Terraform Series - A typical file layout for Terraform projects

Article Series

👉 Terraform article series

Typical File Layout

- modules/
    - services/
        - webserver-cluster/
            - examples/
            - main.tf
            - outputs.tf
            - vars.tf
            - user-data.sh
            - README.md
            - [ ] versions.tf
- stage/
    - vpc/
    - services/
        - frontend-app/
        - backend-app/
            - main.tf
            - outputs.tf
            - vars.tf
            - user-data.sh
            - README.md
            - [ ] provider.tf
            - [ ] versions.tf
            - [] terraform.tfvars（or `*.auto.tfvars`)
            - [ ] main.tfvars
    - data-storage/
        - mysql/
        - redis/
- prod/
    - vpc/
    - services/
        - frontend-app/
        - backend-app/
    - data-storage/
        - mysql/
        - redis/
- mgmt/
    - vpc/
    - services/
        - bastion-host/
        - jenkins/
- global/
    - iam/
    - s3/
        - main.tf
        - outputs.tf
        - vars.tf
        - user-data.sh
        - README.md
        - [ ] provider.tf
        - [ ] versions.tf

🔥 Tips:

• - [] means the item is optional
• Showing for example examples/ means the item is a folder

Details

Top folder

For isolating environments

• modules: Terraform (reusable) modules folder
• stage: pre-release Env
• prod: production env
• mgmt: management/DevOps environments (e.g., Fortress, Jenkins, etc.)
• global: for running resources that are shared across environments (e.g. Terraform backend - S3, IAM)

Secondary folders

Used for components in the environment

• vpc: network topology
• services: application environments or microservices running in this environment, such as NGINX front ends or Java backends. Each application should even reside in a separate folder, isolated from other applications
• data-storage: datastores running in this environment, such as MySQL or Redis. each datastore should reside in its own folder, isolated from other datastores.

Files

In each component, there is a corresponding configuration file for Terraform with the following naming convention:

• vars.tf: input variables
• outputs.tf: output variables
• main.tf: resource definition
• user-data.sh: (optional), user-defined script
• README.md: description document
• provider.tf: (optional), provider information, typically: provider, region. providers may be different for different environments, or even for different components of the same environment.
• versions.tf: (optional), Terraform version, provider version, Terraform backend information.
• terraform.tfvars (or *.auto.tfvars): (optional), terraform plan and apply will pass in the values of the variables in this file by default
• main.tfvars: (optional), terraform plan and apply can be specified manually with -var-file=filename.

Variable assignment

Variables can be assigned in the following 3 ways:

-var 'foo=bar'      Set a value for one of the input variables in the root
                    module of the configuration. Use this option more than
                    once to set more than one variable.

-var-file=filename  Load variable values from the given file, in addition
                    to the default files terraform.tfvars and *.auto.tfvars.
                    Use this option more than once to include more than one
                    variables file.

1. command-line arguments: -var 'foo=bar'

2. parameter file: read terraform.tfvars by default (or *.auto.tfvars) or specified by -var-file=filename on the command line

3. Environment variables: you can assign values to input variables by setting an environment variable named TF_VAR_<NAME>, e.g:

   $ export TF_VAR_image_id=ami-abc123
   $ terraform plan
   ...

   Environment variables are ideal for use in automated pipelines and are particularly suitable for passing sensitive data, such as passwords, access keys, etc.