Difference between revisions of "Terraform best practices"

From wikieduonline
Jump to navigation Jump to search
 
(15 intermediate revisions by 4 users not shown)
Line 1: Line 1:
  
 
* https://www.terraform.io/cloud-docs/guides/recommended-practices
 
* https://www.terraform.io/cloud-docs/guides/recommended-practices
 +
** One [[Workspace]] per Environment per Terraform configuration
 +
* https://cloud.google.com/docs/terraform/best-practices-for-terraform
  
=== Best practices from Google Cloud team ===
+
== Best practices from [[Google Cloud]] team ==
 
https://cloud.google.com/docs/terraform/best-practices-for-terraform
 
https://cloud.google.com/docs/terraform/best-practices-for-terraform
 
* Protect [[stateful resources]]: <code>[[lifecycle]] { [[prevent_destroy]] = true }</code>
 
* Protect [[stateful resources]]: <code>[[lifecycle]] { [[prevent_destroy]] = true }</code>
 
* Expose [[Terraform: output|outputs]]: <code>[[outputs.tf]]</code>
 
* Expose [[Terraform: output|outputs]]: <code>[[outputs.tf]]</code>
* Use [[data sources]].
+
* Use [[data sources]]: <code>[[data.]]</code>
 
* Adopt a naming convention.
 
* Adopt a naming convention.
* Use [[variables]] carefully.
+
* Use [[variables]] carefully: <code>[[variables.tf]]</code>
 
* Limit the use of custom scripts
 
* Limit the use of custom scripts
 
* Follow a [[standard module structure]]
 
* Follow a [[standard module structure]]
Line 16: Line 18:
 
* Limit the complexity of expressions.
 
* Limit the complexity of expressions.
 
* Use <code>[[Terraform meta argument: count|count]]</code> for conditional values.
 
* Use <code>[[Terraform meta argument: count|count]]</code> for conditional values.
* Use <code>[[for_each]]</code> for iterated resources.
+
* Use <code>[[for_each]]</code> for [[iterated resources]].
* Publish [[modules]] to a [[registry]].
+
* Publish [[Terraform modules|modules]] to a [[registry]].
  
 
=== Operations ===
 
=== Operations ===
 
* Don't modify [[Terraform state]] manually.
 
* Don't modify [[Terraform state]] manually.
* Always plan first.
+
* Always [[plan]] first, <code>[[terraform plan]]</code>
* Implement an automated pipeline.
+
* Implement an automated [[pipeline]].
* Use service account credentials for CI.
+
* Use [[service account]] credentials for CI.
* Avoid importing existing resources.
+
* Avoid [[terraform import|importing]] existing resources.
* Regularly review version pins.
+
* Regularly review version [[pins]].
 
* Use application default credentials when running locally.
 
* Use application default credentials when running locally.
* Set aliases to Terraform.
+
* Set [[aliases]] to Terraform.
  
 
== Related ==
 
== Related ==
Line 33: Line 35:
 
* [[main]]
 
* [[main]]
 
* <code>[[prevent_destroy]]</code>
 
* <code>[[prevent_destroy]]</code>
 +
 +
== Activities ==
 +
* Read https://www.digitalocean.com/community/tutorials/how-to-structure-a-terraform-project
  
 
== See also ==
 
== See also ==

Latest revision as of 11:12, 30 May 2024

Best practices from Google Cloud team[edit]

https://cloud.google.com/docs/terraform/best-practices-for-terraform

Operations[edit]

Related[edit]

Activities[edit]

See also[edit]

Advertising: