How to structure an existing Azure env in Terraform

I’m wanting to create our existing Azure infrastructure in Terraform. I’ve written most of it by hand once or twice, generated some HCL using terraformer and aztfy and I still can’t really nail down what the best way is to do this.

I’m also wanting to integrate Terraform Cloud with a Azure DevOps repo containing our Azure infrastructure as code via version control so new changes can only be made by approved PR and merges (no one should be allowed to log into the portal and manually change things. This issue has caused services to go down in prod in the past and I am looking to implement a change framework via Terraform to avoid this)

How should I do this?

Namely, I’m not sure how best to use modules for reusability so I am not copy/pasting resource groups, vnets and more into different sub modules for different services.

Should modules represent resource groups? Or should modules represent individual resources? Or should modules represent services as a whole, even spread across multiple RGs and VNETs? e.g. one module is a domain controller, anothjer module is a firewall, another module is a production web application?

Any resources I can look to for guidance on how to structure my Terraform code? All of the example github repos I have looked into really don’t inspire me or relate to my specific environment (obviously, how can I expect them to?) so it is difficult to glean how exactly I would replicate or follow that example for my own situation.