"OpenTofu: Practical IaC After Terraform—Migration, Modules, and Governance"
OpenTofu is more than a fork; it's a chance to re-engineer infrastructure-as-code as a dependable delivery system. This book is written for experienced Terraform practitioners, platform engineers, and SREs who already know the basics and now need a precise, operations-grade approach to adopting OpenTofu without breaking estates, compliance posture, or team velocity. If you're responsible for multi-environment reliability, safe change management, and long-lived modules, this is your field guide.
You'll build a clear compatibility model (language, providers, backends, and tooling), then implement deterministic installation, pinning, and upgrade practices that make runs reproducible across laptops and CI. From there, the book walks through controlled Terraform-to-OpenTofu migration patterns—inventory, state safety, parallel plans, and cutover mechanics—followed by advanced HCL techniques for stable addressing, scalable iteration, and readable composition. You'll also learn how to operate providers at scale, harden supply-chain trust, engineer state and backend safety (locking, recovery drills, encryption), and minimize secret persistence with ephemeral and write-only patterns.
Finally, it connects delivery pipelines to governance: PR-based plans, gated applies, policy-as-code guardrails, compliance evidence by design, drift remediation, and incident playbooks. Expect deep trade-offs, operational failure modes, and decision criteria—not toy examples. Prerequisites: real Terraform/OpenTofu production
