Home

Awesome

This is my infra portfolio

System configuration chart

todo

Directory structure

Pattern A is adopted in this repository. Pattern B used if resources are few, or files under env can be combined into a single main.tf file. The selection criterion depends on which unit the tfstate file is divided into. The more resources are managed in one state file, the longer the execution time when plan/apply, etc. without specifying a target. Too much division makes it hard to write source code, but the more resources you have, the greater the benefit.

If you further divide environments/{env} into ecr/・/ecs, etc., it is not possible to pass values between modules as shown below (directory design depends on the concept of tfstate division). Instead, terraform_remote_state source or data source should be used. The terraform_remote_state is a reference from the state, so there is no need to call the API. data resource is not misaligned with the real resource entity. If there are many directories, it may be easier to manage them by creating a integrate file with reference data directly under environments/{env}. (In some cases, it is safer to use the data source because terraform_remote_state may not be able to read the old tfstate if the format is changed when tf is updated.)

Pattern A

.
├── environmets/
│   ├── dev/
│   │   ├── ecr/
│   │   │   ├── main.tf
│   │   │   ├── backend.tf
│   │   │   ├── provider.tf
│   │   │   └── terraform.tf
│   │   └── ecs/
│   ├── stg/
│   └── prd/
└── modules/
    ├── ecr/
    │   ├── main.tf
    │   ├── outputs.tf
    │   └── variables.tf
    └── ecs/

Pattern B

.
├── environments/
│   ├── dev/
│   │   ├── ecr.tf # If resources are few,  together them in main.tf is ok.
│   │   ├── ecs.tf
│   │   ├── backend.tf
│   │   ├── provider.tf
│   │   └── terraform.tf
│   ├── stg/
│   └── prd/
└── modules/
    ├── ecr/
    │   ├── main.tf
    │   ├── outputs.tf
    │   └── variables.tf
    └── ecs/

Setting local environment

Rules

AWS resource name

{env}-{service_name}-{purpose}-{resource_name}
ex: dev-fumis-portfolio-terraform-tfstate-s3-bucket

Module user side name

Follow AWS resource name rule.

module "{purpose}_{resource_name}" {
  source = "module"
}

Outside source code control

Tools

Static Analysis

TFLint

infra_portfolio $ tflint --recursive --format compact
# The error below appears in the module. Ignore it ok because it is specified on the use side. (Even if set the disable setting in tflint.hcl, the error appears...)
# terraform_required_providers, terraform_required_version