IaC Insights
Posts
Problematic TF Providers

Problematic TF Providers

Not all Terraform or OpenTofu providers are built equally.

Matt Gowie
May 12, 2026

Hey folks,

Bad news for us: not all Terraform or OpenTofu providers are built equally.

The Cloudflare provider is one that I've heard about consistently having problems.

On a Slack thread from a few months ago, people were discussing the Cloudflare provider’s issues. They were saying things like “their ‘here is a script for y’all’ thing didn’t even remotely work” and “every time I update the provider there are gross breaking changes” that require manipulating TF state.

So, it doesn't sound like it's getting better. That's a problem. Breaking changes that require manual state surgery due to minor version upgrades is not something any provider should have in 2025 or 2026. That's some 2018 BS. To their credit, my original post did get a response from a Cloudflare product manager, and it seems the team is prioritizing resource stability; here’s an issue to follow along with the Cloudflare efforts.

Considering the bigger picture, beyond just Cloudflare, I think orgs should treat their TF provider with the same level of criticality as their underlying APIs.

Why? Two reasons:

TF is how the engineering orgs who are using your product prefer to interact with your product.
It's how the orgs building on your product are empowered to build at scale.

So, treat your TF provider with importance. Build (and maintain) it right. Invest in the DevEx, functionality, and first class support.

My team at Masterpoint interacts with non-big 3 cloud providers all the time: TF providers like Datadog, GitHub, and Spacelift are some of our favorites. They're all independently developed and updated by their organizations. They're mature and well built. They don't give us problems and they allow my team and I to execute great work for our clients, with this software helping.

Use these companies as examples. Build like they do!

I asked the community two questions:

What providers do you enjoy using?
What other providers are the bane of your existence?

And here’s what I heard. Some TF providers that are enjoyable include Snowflake and the Dominos pizza provider (classic).

Some of the problematic TF providers:

Stripe
Slack
Keycloak
GitHub (however, my team has used it successfully)

How about you? Which providers do you love? Which cause you pain?

Hit reply and share your thoughts!

Matt @ Masterpoint

PS I’m speaking at IaCConf, a virtual conference, about AI’s disruption of infrastructure operations. It’s happening in two days, on May 14. Learn more and register here. Or, if you want to chat about the best (or worst) TF provider, grab some time on my calendar here.