azurerm_virtual_network.platform.name
address_prefixes = ["10.40.1.0/24"]
}
resource "azurerm_kubernetes_cluster" "platform" {
name = "aks-platform-dev"
location = azurerm_resource_group.platform.location
resource_group_name = azurerm_resource_group.platform.name
dns_prefix = "aksplatformdev"
default_node_pool {
name = "system"
node_count = 2
vm_size = "Standard_D4s_v5"
vnet_subnet_id = azurerm_subnet.aks.id
}
identity {
type = "SystemAssigned"
}
}💡
Hands-on
- Create a resource group resource and apply.
- Add VNet and subnet resources and run plan again.
- Add AKS resource and inspect the full dependency graph in plan output.
Troubleshooting
Problem: plan fails even though syntax looks correct.
- Verify provider authentication context (local vs CI).
- Check provider version compatibility with used resource arguments.
- Check subscription and region constraints for requested resource types.
Interview Questions
Beginner
What is a provider in Terraform?
A provider is the plugin Terraform uses to talk to a platform API.
What is a resource?
A resource is an infrastructure object managed by Terraform.
Scenario-Based
Why split RG, VNet, and AKS into clear resources or modules?
It improves ownership boundaries, review clarity, and safer staged changes.
Why does AKS often fail even when provider config is correct?
Because platform constraints like subnet design, quota, and permissions are runtime dependencies beyond syntax validity.
Summary
Providers define how Terraform communicates. Resources define what Terraform manages. Real platform delivery starts when these blocks are composed into end-to-end infrastructure patterns like RG + VNet + AKS.