At DevOpsDays Chicago this year I found myself answering a lot of questions in random hallway talks, which inspired me to have an entire session at IaCConf this year devoted to answering questions from the audience.
- How can I specify the order of resource deletion in Terraform OpenTofu? (I faced issues destroying cloud resources tied to a load balancer.)
- How important is maintaining parity with Terraform to the Open Tofu project?
- How do you handle necessary pre-existing infrastructure (e.g., owning a domain) for automatic certificate validation with ACM or Route 53?
- What are some tips to increasing the efficiency and speed of Terraform OpenTofu planning/apply?
- Can you please suggest some use cases for using Terraform in legacy data centers using hypervisors?
- What is the best practice with cloud accounts for different environments (dev, staging, prep, prod) using a single pipeline—split by environment or create a repo/pipeline per environment?
- What is the target audience for Terraform in Depth? (Could a product manager get something out of it? What about junior engineers and Terraform experts?)
- Can you use multiple workspaces for a single project, and what is the best practice for structuring repositories?
- What are your thoughts on decomposing Terraform projects?
- Do you recommend locking down state files to the CI/CD tools or allowing devs to access them?
- How do you decide when Terraform code complexity is just too great and you have to rethink your code (e.g., variables to toggle things on/off, complex for loops, nested functions, performing string manipulation, etc.)?
These questions and more are answered in my talk, but if you have your own questions not touched on in this video these topics and more are covered very thoroughly in my book Terraform in Depth.