Table of Contents
This repository gives coding conventions for Terraform's HashiCorp Configuration Language (HCL). Terraform allows infrastructure to be described as code. As such, we should adhere to a style guide to ensure readable and high quality code.
- Strings are in double-quotes.
Use 2 spaces when defining resources except when defining inline policies or other inline resources.
resource "aws_iam_role" "iam_role" {
name = "${var.resource_name}-role"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
EOF
}
Parameter definitions in a resource block should be aligned. The terraform fmt
command can do this for you.
provider "aws" {
access_key = "${var.aws_access_key}"
secret_key = "${var.aws_secret_key}"
region = "us-east-1"
}
When commenting use a hash "#" and a space in front of the comment.
# CREATE ELK IAM ROLE
...
The variables.tf
file should be broken down into three sections with each section arranged alphabetically. Starting at the top of the file:
- Variables that have no defaults defined
- Variables that contain defaults
- All locals blocks
For example:
variable "image_tag" {}
variable "desired_count" {
default = "2"
}
locals {
domain_name = "${data.terraform_remote_state.account.domain_name}"
}
Create a separate resource file for each type of AWS resource. Similar resources should be defined in the same file and named accordingly.
ami.tf
autoscaling_group.tf
cloudwatch.tf
iam.tf
launch_configuration.tf
providers.tf
s3.tf
security_groups.tf
sns.tf
sqs.tf
user_data.sh
variables.tf
Only use an underscore (_
) when naming Terraform resources like TYPE/NAME parameters and variables.
resource "aws_security_group" "security_group" {
...
Only use a hyphen (-
) when naming the component being created.
resource "aws_security_group" "security_group" {
name = "${var.resource_name}-security-group"
...
A resource's NAME should be the same as the TYPE minus the provider.
resource "aws_autoscaling_group" "autoscaling_group" {
...
If there are multiple resources of the same TYPE defined, add a minimalistic identifier to differentiate between the two resources. A blank line should sperate resource definitions contained in the same file.
# Create Data S3 Bucket
resource "aws_s3_bucket" "data_s3_bucket" {
bucket = "${var.environment_name}-data-${var.aws_region}"
acl = "private"
versioning {
enabled = true
}
}
# Create Images S3 Bucket
resource "aws_s3_bucket" "images_s3_bucket" {
bucket = "${var.environment_name}-images-${var.aws_region}"
acl = "private"
}