ð terraform-modules
Use when creating and using reusable Terraform modules for organizing and sharing infrastructure code.
Overview
Creating and using reusable Terraform modules.
Module Structure
modules/vpc/
âââ main.tf
âââ variables.tf
âââ outputs.tf
âââ README.md
Creating a Module
main.tf
resource "aws_vpc" "main" {
cidr_block = var.cidr_block
enable_dns_hostnames = var.enable_dns_hostnames
tags = merge(var.tags, {
Name = var.name
})
}
resource "aws_subnet" "public" {
count = length(var.public_subnets)
vpc_id = aws_vpc.main.id
cidr_block = var.public_subnets[count.index]
availability_zone = var.availability_zones[count.index]
tags = merge(var.tags, {
Name = "${var.name}-public-${count.index + 1}"
})
}
variables.tf
variable "name" {
description = "VPC name"
type = string
}
variable "cidr_block" {
description = "VPC CIDR block"
type = string
}
variable "public_subnets" {
description = "Public subnet CIDR blocks"
type = list(string)
default = []
}
variable "tags" {
description = "Resource tags"
type = map(string)
default = {}
}
outputs.tf
output "vpc_id" {
description = "VPC ID"
value = aws_vpc.main.id
}
output "public_subnet_ids" {
description = "Public subnet IDs"
value = aws_subnet.public[*].id
}
Using Modules
Local Module
module "vpc" {
source = "./modules/vpc"
name = "production-vpc"
cidr_block = "10.0.0.0/16"
public_subnets = [
"10.0.1.0/24",
"10.0.2.0/24",
]
tags = {
Environment = "production"
}
}
# Access module outputs
resource "aws_instance" "web" {
subnet_id = module.vpc.public_subnet_ids[0]
}
Registry Module
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "5.0.0"
name = "my-vpc"
cidr = "10.0.0.0/16"
azs = ["us-east-1a", "us-east-1b"]
private_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
public_subnets = ["10.0.101.0/24", "10.0.102.0/24"]
enable_nat_gateway = true
enable_vpn_gateway = false
}
Git Module
module "vpc" {
source = "git::https://github.com/org/terraform-modules.git//vpc?ref=v1.0.0"
name = "my-vpc"
# ...
}
Module Composition
module "network" {
source = "./modules/network"
name = var.name
}
module "compute" {
source = "./modules/compute"
vpc_id = module.network.vpc_id
subnet_id = module.network.subnet_ids[0]
}
module "database" {
source = "./modules/database"
vpc_id = module.network.vpc_id
subnet_ids = module.network.private_subnet_ids
}
For_each with Modules
variable "applications" {
type = map(object({
instance_type = string
ami_id = string
}))
}
module "application" {
for_each = var.applications
source = "./modules/application"
name = each.key
instance_type = each.value.instance_type
ami_id = each.value.ami_id
}
Count with Modules
module "worker" {
count = var.worker_count
source = "./modules/worker"
name = "worker-${count.index + 1}"
index = count.index
}
Module Best Practices
Version Pinning
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 5.0" # Allow patch updates
}
Input Validation
variable "environment" {
type = string
validation {
condition = contains(["dev", "staging", "prod"], var.environment)
error_message = "Environment must be dev, staging, or prod."
}
}
Output Everything Useful
output "vpc_id" {
value = aws_vpc.main.id
}
output "vpc_cidr" {
value = aws_vpc.main.cidr_block
}
output "subnet_ids" {
value = aws_subnet.main[*].id
}
Use Consistent Naming
variable "name_prefix" {
type = string
}
locals {
name = "${var.name_prefix}-${var.environment}"
}
Publishing Modules
Module Registry Format
terraform-<PROVIDER>-<NAME>
terraform-aws-vpc
terraform-google-network
Semantic Versioning
v1.0.0 - Major release
v1.1.0 - Minor release
v1.1.1 - Patch release