Terraform Modules

Terraform Module Best Practices

Follow Official Conventions Following official conventions is especially important if the module will ever be published to the terraform module registry. Either way, we suggest following these conventions to create more standardized/portable modules. Use GitHub. For public modules that you intend to publish to the public registry, the module repos must be hosted on GitHub as a public repo. User Proper Naming. Module repository names must follow the terraform-$PROVIDER-$NAME naming convention, where $NAME is a descriptive label for the kind of infrastructure that is provisioned, and $PROVIDER is the primary provider provisioning the infrastructure (e.

Terraform Backup Modules


Terraform AWS EC2 AMI Snapshot GitHub Repo https://github.com/cloudposse/terraform-aws-ec2-ami-snapshot Terraform Module terraform-aws-ec2-ami-snapshot Release Build Status Module usage Create an AWS instance HCL resource "aws_instance" "default" { ami = "ami-408c7f28" instance_type = "t1.micro" tags = { Name = "test1" } } Create AMI from an AWS instance. Instance ID is required.

Terraform CDN Modules

Terraform CI/CD Modules

Terraform Database Modules

Terraform Kubernetes (Kops) Modules


Terraform module to provision an IAM role for external-dns running in a Kops cluster, and attach an IAM policy to the role with permissions to modify Route53 record sets.


Terraform module to lookup an IAM role associated with kops masters, and attach an IAM policy to the role with permissions to modify Route53 record sets.

Terraform Logging Modules

Terraform Monitoring Modules

Terraform Networking Modules


Terraform module that implements “vanity” host names (e.g. brand.com) as ALIAS records to another Route53 DNS resource record (e.g. ELB/ALB, S3 Bucket Endpoint or CloudFront Distribution). Unlike CNAME records, the synthetic ALIAS record works with zone apexes.

Terraform Platform Modules

Terraform Root Modules

Terraform Security Modules


Terraform module to provision an S3 bucket with built-in policy to allow CloudTrail [logs (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-and-data-events-with-cloudtrail.html).


Terraform Module to provision a basic IAM system user suitable for CI/CD Systems (e.g. TravisCI, CircleCI, Codefresh) or systems which are external to AWS that cannot leverage AWS IAM Instance Profiles.

Terraform Supported Modules


Terraform module to provision an S3 bucket to store terraform.tfstate file and a DynamoDB table to lock the state file to prevent concurrent modifications and state corruption.


Terraform module designed to generate consistent label names and tags for resources. Use terraform-null-label to implement a strict naming convention.

Terraform User Data Modules


Terraform AWS User Data Assets GitHub Repo https://github.com/cloudposse/terraform-aws-user-data-assets Terraform Module terraform-aws-user-data-assets Release Build Status


Terraform AWS User Data Cloud GitHub Repo https://github.com/cloudposse/terraform-aws-user-data-cloud Terraform Module terraform-aws-user-data-cloud Release Build Status


Terraform AWS User Data DNS Proxy GitHub Repo https://github.com/cloudposse/terraform-aws-user-data-dns-proxy Terraform Module terraform-aws-user-data-dns-proxy Release Build Status


Terraform AWS User Data resolv.conf GitHub Repo https://github.com/cloudposse/terraform-aws-user-data-resolv-conf Terraform Module terraform-aws-user-data-resolv-conf Release Build Status


Terraform AWS Use Data S3 Backend GitHub Repo https://github.com/cloudposse/terraform-aws-user-data-s3-backend Terraform Module terraform-aws-user-data-s3-backend Release Build Status


Terraform Template User Data DBA GitHub Repo https://github.com/cloudposse/terraform-aws-user-data-dba Terraform Module terraform-template-user-data-dba Release Build Status