Skip to main content

SOP: Terraform Infrastructure Provisioning

1. Overview

Terraform is used to provision the "hard" infrastructure: Virtual Machines (EC2/VMs), Networking (VPC/VNet), and Managed Storage (S3/EFS).

2. Module Strategy

Shared Modules: We do NOT rewrite Terraform code for every client.
Location: Shared modules live in management-scripts/terraform/.
Usage: Client repositories reference these modules.

3. State Management

Backend: Terraform State (.tfstate) MUST be stored remotely.
- AWS: S3 Bucket + DynamoDB Lock.
- Azure: Blob Storage.
- On-Prem: MinIO or Consul (if available), otherwise Git-encrypted (discouraged).
Isolation: Each client must have its own state file (key).

4. Naming Conventions

Resources must be tagged effectively for cost allocation.

Project: polaris-iac
Client: <client-name>
Environment: prod | staging
ManagedBy: terraform

1. Overview
2. Module Strategy
3. State Management
4. Naming Conventions