Coding Guidelines

Naming Conventions

Resource names

"this" vs. "main"
"aws_vpc" "aws_vpc" {}

Iterations

general.yaml
--- 

project_codename: "buzz"

context.tf
provider "context" {
  properties = {
    project_codename = {}
  }

  property_order = ["project_codename"]

  values = {
    project_codename = local.y.general.project_codename
  }
}

data "context_label" "this" {}

config.tf
locals {
  config = {
    current = module.yaml_current.map_configs
  }
}

module "yaml_current" {
  source  = "cloudposse/config/yaml"
  version = "1.0.2"

  map_config_local_base_path = "../../etc"

  map_config_paths = [
    "buckets.yaml",

    # Overwrite
    "overwrite/${var.region}/${var.environment}.yaml"
  ]
}

buckets.yaml
--- 

buckets:
  images:
    cors:
      hashicorp:
        allowed_headers:
          - "*"
        allowed_methods:
          - "PUT"
          - "POST"
        allowed_origins:
          - "https://s3-website-test.hashicorp.com"
        expose_headers: 
          - "ETag"
        max_age_seconds: 3000
      default:
        allowed_methods:
          - "GET"
        allowed_origins:
          - "*"
  
  uploads:
    cors: {}

# Load objects from YAML to locals for easier usage in iterations
locals {
  buckets_all = local.y.buckets
}

# Crate AWS S3 buckets
resource "aws_s3_bucket" "this" {
  for_each = {
    for bucket_name, bucket in local.buckets_all :
    bucket_name => bucket
  }
  
  bucket = join("-", [local.y.general.project_codename, replace(each.key, "_", "-")])
}

# Create AWS S3 CORS configuration
resource "aws_s3_bucket_cors_configuration" "this" {
  for_each = {
    for item in flatten([
      for bucket_name, bucket in local.buckets_all : [
        for cors_name, cors in bucket.cors : {
          bucket_name = bucket_name,
          bucket      = bucket,
          cors_name   = cors_name,
          cors        = cors
        }
        if cors_name == null
      ]
    ]) :
    join("-", [
      local.y.general.project_codename,
      item.bucket_name,
      item.cors_name
    ]) => item
  }

  bucket = aws_s3_bucket.this[each.value.bucket_name].id

  # Iterate over CORS rules
  dynamic "cors_rule" {
    for_each = each.value.bucket.cors
    content {
      allowed_headers = lookup(cors_rule.value, "allowed_headers", null)
      allowed_methods = lookup(cors_rule.value, "allowed_methods", null)
      allowed_origins = lookup(cors_rule.value, "allowed_origins", null)
      expose_headers  = lookup(cors_rule.value, "expose_headers", null)
      max_age_seconds = lookup(cors_rule.value, "max_age_seconds", null)
    }
  }
}

danger

This code needs to be tested!

Variables

Outputs

Hard-coded Values

Hard-coded values are dangerous

Avoid using hard-coded values. Keep your work agnostic (environment, cloud, customer) wherever possible!

Tagging

See individual providers to see how tagging is done.

DigitalOcean

.gitignore

Lorem ipsum...

Naming Conventions​

Resource names​

Iterations​

Variables​

Outputs​

Hard-coded Values​

Tagging​

.gitignore​