What is the usage of local-exec provisioner?

I am getting familiar with Terraform and Ansible through books. Could someone enlighten me about the following block of code?

provisioner "local-exec" { 
    command = "ansible-playbook -u ubuntu --key-file ansible-key.pem -T 300 -i '${self.public_ip},', app.yml" 
  }

The short answer is local-exec is for anything you want to do on your local machine instead of the remote machine.

You can do a bunch of different things:

• write an ssh key into your ~/.ssh to access the server
• run a sleep 30 or something to make sure the next commands wait a bit for your machine to provision
• write logs to your local directory (last run, date completed, etc.)
• write some env_vars to your local machine you can use to access the machine
• the ansible example you provided

FYI, hashicorp hates local- and remote- exec. If you talk to one of their devs, they will tell you that it is a necessary evil. Other than maybe a sleep or write this or that, avoid it for any stateful data.

I would interpret that as Terraform should execute a local command on the Control Node.

Reading the documentation about local-exec Provisioner it turns out that

> The local-exec provisioner invokes a local executable after a (annot.: remote) resource is created. This invokes a process on the machine running Terraform ...

and not on the Remote Resource.

So after Terraform has in example created a Virtual Machine, it calls an Ansible playbook to proceed further on it.