Docs
PackagesTerraform vs. OpenTofu
Terraform and OpenTofu are both infrastructure as code technologies that have similarities but fundamental differences. They both provide infrastructure as code software for cloud service management with a consistent CLI workflow. They allow you to write, plan, and apply changes to deliver infrastructure as code. In this comprehensive guide, we’ll explore their key differences and similarities to help you choose the right infrastructure as code platform to meet your needs.
Terraform vs. OpenTofu: Similarities
OpenTofu is a fork of Terraform 1.6.x so there are many similiarities for now. They both have the ability to create, deploy, and manage infrastructure as code on any cloud. Both Terraform and OpenTofu follow a desired state infrastructure as code model, where the IaC code represents the desired state of the infrastructure. The deployment engine compares this desired state with the current state of the stack and determines the necessary actions, such as creating, updating, or deleting resources. Both Terraform and OpenTofu support many cloud providers, including AWS, Azure, and Google Cloud, plus other services like CloudFlare, Digital Ocean, and more. They also both require the use of a domain-specific language: HashiCorp Configuration Language (HCL).
Terraform vs. OpenTofu: Key Differences
Terraform and OpenTofu differ in that Terraform is not open source, using the Business Source License model. OpenTofu, however, uses the weak copyleft Mozilla Public License 2.0. Terraform also has a paid offering called Terraform Cloud, a fully managed SaaS service that version controls and manages Terraform state. Terraform Cloud also provides access to remote operations, policy as code, and audit logging. OpenTofu is supported by env0 and Spacelift SaaS services for managing Terraform state. As Terraform and OpenTofu continue to diverge, more key differences will emerge.
Here is a summary of the key differences between Terraform and OpenTofu:
| Feature | Terraform | OpenTofu |
|---|---|---|
| OSS License | No, Business Source License 1.1 | Yes, Mozilla Public License 2.0 |
| Language Support | HashiCorp Configuration Language (HCL) | HashiCorp Configuration Language (HCL) |
| IDE Support | Limited | Limited |
| State Management | Self-managed by default, managed SaaS offering available. | Self-managed by default, managed SaaS offerings available. |
| Provider Support | Support across multiple IaaS, SaaS, and PaaS providers. | Support across multiple IaaS, SaaS, and PaaS providers. |
| Cloud Native Support | Core API typed. Generic support for CRD. | Core API typed. Generic support for CRD. |
| Dynamic Provider Support | No | No |
| Infrastructure Reuse and Modularity | Constrained. Can only reuse Terraform modules. | Constrained. Can only reuse OpenTofu modules. |
| Testing and Validation | Integration testing only. | Integration testing only. |
| Modes of Execution | Run CLI commands or perform remote runs with SaaS offering. | Run CLI commands only. |
| Embed within Application Code | No | No |
| Third-party CI/CD Tools Support | Yes | No |
| Policy as Code | Yes | No |
| Secrets Management | No. Secrets are stored in a separate product (Vault). There is no way to encrypt them in the state file. | No. Secrets can be stored in a 3rd party product. There is no way to encrypt them in the state file. |
| Audit Capabilities | Limited | No |
| Adopt Existing Resources | Yes. No code generation capabilities. | Yes. No code generation capabilities. |
| Aliases | Limited | Limited |
| Transformations | No | No |
| Import Code from other IaC Tools | No | No |
Are you constrained by Terraform or OpenTofu? Let us help you migrate to Pulumi so you can have greater developer productivity, ability to scale, and delivery velocity. Follow our comprehensive guides in our Migration Hub or work with our Expert Services teams that can help you with migration and training. If you would like to deploy a simple program, follow our Get Started guide:
Get Started with Pulumi
Use Pulumi's open-source SDK to create, deploy, and manage infrastructure on any cloud.
Thank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.
