26 lines | 1.3 KB
Raw

AGENTS.md — Terraform

Follow the official HashiCorp Terraform Style Guide.

  • Run terraform fmt and terraform validate before committing.
  • Indent two spaces per level; align = for consecutive single-line arguments.
  • Use # for comments, never // or /* */.
  • Use the standard files: terraform.tf, providers.tf, backend.tf, main.tf, variables.tf, outputs.tf, locals.tf.
  • Keep variables.tf and outputs.tf blocks alphabetical; split large main.tf by logical group (network.tf, compute.tf, storage.tf).
  • Name with snake_case descriptive nouns; don't put the resource type in the name (resource "aws_instance" "web_api").
  • Give every variable and output a type and description; mark secrets sensitive = true.
  • Use variables/locals instead of hardcoded values; use locals sparingly.
  • Argument order: count/for_each, params, blocks, lifecycle, depends_on.
  • Use count for identical resources, for_each when values differ; use both in moderation.
  • Set required_version; pin providers and modules to specific versions.
  • Commit .terraform.lock.hcl.
  • Never commit *.tfstate, .terraform/, plan files, or secret *.tfvars.
  • Keep secrets out of code — use env vars, Vault, or CI secrets.
  • Create modules only for real abstractions, not single-resource wrappers; keep the module tree flat.