Video Thumbnail for Lesson
9.1: Developer Workflows

Terraform Workflows and Best Practices

In this lesson, we'll cover how developer teams use Terraform in real-world scenarios, explore different workflows from a developer's perspective, and discuss automating operations to ensure reliable infrastructure updates.

We'll also discuss potential Terraform gotchas and recommendations to avoid them.

Workflow for Terraform Developers

  1. Write and update Terraform code.
  2. Test the changes locally in a development environment.
  3. Create a pull request (PR) in a version control system (e.g., GitHub).
  4. Have a colleague review the PR and suggest improvements.
  5. Run tests within a continuous integration (CI) system (e.g., GitHub Actions).
  6. If tests pass, merge the PR into the main branch.
  7. Use an automated pipeline in the CI/CD tool to deploy the changes to the staging environment.
  8. Deploy the changes to production when tagging a new release.

Working with Multiple AWS Accounts (GCP Projects)

For security purposes, it's beneficial to have separate accounts or projects for different environments (e.g., development, staging, and production). This ensures better access control, prevents naming conflicts, and isolates environments to protect against potential issues.

Title slide from presentation about terraform with multiple aws accounts

Third-Party Tools and Recommendations

  • Terragrunt: Helps minimize code repetition and streamline working with multiple accounts.
  • Cloud-Nuke: Allows easy cleanup of resources to avoid unexpected bills.
  • Local Bash scripts and Makefiles: Helps prevent human error in issuing commands.
  • CI/CD tools: GitHub Actions, CircleCI, GitLab, and Atlantis.
  • Visual: List of third-party tools and their uses.

Potential Gotchas and Recommendations

  • Be cautious when changing resource names.
  • Protect sensitive data in Terraform state files.
  • Configure cloud timeouts to prevent partial provisioning.
  • Avoid naming conflicts when provisioning resources.
  • Remember to destroy test infrastructures.
  • Ensure all team members use the same Terraform version.
  • Understand that there are multiple ways to accomplish the same configuration.
  • Be aware of immutable parameters in resources.
  • Avoid making changes outside of the Terraform sequence.

By understanding the workflows, best practices, and potential pitfalls when using Terraform, you can efficiently manage your infrastructure and minimize risks.

With the proper application of these concepts, you can reap the benefits of Terraform and other infrastructure as code tools.