terraform provisioning - ghdrako/doc_snipets GitHub Wiki

The execution of Terraform provisioners does not need to be idempotent or atomic, since it is executing an arbitrary script or instruction. Terraform will not be able to track the results and status of provisioners in the same way it is used to doing for other resources. Because of this, HashiCorp recommends the use of Terraform provisioners as a last resort when you don't have any other option to complete your goal.

The remote-exec provisioner connects to a remote machine via WinRM or SSH and helps you to run a script remotely. The remote machine should allow remote connection; otherwise, the Terraform remote-exec provisioner will not be able to run the provided script. Instead of using remote-exec to pass data to a virtual machine, most cloud providers provide built-in tools to pass data, such as the user_data argument in AWS or custom_data in Azure

• Google Cloud Platform metadata on google_compute_instance or google_compute_instance_group
• Microsoft Azure custom_data on azurerm_virtual_machine or azurerm_virtual_machine_scale_set

For further reading about built-in tools to pass data in different clouds, you can refer to https://www.terraform.io/docs/language/resources/provisioners/syntax.html.