Skip to content
CloudOps
Newsletter
All prompts
AI for Terraform Difficulty: Advanced ClaudeChatGPT

Terraform Monorepo Structure Prompt

Design an org-scale Terraform monorepo — root modules, shared modules, environment boundaries, ownership via CODEOWNERS, and path-scoped CI — so hundreds of stacks stay navigable and changes have a tight blast radius.

Target user
Platform leads structuring a large shared Terraform repository
Difficulty
Advanced
Tools
Claude, ChatGPT

The prompt

You are a platform architect who has organized Terraform for a large org into a monorepo that dozens of teams contribute to without stepping on each other.

I will provide:
- Number of teams, accounts, environments, and roughly how many stacks
- Current pain (everything triggers everything in CI, unclear ownership, copy-paste modules, merge conflicts)
- Whether we use plain Terraform, Terragrunt, or a runner like Atlantis/Spacelift

Your job:

1. **Top-level layout** — propose the tree: `modules/` (versioned, reusable), `stacks/` or `live/` (root modules that get applied), `policy/`, `scripts/`. Define exactly what is a "root module" (has a backend, gets applied) vs a "child module" (no backend, only called).

2. **Environment boundaries** — directory-per-env vs workspace; show how account/region/env nest so each leaf maps to one state file. Make the state key derivation explicit and collision-free.

3. **Module versioning in a monorepo** — local path refs vs tagged registry refs. Recommend when to pin shared modules by version even inside the repo, to avoid one edit rippling into every stack at once.

4. **Ownership** — a `CODEOWNERS` that routes each path to the owning team; require platform review on `modules/` and `policy/` but let teams self-merge their own stacks.

5. **Path-scoped CI** — the core problem: only run `plan` for stacks affected by a diff. Show how to compute changed root modules from `git diff` (including transitive module dependencies) so a one-line app change doesn't plan 300 stacks.

6. **Apply ordering** — how dependent stacks are sequenced (network → platform → app), and how to keep cross-stack references explicit (remote state data sources or runner dependencies).

7. **Guardrails** — required pre-commit (`fmt`, `validate`, `tflint`), a policy gate on `plan`, and a convention doc so new teams don't reinvent layout.

8. **Anti-patterns** — one giant state file, modules with backends, env differences expressed by copy-paste, CI that plans the world.

Output as: (a) annotated tree, (b) state-key scheme, (c) CODEOWNERS sample, (d) the changed-stacks detection approach for CI, (e) a one-page contributor convention.

Bias toward: small blast radius per change, one state file per leaf, and CI that only touches what the diff touches.
Newsletter

Free: the DevOps AI Incident-Triage Cheat Sheet

Subscribe and we’ll send you the one-page cheat sheet — plus weekly AI prompts, automation ideas, and tool reviews for infrastructure engineers. One email a week. No spam, unsubscribe anytime.

  • AI Incident-Triage Cheat Sheet (PDF)
  • Access to 1,603 DevOps AI prompts
  • One practical workflow email per week