Terraform provides a modular approach to managing infrastructure by allowing users to define reusable modules or simple resource blocks. But when should you create a Terraform module, and when is it more appropriate to use resource blocks? In this blog post, we will explore this question and provide examples from Azure to help you make the right decision for your infrastructure management needs.

Prerequisites:

  • A basic understanding of Terraform and Infrastructure as Code
  • Familiarity with Azure cloud services

When to Create a Terraform Module:

Creating a Terraform module is beneficial when you have a complex or reusable infrastructure component that you want to manage efficiently. A module is a collection of resources and configurations that can be easily shared and reused across multiple environments, projects, or teams.

  1. Azure Key Vault with Private Endpoints:

An Azure Key Vault module with private endpoints is a great example of when to create a Terraform module. Key Vault is a service used to store and manage secrets, keys, and certificates securely. Adding private endpoints to the Key Vault ensures secure and private access over a virtual network. Since the configuration of Key Vault and private endpoints can be complex and is often reused in multiple environments, creating a module is a good choice.

  1. Azure Storage Account with Private Endpoints:

Another example is an Azure Storage Account module with private endpoints. Storage accounts are used to store and manage data in Azure. They can store blobs, files, tables, and queues. Private endpoints provide secure access to the storage account over a virtual network. Like the Key Vault example, the configuration can be complex and is frequently reused, making a module an efficient approach.

When to Use Resource Blocks:

Resource blocks are best suited for simple or one-off infrastructure components that do not require a lot of customization or reusability. Resource blocks are also useful for smaller projects or when you are just starting to build your infrastructure with Terraform.

  1. Azure App Service Plan:

An example of when to use resource blocks is when creating an Azure App Service Plan. App Service Plans define the resources and features available for your web apps in Azure. They are relatively simple to configure and usually do not require a lot of customization. In this case, using resource blocks is more appropriate than creating a module.

Example:

provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "example" {
  name     = "example-resources"
  location = "West Europe"
}

resource "azurerm_service_plan" "example" {
  name                = "example"
  resource_group_name = azurerm_resource_group.example.name
  location            = azurerm_resource_group.example.location
  os_type             = "Linux"
  sku_name            = "P1v2"
}

Conclusion:

Deciding whether to create a Terraform module or use resource blocks depends on the complexity, reusability, and customization needs of your infrastructure components. For complex and reusable components like Azure Key Vault or Storage Account with private endpoints, creating a Terraform module is an efficient approach. On the other hand, for simpler components like Azure App Service Plans, using resource blocks is more appropriate.

By understanding the differences between modules and resource blocks and when to use each, you can create a more efficient and manageable infrastructure codebase that suits your needs.