Documentation
⌘K
Structuring Infrastructure Code
InfraDots runs Terraform or OpenTofu; your repo is standard .tf (and optionally .tfvars, modules). Use required_version in a terraform {} block so everyone—and InfraDots—uses the same engine and version. See Terraform & OpenTofu basics for core concepts.
Small Infrastructure Footprints
A general rule in structuring your code we tend to recommend for small infrastructure footprints:
- Single repo
- Division into separate files by types
Example project layout:
my-infra/
├── main.tf # Provider config and backend
├── iam.tf # IAM roles and policies
├── s3.tf # S3 buckets and policies
├── instances.tf # EC2 instances
├── networking.tf # VPC, subnets, security groups
├── variables.tf # Input variable declarations
├── outputs.tf # Output values
└── terraform.tfvars # Variable values (do not commit secrets)
A typical main.tf for this setup:
terraform {
required_version = ">= 1.5.0"
# InfraDots injects the remote backend for runs in the platform.
# For local CLI use with InfraDots state, configure backend "remote" with your hostname/org/workspace.
backend "remote" {
organization = "my-org"
}
}
provider "aws" {
region = var.region
}
Large Infrastructure Footprints
Separate your code into workspaces for components that will generate a lot of resources. Further separation can be done per workspace and per environment:
infra/
├── bootstrap/ # Main workspace for bootstrapping
│ ├── main.tf
│ └── outputs.tf
├── iam/ # IAM workspace - one per env
│ ├── main.tf
│ ├── roles.tf
│ └── policies.tf
├── storage/ # Buckets workspace - one per env
│ ├── main.tf
│ └── buckets.tf
└── compute/ # Compute workspace - one per env
├── main.tf
├── instances.tf
└── autoscaling.tf
- Buckets and bucket related policies — one workspace per env
- IAM users and permissions — one workspace per env
- Main workspace for bootstrapping the rest of the workspaces
💡 Tip
[!tip] Use the InfraDots Terraform provider to manage workspaces programmatically and keep your workspace configuration as code.