Skip to main content

Terraform

These rule examples will help your developers to write better Terraform code. Use them as inspiration to create your own guideline repository.

## General
- Organize your Terraform code into modules. This promotes reusability and easier management of related resources.
- Use variables to parameterize your Terraform configurations. Define input variables with clear descriptions and types.
- Never hardcode sensitive information (e.g., passwords, access keys) in your Terraform code. Use secure methods like environment variables or encrypted storage solutions.
- Use remote state backends (e.g., AWS S3, Azure Blob Storage) for storing Terraform state files. Enable state locking to prevent concurrent modifications.
- Use the validation block for input variables to ensure that input values meet specific criteria
        variable "instance_count" {
            description = "Number of instances to create."
            type        = number
            default     = 1
        
            validation {
                condition     = var.instance_count > 0
                error_message = "Instance count must be greater than zero."
            }
        }
- Use count and for_each with caution. Avoid creating complex logic that can obscure resource intent.
- Never save TF state files in git, they can contain sensitive information in plain text format;
- Always create an output file that returns at least the resource id and name
- Use a variable with a default value over hardcoded static resource configuration.

##Testing
- Run terraform validate to check for syntax errors automatically in the pipeline