Build Phase
The Build phase organizes and structures IaC into a repository model that enforces consistency.
Core Concepts
- Repository Structure: Organized into
modules/,solutions/, anddeployments/directories - Solutions enforce consistency across services by explicitly defining constraints
Example Repository Structure
your-idlc-repo/
├── modules/
│ ├── s3/
│ │ └── bucket/
│ │ ├── main.tf
│ │ ├── variables.tf
│ │ ├── outputs.tf
│ │ └── versions.tf
│ ├── rds/
│ │ ├── postgres-database/
│ │ ├── parameter-group/
│ │ └── alarms/
│ └── eks/
│ ├── cluster/
│ ├── karpenter/
│ └── irsa/
├── solutions/
│ ├── my-app/
│ │ ├── main.tf # Composes modules
│ │ ├── variables.tf # Only what varies
│ │ └── outputs.tf
│ └── my-database/
│ ├── main.tf
│ └── variables.tf
└── deployments/
├── region-1/
│ ├── stage/
│ │ └── my-app/
│ │ └── terragrunt.hcl
│ └── production/
│ ├── root.hcl
│ └── my-app/
│ └── terragrunt.hcl
└── region-2/
└── production/
└── my-app/
└── terragrunt.hcl
Module File Convention
Every module should contain:
| File | Purpose |
|---|---|
main.tf |
Resource definitions |
variables.tf |
Input variables with validation |
outputs.tf |
Output values |
versions.tf |
Provider and Terraform version constraints |
README.md |
Auto-generated by terraform-docs |
CHANGELOG.md |
Auto-generated by release-please |
Best Practices
- Use clear, consistent naming for directories and modules
- Enforce non-configurable defaults in solutions (security, policies)
- Keep modules focused on a single responsibility
- Use
versions.tfto pin provider versions
Build is about structure and enforcement. A well-organized repository makes the Code and Deploy phases significantly easier.