Difference between revisions of "Terraform best practices"

From wikieduonline
Jump to navigation Jump to search
Line 5: Line 5:
 
https://cloud.google.com/docs/terraform/best-practices-for-terraform
 
https://cloud.google.com/docs/terraform/best-practices-for-terraform
 
* Protect [[stateful resources]]: <code>[[lifecycle]] { [[prevent_destroy]] = true }</code>
 
* Protect [[stateful resources]]: <code>[[lifecycle]] { [[prevent_destroy]] = true }</code>
* Expose [[outputs]]: <code>[[outputs.tf]]</code>
+
* Expose [[Terraform: output|outputs]]: <code>[[outputs.tf]]</code>
 
* Use [[data sources]].
 
* Use [[data sources]].
 
* Adopt a naming convention.
 
* Adopt a naming convention.
Line 18: Line 18:
 
* Use <code>[[for_each]]</code> for iterated resources.
 
* Use <code>[[for_each]]</code> for iterated resources.
 
* Publish [[modules]] to a [[registry]].
 
* Publish [[modules]] to a [[registry]].
 
  
 
=== Operations ===
 
=== Operations ===

Revision as of 14:47, 22 January 2023

Best practices from Google Cloud team

https://cloud.google.com/docs/terraform/best-practices-for-terraform

Operations

  • Don't modify Terraform state manually.
  • Always plan first.
  • Implement an automated pipeline.
  • Use service account credentials for CI.
  • Avoid importing existing resources.
  • Regularly review version pins.
  • Use application default credentials when running locally.
  • Set aliases to Terraform.

Related

See also

Advertising: