Konvencija o imenovanjima
Ne bi trebao postojati razlog da pratite samo jednu konvenciju :)
Budite svjesni cinjenice da cloud resursi cesto imaju ogranicenja u dozvoljenim imenima. Neki resursi, npr: ne mogu sadrzavati srednju crtu u imenu. Konvencija u ovoj knizi se odnonosi samo na imenovanje unutar Terrafroma
- 1.Koristite
_(donja crta) umjesto-(srednje crte) na svim mjestima (za imena resursa, imena izvora podataka, imena varijabli, izlaznih vrijednosti itd). - 2.Preferirajte upotrebu malih slova i brojeva (iako je UTF-8 podrzan).
- 1.Ne ponavaljajte tip resursa u imenima resursa (u dijelovima ili kompletno):
`resource "aws_route_table" "public" {}`
`resource "aws_route_table" "public_route_table" {}`
`resource "aws_route_table" "public_aws_route_table" {}`
- 1.Ime resrusa treba biti imenovano sa
thisako nema neko vise opisujuce ili generalnije ime, ili ako resurs modul kreira jedan resurs tog tipa (npr, u AWS VPC modulu postoji jedan resurs tipaaws_nat_gatewayi vise resursa tipaaws_route_table, tako biaws_nat_gatewaytrebao biti imenovanthisaaws_route_tabletreba da ima bolje opisujuce ime - kaoprivate,public,database). - 2.Uvijek koristite imenice u jednini za imena.
- 3.Koristite
-unutar vrijednosti argumenata i na mjestima gdje ce vrijednosti biti izlozene ljudima (npr, unutar DNS imena RDS instance). - 4.Ukljucite argument
count/for_eachunutar resursa ili blokova izvora podataka kao prvi argument na vrhu i razdvojite novim redom nakon toga. - 5.Ukljucite argument
tags,ako je podrzano od strane resursa, kao zadnji pravi argument pracen sadepends_onilifecycle, ako je neophodno. Sve ovo bi trebalo biti razdvojeno sa jednim praznim redom. - 6.Kada koristite uslove unutar argumenta
count/for_eachpraktikujte booelan vrijednosti (true/false) umjesto koristenjalengthili drugih izraza.
main.tf
resource "aws_route_table" "public" {
count = 2
vpc_id = "vpc-12345678"
# ... remaining arguments omitted
}
resource "aws_route_table" "private" {
for_each = toset(["one", "two"])
vpc_id = "vpc-12345678"
# ... remaining arguments omitted
}
main.tf
resource "aws_route_table" "public" {
vpc_id = "vpc-12345678"
count = 2
# ... remaining arguments omitted
}
main.tf
resource "aws_nat_gateway" "this" {
count = 2
allocation_id = "..."
subnet_id = "..."
tags = {
Name = "..."
}
depends_on = [aws_internet_gateway.this]
lifecycle {
create_before_destroy = true
}
}
main.tf
resource "aws_nat_gateway" "this" {
count = 2
tags = "..."
depends_on = [aws_internet_gateway.this]
lifecycle {
create_before_destroy = true
}
allocation_id = "..."
subnet_id = "..."
}
outputs.tf
resource "aws_nat_gateway" "that" { # Best
count = var.create_public_subnets ? 1 : 0
}
resource "aws_nat_gateway" "this" { # Good
count = length(var.public_subnets) > 0 ? 1 : 0
}
- 1.Don't reinvent the wheel in resource modules: use
name,description, anddefaultvalue for variables as defined in the "Argument Reference" section for the resource you are working with. - 2.Support for validation in variables is rather limited (e.g. can't access other variables or do lookups). Plan accordingly because in many cases this feature is useless.
- 3.Use the plural form in a variable name when type is
list(...)ormap(...). - 4.Order keys in a variable block like this:
description,type,default,validation. - 5.Always include
descriptionon all variables even if you think it is obvious (you will need it in the future). - 6.Prefer using simple types (
number,string,list(...),map(...),any) over specific type likeobject()unless you need to have strict constraints on each key. - 7.Use specific types like
map(map(string))if all elements of the map have the same type (e.g.string) or can be converted to it (e.g.numbertype can be converted tostring). - 8.Use type
anyto disable type validation starting from a certain depth or when multiple types should be supported. - 9.Value
{}is sometimes a map but sometimes an object. Usetomap(...)to make a map because there is no way to make an object.
Make outputs consistent and understandable outside of its scope (when a user is using a module it should be obvious what type and attribute of the value it returns).
- 1.The name of output should describe the property it contains and be less free-form than you would normally want.
- 2.Good structure for the name of output looks like
{name}_{type}_{attribute}, where:- 1.
{name}is a resource or data source name without a provider prefix.{name}foraws_subnetissubnet, foraws_vpcit isvpc. - 2.
{type}is a type of a resource sources - 3.
{attribute}is an attribute returned by the output - 4.
- 3.If the output is returning a value with interpolation functions and multiple resources,
{name}and{type}there should be as generic as possible (thisas prefix should be omitted). See example. - 4.
- 5.Always include
descriptionfor all outputs even if you think it is obvious. - 6.Avoid setting
sensitiveargument unless you fully control usage of this output in all places in all modules. - 7.Prefer
try()(available since Terraform 0.13) overelement(concat(...))(legacy approach for the version before 0.13)
Return at most one ID of security group:
outputs.tf
output "security_group_id" {
description = "The ID of the security group"
value = try(aws_security_group.this[0].id, aws_security_group.name_prefix[0].id, "")
}
When having multiple resources of the same type,
this should be omitted in the name of output:outputs.tf
output "this_security_group_id" {
description = "The ID of the security group"
value = element(concat(coalescelist(aws_security_group.this.*.id, aws_security_group.web.*.id), [""]), 0)
}
outputs.tf
output "rds_cluster_instance_endpoints" {
description = "A list of all cluster instance endpoints"
value = aws_rds_cluster_instance.this.*.endpoint
}
Last modified 4mo ago