{
"title": "10 Prompts for Terraform and IaC: From Modules to Multi-Cloud",
"content": "## Introduction\n\nInfrastructure as Code (IaC) has transformed how organizations manage cloud resources, and Terraform by HashiCorp remains the leading tool for provisioning infrastructure across AWS, Azure, Google Cloud, and beyond. According to the 2025 State of DevOps Report from Puppet, 78% of organizations now use IaC tools, with Terraform being the most adopted. However, even experienced engineers often struggle with writing maintainable Terraform code that scales across teams and cloud providers. This article provides ten carefully crafted prompts that cover the full spectrum of Terraform use cases — from modular design and remote state management to multi-cloud orchestration. Each prompt includes a practical example and code snippet to help you apply these patterns immediately.\n\n## 1. Designing Reusable Modules\n\nTask: Create a Terraform module that provisions a secure VPC with subnets, route tables, and Internet Gateway, following HashiCorp's module best practices.\n\nPrompt: \"Generate a Terraform module for AWS VPC that accepts input variables for VPC CIDR, environment name, and public subnet CIDRs. The module should output the VPC ID, subnet IDs, and default security group ID. Include a README with usage examples and version constraints.\"\n\nExample result:\nhcl\n# modules/vpc/main.tf\nvariable \"vpc_cidr\" {\n description = \"CIDR block for the VPC\"\n type = string\n}\n\nresource \"aws_vpc\" \"this\" {\n cidr_block = var.vpc_cidr\n tags = {\n Name = \"${var.environment}-vpc\"\n }\n}\n\noutput \"vpc_id\" {\n value = aws_vpc.this.id\n}\n\n\n## 2. Managing Remote State with Backends\n\nTask: Configure Terraform to store state remotely in an S3 bucket with DynamoDB locking, following the official HashiCorp documentation.\n\nPrompt: \"Write a Terraform configuration that uses an S3 backend with DynamoDB for state locking. The backend should be configured via partial configuration and a backend config file for different environments (dev, staging, prod).\"\n\nExample result:\nhcl\n# backend-config/dev.hcl\nbucket = \"mycompany-terraform-state\"\nkey = \"dev/terraform.tfstate\"\nregion = \"us-east-1\"\ndynamodb_table = \"terraform-locks\"\nencrypt = true\n\n\n## 3. Multi-Cloud Provisioning\n\nTask: Deploy a simple web application across AWS and Azure using a single Terraform configuration with provider aliases.\n\nPrompt: \"Create Terraform code that provisions an EC2 instance on AWS and a Virtual Machine on Azure within the same configuration. Use provider aliases to separate resources. Output public IP addresses of both instances.\"\n\nExample result:\nhcl\nprovider \"aws\" {\n alias = \"west\"\n region = \"us-west-2\"\n}\n\nprovider \"azurerm\" {\n features {}\n}\n\nresource \"aws_instance\" \"web\" {\n provider = aws.west\n ami = \"ami-0c55b159cbfafe1f0\"\n instance_type = \"t2.micro\"\n}\n\nresource \"azurerm_linux_virtual_machine\" \"web\" {\n name = \"web-vm\"\n resource_group_name = azurerm_resource_group.rg.name\n location = \"West US\"\n size = \"Standard_B1s\"\n admin_username = \"adminuser\"\n network_interface_ids = [azurerm_network_interface.nic.id]\n}\n\n\n## 4. Dynamic Blocks and Count\n\nTask: Use dynamic blocks to conditionally create multiple security group rules based on a variable list.\n\nPrompt: \"Write a Terraform resource for an AWS security group that uses a dynamic block to iterate over a list of ingress rules. Each rule should specify from_port, to_port, protocol, and cidr_blocks. Include a count parameter for conditional creation.\"\n\nExample result:\nhcl\nvariable \"ingress_rules\" {\n type = list(object({\n from_port = number\n to_port = number\n protocol = string\n cidr_blocks = list(string)\n }))\n default = []\n}\n\nresource \"aws_security_group\" \"example\" {\n name = \"dynamic-sg\"\n description = \"Security group with dynamic rules\"\n vpc_id = aws_vpc.main.id\n\n dynamic \"ingress\" {\n for_each = var.ingress_rules\n content {\n from_port = ingress.value.from_port\n to_port = ingress.value.to_port\n protocol = ingress.value.protocol\n cidr_blocks = ingress.value.cidr_blocks\n }\n }\n}\n\n\n## 5. Terraform Workspaces for Environments\n\nTask: Use Terraform workspaces to manage separate state files for dev, staging, and prod environments.\n\nPrompt: \"Explain how to use Terraform workspaces with a single configuration to deploy the same infrastructure to three environments. Provide commands to create, switch, and apply workspaces, and show how to reference workspace name in resource tags.\"\n\nExample result:\nbash\nterraform workspace new dev\nterraform workspace new staging\nterraform workspace new prod\nterraform workspace select dev\nterraform apply -auto-approve\n\nIn code:\nhcl\nresource \"aws_instance\" \"app\" {\n ami = \"ami-0c55b159cbfafe1f0\"\n instance_type = \"t2.micro\"\n tags = {\n Environment = terraform.workspace\n }\n}\n\n\n## 6. Data Sources and External State\n\nTask: Fetch existing infrastructure data using data sources and combine with resources from a remote state.\n\nPrompt: \"Write Terraform configuration that reads the VPC ID from a remote state file stored in S3, then uses a data source to get the latest Amazon Linux 2 AMI, and creates an EC2 instance referencing both.\"\n\nExample result:\nhcl\ndata \"terraform_remote_state\" \"vpc\" {\n backend = \"s3\"\n config = {\n bucket = \"mycompany-terraform-state\"\n key = \"vpc/terraform.tfstate\"\n region = \"us-east-1\"\n }\n}\n\ndata \"aws_ami\" \"amazon_linux\" {\n most_recent = true\n owners = [\"amazon\"]\n filter {\n name = \"name\"\n values = [\"amzn2-ami-hvm-*-x86_64-gp2\"]\n }\n}\n\nresource \"aws_instance\" \"web\" {\n ami = data.aws_ami.amazon_linux.id\n instance_type = \"t2.micro\"\n subnet_id = data.terraform_remote_state.vpc.outputs.public_subnet_ids[0]\n}\n\n\n## 7. Terraform Modules Registry\n\nTask: Use a module from the Terraform Registry (e.g., from AWS or community) to set up an S3 bucket with encryption and versioning.\n\nPrompt: \"Create a Terraform configuration that uses the official AWS S3 bucket module from the Terraform Registry (registry.terraform.io). Enable versioning, server-side encryption, and block public access. Pin the module version.\"\n\nExample result:\nhcl\nmodule \"s3_bucket\" {\n source = \"terraform-aws-modules/s3-bucket/aws\"\n version = \"3.15.1\"\n\n bucket = \"my-unique-bucket-name-2026\"\n acl = \"private\"\n\n versioning = {\n enabled = true\n }\n\n server_side_encryption_configuration = {\n rule = {\n apply_server_side_encryption_by_default = {\n sse_algorithm = \"AES256\"\n }\n }\n }\n\n block_public_acls = true\n block_public_policy = true\n ignore_public_acls = true\n restrict_public_buckets = true\n}\n\n\n## 8. Terraform with CI/CD Pipeline\n\nTask: Integrate Terraform into a GitHub Actions pipeline for automated plan and apply on pull requests.\n\nPrompt: \"Write a GitHub Actions workflow that runs terraform fmt, terraform init, and terraform plan on pull requests to main branch, and terraform apply on merge to main. Use OIDC to authenticate to AWS.\"\n\nExample result:\nyaml\nname: 'Terraform CI'\non:\n pull_request:\n branches: [main]\n push:\n branches: [main]\n\njobs:\n terraform:\n runs-on: ubuntu-latest\n permissions:\n id-token: write\n contents: read\n steps:\n - uses: actions/checkout@v4\n - uses: hashicorp/setup-terraform@v3\n - name: Configure AWS Credentials\n uses: aws-actions/configure-aws-credentials@v4\n with:\n role-to-assume: arn:aws:iam::123456789012:role/github-actions\n aws-region: us-east-1\n - run: terraform fmt -check\n - run: terraform init\n - run: terraform plan -out=tfplan\n - if: github.ref == 'refs/heads/main'\n run: terraform apply tfplan\n\n\n## 9. Terraform for Kubernetes (EKS)\n\nTask: Create an EKS cluster using the Terraform EKS module from the Registry, with managed node groups and VPC CNI.\n\nPrompt: \"Generate Terraform code that provisions an EKS cluster on AWS using the terraform-aws-modules/eks/aws module. Include a managed node group with t2.medium instances, enable cluster logging, and configure the VPC CNI add-on.\"\n\nExample result:\nhcl\nmodule \"eks\" {\n source = \"terraform-aws-modules/eks/aws\"\n version = \"19.15.1\"\n\n cluster_name = \"my-cluster\"\n cluster_version = \"1.27\"\n\n vpc_id = module.vpc.vpc_id\n subnet_ids = module.vpc.private_subnets\n\n cluster_endpoint_public_access = true\n\n cluster_enabled_log_types = [\"api\", \"audit\", \"authenticator\", \"controllerManager\", \"scheduler\"]\n\n node_groups = {\n main = {\n desired_capacity = 2\n max_capacity = 5\n min_capacity = 1\n\n instance_types = [\"t2.medium\"]\n }\n }\n}\n\n\n## 10. Troubleshooting Terraform State\n\nTask: Safely recover from a corrupted state file or remove a resource from state without destroying it.\n\nPrompt: \"Provide Terraform CLI commands to list resources in state, remove a specific resource from state, import an existing resource, and refresh state. Explain when each command is appropriate.\"\n\nExample result:\nbash\n# List resources\ nterraform state list\n\n# Remove resource from state (not destroy)\nterraform state rm aws_instance.web\n\n# Import existing resource\ nterraform import aws_instance.web i-1234567890abcdef0\n\n# Refresh state\ nterraform refresh\n\n\n## Conclusion\n\nThese ten prompts cover the essential patterns every Terraform practitioner needs — from modular design to multi-cloud deployments and CI/CD integration. By mastering these approaches, you can build infrastructure that is reusable, secure, and maintainable across teams. The official HashiCorp Learn tutorials and Terraform Registry documentation provide deeper dives into each topic. Start by applying the module and remote state patterns, then gradually incorporate workspaces and multi-cloud setups as your infrastructure grows. For more advanced scenarios, explore Terraform Cloud's Sentinel policies and run tasks.",
"excerpt": "A curated collection of 10 Terraform and IaC prompts covering reusable modules, remote state management, multi-cloud orchestration, CI/CD integration, and Kubernetes provisioning. Each prompt includes practical code examples and real-world use cases."
}
Промты для Terraform и IaC: модули, state, multi-cloud
Recent articles
From Pixels to Decisions: Integrating ESP32-CAM (OV2640/OV7670) with ASI Biont for AI-Powered Computer Vision
17 July 2026
Top 12 AI Video Generation Neural Networks: What They Can Do in 2026
17 July 2026
Grafana + ASI Biont: AI Agent for Infrastructure Monitoring Without Code and SQL
17 July 2026
C# and .NET — Microsoft Platform Development: Build Real-World REST APIs with AI-Powered Guidance
17 July 2026
12 Prompts for Code Migration: Python 2→3, JS→TS, REST→GraphQL
17 July 2026
How to Stop Fearing Freelancing: A Review of the 'Freelance — Working for Yourself' Course on Asibiont with AI Learning
17 July 2026
Who Pays for AI Productivity? Why Middle Engineers Are Burning Out
17 July 2026
Prompt Engineering Pro: The Data-Driven Case for Mastering Production Prompts in 2026
17 July 2026
Tax Law of the Russian Federation: How to Master the Tax Code in 3 Weeks with AI and Protect Your Business
17 July 2026
Comments