Cloud Internship 2026
Chapter 11
Glossary
| Term | Definition |
|---|---|
| IaC (Infrastructure as Code) | Managing and provisioning infrastructure through code files rather than manual processes. Terraform and CloudFormation are IaC tools. |
| Terraform | An open-source IaC tool by HashiCorp. Uses HCL (HashiCorp Configuration Language). The primary tool of this internship. |
| CloudFormation | AWS's native IaC service. Uses YAML or JSON templates. Managed directly by AWS. |
| Provider | A Terraform plugin that manages a specific platform (e.g., the AWS provider). Defined in required_providers. |
| Resource | A single piece of infrastructure managed by Terraform (e.g., aws_vpc, aws_instance). |
| State | Terraform's record of what it manages. Stored in terraform.tfstate. Never edit manually. |
| Module | A reusable, self-contained collection of Terraform resources with its own variables and outputs. |
| Plan | terraform plan — shows what Terraform will create, change, or destroy before it does anything. |
| Apply | terraform apply — executes the plan and provisions resources. |
| Destroy | terraform destroy — removes all resources managed by the current Terraform state. |
| VPC | Virtual Private Cloud. Your isolated network on AWS. Contains subnets, route tables, and gateways. |
| Subnet | A range of IP addresses within a VPC. Public subnets have a route to the Internet Gateway. Private subnets do not. |
| Security Group | A virtual firewall controlling inbound and outbound traffic for AWS resources. Stateful — allow rules only. |
| IGW (Internet Gateway) | Allows resources in public subnets to communicate with the internet. |
| ALB (Application Load Balancer) | Distributes HTTP/HTTPS traffic across multiple targets. Layer 7. |
| ASG (Auto Scaling Group) | Automatically adjusts the number of EC2 instances based on demand. Uses a launch template. |
| Launch Template | Defines the EC2 configuration (AMI, instance type, key pair, SG) used by an ASG. |
| RDS | Relational Database Service. Managed database on AWS. Multi-AZ means a standby replica in another AZ. |
| S3 | Simple Storage Service. Object storage. Highly durable and scalable. |
| IAM | Identity and Access Management. Controls who can do what on AWS. |
| Least-Privilege | Security principle: grant only the minimum permissions needed, nothing more. |
| Multi-AZ | Deploying resources across multiple Availability Zones for fault tolerance and high availability. |
| Jump Host (Bastion Host) | A hardened EC2 instance in a public subnet used as a gateway to access resources in private subnets via SSH. |
| Docker | A platform for building and running containers. Packages an application and its dependencies into a portable image. |
| Kubernetes (K8s) | A container orchestration platform. Manages deployment, scaling, and networking of containers. |
| CI/CD | Continuous Integration / Continuous Deployment. Automated pipeline that builds, tests, and deploys code on every push. |
| GitLab CI/CD | GitLab's built-in CI/CD system. Configured via a .gitlab-ci.yml file in the repository root. |
| Pipeline | A sequence of automated stages (validate, build, deploy) triggered by a Git event. |