How do I set up Terraform Scaffold for a new AWS project?

Start by bootstrapping with the terraform.sh script using the --bootstrap flag to create an S3 bucket for state storage. Then, organize components and variables in the provided directory structure as per the README.

Can Terraform Scaffold handle multiple AWS accounts automatically?

No, it requires external credential management. You must use tools like AWS CLI to assume roles and set environment variables before running Scaffold, as it doesn't manage credentials internally.

What's better for multi-environment Terraform: Terraform Scaffold or Terragrunt?

Terraform Scaffold focuses on structuring code and state management with predictable S3 backends, while Terragrunt emphasizes DRY code and dependency management. Choose Scaffold for strict organization, Terragrunt for code reuse.

How to manage secrets securely with Terraform Scaffold?

Use the experimental encrypted variables feature with AWS KMS and S3 for basic secrecy, but it's not production-ready. For robust security, integrate AWS Secrets Manager or Parameter Store externally.

Does Terraform Scaffold support Terraform Cloud or remote backends besides S3?

It's primarily designed for S3 backends and may not integrate well with Terraform Cloud. The framework assumes S3 for state storage, limiting compatibility with other remote backends.

How to integrate Terraform Scaffold with a CI/CD pipeline like Jenkins?

Leverage the included Jenkins groovy script in the lib/ directory. Set up pipeline steps to handle AWS credential rotation using STS, then invoke terraform.sh with parameters for plan and apply actions.

tfscaffold — Multi-Env Terraform Framework

What is tfscaffold?

Terraform Scaffold is a framework for managing AWS infrastructure using Terraform across multiple environments and components. It solves the complexity of organizing Terraform code, variables, and state files in large-scale deployments by providing a consistent structure and automation scripts. The framework ensures predictable state storage and variable sharing, making it easier to manage interdependent infrastructure components.

Target Audience

DevOps engineers and infrastructure teams managing multi-account AWS environments with Terraform, particularly those needing consistent state management and variable sharing across components.

Value Proposition

Developers choose Terraform Scaffold for its structured approach to multi-environment Terraform deployments, eliminating ad-hoc state and variable management. Its predictable S3 state file naming and logical variable separation reduce errors and improve collaboration in complex infrastructure setups.

Overview

Terraform Scaffold is a framework designed to manage complex AWS infrastructure across multiple environments and components using Terraform. It provides a structured approach to organizing Terraform code, variables, and state files, ensuring consistency and predictability in deployments.

Key Features

Multi-Component Environment Management — Supports independent components across AWS accounts, sharing environment-specific variables for consistency.
Predictable State File Location — Uses a consistent S3 bucket naming convention for state files, enabling reliable cross-component references via terraform_remote_state.
Logical Variable Separation — Organizes variables into environment, versions, and secret files, separating static definitions from frequently changing values.
Bootstrapping Automation — Includes a bootstrap script to create and manage the S3 bucket used for storing Terraform state files.
Pre/Post Apply Hooks — Allows execution of custom bash scripts (pre_apply.sh and post_apply.sh) before and after Terraform actions.
Encrypted Variables Support — Provides experimental support for storing encrypted secrets in S3 using AWS KMS, keeping sensitive data out of Git repositories.

Philosophy

Terraform Scaffold emphasizes predictability and consistency in managing Terraform deployments, avoiding overly complex credential management in favor of simplicity and wide compatibility with existing AWS authentication methods.

tfscaffold

What is tfscaffold?

Overview

Key Features

Philosophy

Related Projects

Found a gem we're missing?

Use Cases

Best For

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions