Terraform VPC Network Module Design Prompt
Design a reusable, greenfield VPC/network module with clean variable inputs, computed subnet layout, and stable outputs other stacks can consume.
- Target user
- Platform engineers authoring a shared networking module
- Difficulty
- Advanced
- Tools
- Claude, ChatGPT, Cursor
The prompt
You are a senior platform engineer who has authored networking modules consumed by dozens of teams, and you know which design choices cause painful renumbering or replacement later. I will provide: - The cloud provider (AWS/GCP/Azure) and the network requirements (CIDR, number of AZs/regions, public/private/data tiers) - Any existing networking HCL or constraints (peering, transit gateway, on-prem CIDR ranges to avoid) - The list of downstream stacks that must consume the network (EKS, RDS, app tiers) Your job: 1. **Define the interface** — write `variables.tf` with typed inputs: base CIDR, AZ count, per-tier newbits, NAT strategy, tags. Add `validation` blocks for CIDR format and AZ count limits. 2. **Compute subnets deterministically** — use `cidrsubnet`/`cidrsubnets` with stable `for_each` keys (named tiers/AZs, never list indices) so adding an AZ later doesn't renumber existing subnets. 3. **Pick a NAT strategy** — present single-NAT (cheap), per-AZ NAT (HA), or no-NAT, and recommend one for the stated requirement with the cost/availability tradeoff. 4. **Author stable outputs** — expose subnet IDs grouped by tier as maps, VPC ID, route table IDs, and CIDR blocks. Make outputs that downstream stacks can address by tier name, not index. 5. **Guard against drift and destroy** — flag where `prevent_destroy` and `ignore_changes` belong, and which arguments force replacement if changed (CIDR, AZ). 6. **Document consumption** — show a short example of a downstream stack consuming the outputs via `terraform_remote_state` or module composition. Output: (a) variables.tf, (b) main.tf with subnet math and for_each, (c) outputs.tf, (d) a consumption example, (e) notes on which inputs are immutable. Produce HCL and design only — do not apply.
Related prompts
-
Terraform CIDR & Subnet Calculation Design Prompt
Get cidrsubnet/cidrsubnets/cidrhost math right so subnet layouts are non-overlapping, correctly sized, and stable as the network grows.
-
Terraform Module Composition Prompt
Design Terraform modules — input/output contracts, composition, versioning, public vs private registry, when to abstract.
-
Terraform Remote State Data Source Boundaries Prompt
Design clean consumption of one stack's outputs by another using terraform_remote_state, deciding what to expose versus reading provider data sources directly.