Member-only story
The BEST way to structure your Terraform projects!
Dynamic Terraform deployments across multiple environments
The structure of your Terraform code is subjective! But here's my take on the ‘best’ way to lay it all out in my experience!
The ideal structure needs to take into account the following principles:
- You should have a centralized module repository that you can reuse across multiple projects.
- You should use tags to version your modules that are held in your centralized repository.
- You should use a consistent file and folder structure across your project.
- You should be storing your pipelines as code, these can be contained within the project structure too.
- You should be ‘limiting the blast radius’, e.g. the code is contained to deploy certain parts of your solution, and the pipeline to run or destroy this can be run independently. e.g. You would separate the creation of your SQL servers from the creation of your App Gateways.
- You can make use of ‘replace tokens’ to enable deployments to multiple environments, e.g. DEV, UAT, PROD. They also help when defining variables that are common across many parts of your code, e.g. the Terraform version, Backend storage account, Backend Storage Resource group.
More on how to pull this off as we go through the article!
Use a centralized module repository
Modules can be consumed in multiple ways, most commonly the module code is local to the project you are working on, e.g. stored in a folder calledmodules. This could be a new module you have coded just for that project, or code copied from elsewhere.
This is fine until you want to update the module and reuse it for another project. The versions of the module code will become different across your projects unless you update them all together. The code calling the module will also need to be updated and tested. This is clearly not scalable!
Referencing public modules on the Terraform registry is useful in certain situations, however, these can prove inflexible as you don’t have full control over them. Therefore I would recommend…
