Terraform multiple environments best practices

Hi, I work somewhere where we have started experimenting with azure and terraform. I’m aware that you should distinguish tfstate per environment. We’ve two environments: dev and prod . The following resources are being created:

  • Azure API Management (APIM)
  • AKS cluster
  • MongoDB
  • Azure DevOps Organization
  • Azure Container Registry (ACR)

Now is the thing that the ACR and Azure DevOps Organization doesn’t have a prod or dev environment, nor does an Azure DevOps project within this Organization. Since every customer gets an own Azure DevOps Project we still want to automate this. The resources in an Azure DevOps Project, like service connections, variable groups does have two environments…

  1. How to tackle this according to Best Practices?
  2. Does this mean we will get three tfstate files: dev , prod and base or something like that.
  3. How would the structure of terraform files/folders in the infrastructure repository look like?