{"id":19259068,"url":"https://github.com/r3drun3/terraform-best-practices","last_synced_at":"2026-06-29T22:30:22.455Z","repository":{"id":44476302,"uuid":"512742901","full_name":"R3DRUN3/terraform-best-practices","owner":"R3DRUN3","description":"Follow Terraform Best Practice 🤖 ⚙️ 🔧","archived":false,"fork":false,"pushed_at":"2022-10-23T08:14:36.000Z","size":227,"stargazers_count":9,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-01-05T09:32:31.231Z","etag":null,"topics":["aws","terraform"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/R3DRUN3.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":"license","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-07-11T12:14:11.000Z","updated_at":"2024-10-28T13:23:07.000Z","dependencies_parsed_at":"2023-01-20T06:31:39.416Z","dependency_job_id":null,"html_url":"https://github.com/R3DRUN3/terraform-best-practices","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/R3DRUN3%2Fterraform-best-practices","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/R3DRUN3%2Fterraform-best-practices/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/R3DRUN3%2Fterraform-best-practices/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/R3DRUN3%2Fterraform-best-practices/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/R3DRUN3","download_url":"https://codeload.github.com/R3DRUN3/terraform-best-practices/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240356192,"owners_count":19788513,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","terraform"],"created_at":"2024-11-09T19:15:19.546Z","updated_at":"2026-06-29T22:30:22.400Z","avatar_url":"https://github.com/R3DRUN3.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Terraform Best Practices\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n[![CI](https://github.com/R3DRUN3/terraform-best-practices/actions/workflows/CI.yml/badge.svg)](https://github.com/R3DRUN3/terraform-best-practices/actions/workflows/CI.yml)\n\nFollow Terraform Best Practice 🤖 ⚙️ 🔧\n\n\u003cp align=\"center\"\u003e\u003cimg width=\"180\" height=\"180\" src=\"https://github.com/yurijserrano/Github-Profile-Readme-Logos/blob/master/cloud/terraform.png\"\u003e\u003c/p\u003e\n\n## Abstract\nThis repo is inspired by this youtube video: https://www.youtube.com/watch?v=gxPykhPxRW0\n\u003cbr\u003e\nit is therefore recommended to display it as an accompaniment to the contents of the repo.\n\u003cbr\u003e\n\u003cbr\u003e\nSome of Terraform best practice are:\n\n- Always put variables in the variables.tf file\n- Manipulate state only through Terraform commands\n- Save Terraform state to remote location (in this case AWS S3 Bucket)\n- Lock remote Terraform state to avoid concurrent access to the infrastructure.\n- Back up State File\n- Use 1 State per Environment\n- Host Terraform code in Git repository\n- Never save Terraform state files in GIT repository\n- Execute Terraform only in an automated CI/CD build\n\n\u003cbr\u003e\n\nIn this repo we try to follow all these best practices.\n\n\n\n## Prerequisites\nThe code in this repo has been tested on `Ubuntu 22.04` host with:\n\n- `Terraform v1.2.4`\n\n## Instructions\nClone this repo and launch the aws provisioning for creating the remote Backend that will host Terraform state file (S3 Bucket + DynamoDb table for avoiding concurrent access):\n\n```console\ngit clone https://github.com/R3DRUN3/terraform-best-practices.git \\\n\u0026\u0026 cd terraform-best-practices/backend-prerequisites \\\n\u0026\u0026 terraform init \u0026\u0026 terraform apply\n```\n\nOnce this deployment has ended, you will find an S3 Bucket and a DynamoDB table on your aws account:\n\nS3:\n\u003cdiv style=\"width: 65%; height: 65%\"\u003e\n\n  ![](images/tf-state-s3-bucket.png)\n  \n\u003c/div\u003e  \n\u003cbr/\u003e\n\nDynamoDB:\n\u003cdiv style=\"width: 65%; height: 65%\"\u003e\n\n  ![](images/tf-state-dynamodb-lock-table.png)\n  \n\u003c/div\u003e  \n\u003cbr/\u003e\n\n\nThese two entities will provide the basis for implementing a backend that will allows us to save the state of our IaC, while also preventing two or more developers from launching commands against it at the same time.\n\nNow that we have a decentalized state, we can proceed by launching the demo that can be found in the `terraform-demo-with-backend` folder.\nThis will create for us two aws EC2 instances and will write changes to the `terraform.tfstate` file in our aws.\n\nAth the end of the procedure you should see your instances in the EC2 dashboard:\n\n\u003cdiv style=\"width: 65%; height: 65%\"\u003e\n\n  ![](images/tf-demo-ec2-instances.png)\n  \n\u003c/div\u003e  \n\u003cbr/\u003e\n\n\nAt this point, if you check your S3 Bucket, you will see that the size has incresed to make room for Terraform state:\n\n\n\u003cdiv style=\"width: 65%; height: 65%\"\u003e\n\n  ![](images/tf-state-s3-bucket-full.png)\n  \n\u003c/div\u003e  \n\u003cbr/\u003e\n\n\nNote that the best practice is to always execute Terraform scripts via an automated build, this is the reason why you will find a github action workflow associated with this repo, this automatically execute the scripts in `terraform-demo-with-backend` on push.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fr3drun3%2Fterraform-best-practices","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fr3drun3%2Fterraform-best-practices","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fr3drun3%2Fterraform-best-practices/lists"}