A comprehensive collection of reusable Terraform modules for multi-cloud infrastructure provisioning. This repository follows industry best practices and supports multi-region and multi-account deployments.
- AWS - Amazon Web Services modules
- GCP - Google Cloud Platform modules
- Kubernetes - Kubernetes resource modules
.
βββ aws/
β βββ vpc/ β
Complete - Multi-AZ VPC with NAT Gateway
β βββ ec2/ π§ Planned
β βββ eks/ π§ Planned
β βββ sqs/ π§ Planned
β βββ event-bus/ π§ Planned
β βββ lambda/ π§ Planned
β βββ dynamo/ π§ Planned
β βββ rds/ π§ Planned
β βββ event-rules/ π§ Planned
β βββ elasticache/ π§ Planned
β βββ ecr/ π§ Planned
β βββ parameter-store/ π§ Planned
β βββ cloudwatch/ π§ Planned
β βββ s3/ π§ Planned
βββ gcp/
β βββ vpc/ β
Complete - Global VPC with Cloud NAT
β βββ cloud-functions/ β
Complete - Gen 2 Functions
β βββ compute-engine/ π§ Planned
β βββ gke/ π§ Planned
β βββ pubsub/ π§ Planned
β βββ cloud-storage/ π§ Planned
β βββ [Other modules] π§ Planned
βββ kubernetes/
β βββ [K8s modules] π§ Planned
βββ TEMPLATES/
βββ module-template β
Complete base template
| Module | Status | Description | Features |
|---|---|---|---|
| vpc | β Complete | Multi-AZ VPC with complete networking | Public/private subnets, NAT Gateway, IGW, VPC Flow Logs, VPC Endpoints, Multi-region replication |
| Module | Status | Description | Features |
|---|---|---|---|
| vpc | β Complete | Global VPC with regional subnets | Cloud NAT, Firewall Rules, VPC Peering, Flow Logs, Secondary IP ranges (GKE), Multi-project replication |
| cloud-functions | β Complete | Serverless functions (Gen 2) | HTTP/Event triggers, VPC Connector, Secret Manager, Auto-scaling, Multi-region replication |
- Multi-Region Support - Deploy resources across multiple AWS/GCP regions
- Multi-Account/Multi-Project Support - Cross-account/project resource provisioning
- Replication Patterns - Built-in replication support for stateful services and disaster recovery
- Best Practices - Following Terraform and cloud provider best practices
- Comprehensive Documentation - Each module includes detailed README with examples
- Modern Terraform - Built for Terraform 1.8+ with optional() types and advanced validations
- Terraform >= 1.8.0
- Provider-specific CLI tools (aws-cli, gcloud, kubectl)
- Appropriate cloud credentials configured
module "vpc" {
source = "./aws/vpc"
vpc_name = "production-vpc"
cidr_block = "10.0.0.0/16"
environment = "production"
tags = {
Project = "MyProject"
Team = "Platform"
}
}# Primary region
module "s3_primary" {
source = "./aws/s3"
bucket_name = "my-app-data"
environment = "production"
with_replication = true
replication_region = "us-west-2"
providers = {
aws.primary = aws.us-east-1
aws.destination = aws.us-west-2
}
}# Cross-account setup
module "lambda_cross_account" {
source = "./aws/lambda"
function_name = "cross-account-processor"
destination_account_id = "123456789012"
providers = {
aws.source = aws.main-account
aws.destination = aws.secondary-account
}
}All modules in this repository follow these standards:
main.tf- Primary resource definitionsvariables.tf- Input variable declarations with descriptionsoutputs.tf- Output value definitionsversions.tf- Terraform and provider version constraintsREADME.md- Module documentation with examplesdata.tf- (Optional) Data source lookupslocals.tf- (Optional) Local values and computationsiam.tf- (Optional) IAM roles and policiesexamples/- (Optional) Example configurations
enable_*- Boolean flags for feature toggles (e.g.,enable_logging)with_*- Configuration enablement (e.g.,with_replication)is_*- State checks (e.g.,is_production)- Use
snake_casefor all variable names - Provide descriptions and types for all variables
- Set sensible defaults for optional variables
All modules support consistent tagging:
tags = {
Name = "\${var.resource_name}-\${var.environment}"
Environment = var.environment
ManagedBy = "Terraform"
Module = "module-name"
}Each module can be tested using the examples provided:
cd aws/vpc/examples/basic
terraform init
terraform plan
terraform apply
terraform destroyWhen creating new modules:
- Use the templates in
TEMPLATES/as a starting point - Follow the module standards outlined above
- Include comprehensive README.md with:
- Description
- Usage examples
- Input variables table
- Output values table
- Requirements
- Add examples in
examples/directory - Test the module before committing
- Run
terraform fmt -recursiveto format code
# Create new module from template
cp -r TEMPLATES/module-template aws/new-service
# Develop your module
cd aws/new-service
# Edit main.tf, variables.tf, outputs.tf, etc.
# Format code
terraform fmt -recursive
# Validate
terraform validate
# Test with example
cd examples/basic
terraform init
terraform planAll modules specify minimum versions:
terraform {
required_version = ">= 1.8.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 5.0"
}
}
}- Never commit sensitive data (
.tfvars, state files) - Use AWS Secrets Manager or Parameter Store for secrets
- Enable encryption at rest for all stateful services
- Implement least-privilege IAM policies
- Use private subnets for workloads
- Enable logging and monitoring
resource "aws_s3_bucket" "replica" {
count = var.with_replication ? 1 : 0
# ...
}dynamic "encryption" {
for_each = var.enable_encryption ? [1] : []
content {
# encryption configuration
}
}locals {
default_tags = {
ManagedBy = "Terraform"
Environment = var.environment
}
}
tags = merge(local.default_tags, var.tags)- Terraform AWS Provider: https://registry.terraform.io/providers/hashicorp/aws/latest/docs
- Terraform GCP Provider: https://registry.terraform.io/providers/hashicorp/google/latest/docs
- Terraform Kubernetes Provider: https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs
This repository contains infrastructure code modules for internal use.