Looking for recommendations to structure projects in a directory

Hi,

I am responsible for setting/creating infra for the company and I am trying to introduce IaC approaches at the company. I am looking for ways and recommendations on how should I structure the terraform repository.

Infrastructure requirements can be categorized into two requirements, project specific and ad hoc requests. Example of project specific requirements could be something like, I need to set up a data platform for the company, a data platform would comprise of multiple infra components, like it would need glue, redshift database, roles to run glue jobs etc etc. Example of adhoc requests is like creating a new ec2 instance for small PoC or sharing access to a consultant for limited time etc etc.

^This is generally the type of requests I get, so based on this I am planning to implement this following directory structure.

- applications
  - data-platform
    - glue_role.tf
    - glue.tf
    - redshift.tf
  - some-other-application/
  - ad-hoc
    - ec2.tf
  - user-management
    - roles.tf
    - user-groups.tf
    - policies.tf
- modules
  - iam_role
    - main.tf
    - variables.tf
    - outputs.tf
  - ec2
    - main.tf
    - variables.tf
    - outputs.tf
main.tf

I also have to maintain three environments, dev, stage and prod. For environments I am thinking to use workspaces, so if I want to apply to prod, I should switch to prod workspace.

The main.tf file in the root, acts as an entrypoint for terraform command and it imports all other modules and directories (i.e. it imports data-platform).

In your experience, does this approach sounds correct and scalable? I will have other people also working on this, so I am also using s3 as a backend.

Hello, something I can suggest right away is to maintain a minimum level of uniformity in the folder contents by keeping at least the following files:

  • variables.tf
  • outputs.tf
  • main.tf

Concentrate the most important part of the calls in the main.tf. If there isn’t a main element, then it might not make sense to have a main.tf.

As for internalized modules, it’s always a good idea to start with them within the structure, but as time goes on and you start reusing them, you’ll see the need for version control. Once the modules begin to be used in production environments, consider moving them to separate repositories. Always make use of community modules (reliable ones, of course) whenever possible.

Finally, you may have structuring elements that will be common across applications, so use a “shared” folder for this.

The idea of workspaces is great, but I can already share with you that in Terraform Cloud, it’s not the same experience as using S3 or another type of state persistence.