Terraform AWS Infrastructure | Google Antigravity Directory

.antigravity

# Terraform AWS Infrastructure

Master infrastructure as code with Terraform and AWS using Google Antigravity IDE. This guide covers module design, state management, and production patterns.

## Why Terraform?

Terraform enables declarative infrastructure management. Google Antigravity IDE's Gemini 3 engine suggests optimal resource configurations and security best practices.

## Project Structure

```
infrastructure/
├── environments/
│   ├── dev/
│   │   ├── main.tf
│   │   ├── variables.tf
│   │   └── terraform.tfvars
│   ├── staging/
│   └── production/
├── modules/
│   ├── vpc/
│   ├── ecs/
│   ├── rds/
│   └── cdn/
└── shared/
    ├── backend.tf
    └── providers.tf
```

## VPC Module

```hcl
# modules/vpc/main.tf
resource "aws_vpc" "main" {
  cidr_block           = var.vpc_cidr
  enable_dns_hostnames = true
  enable_dns_support   = true

  tags = merge(var.tags, {
    Name = "${var.environment}-vpc"
  })
}

resource "aws_subnet" "public" {
  count                   = length(var.availability_zones)
  vpc_id                  = aws_vpc.main.id
  cidr_block              = cidrsubnet(var.vpc_cidr, 4, count.index)
  availability_zone       = var.availability_zones[count.index]
  map_public_ip_on_launch = true

  tags = merge(var.tags, {
    Name = "${var.environment}-public-${count.index + 1}"
    Type = "public"
  })
}

resource "aws_subnet" "private" {
  count             = length(var.availability_zones)
  vpc_id            = aws_vpc.main.id
  cidr_block        = cidrsubnet(var.vpc_cidr, 4, count.index + length(var.availability_zones))
  availability_zone = var.availability_zones[count.index]

  tags = merge(var.tags, {
    Name = "${var.environment}-private-${count.index + 1}"
    Type = "private"
  })
}

resource "aws_internet_gateway" "main" {
  vpc_id = aws_vpc.main.id

  tags = merge(var.tags, {
    Name = "${var.environment}-igw"
  })
}

resource "aws_nat_gateway" "main" {
  count         = var.enable_nat_gateway ? length(var.availability_zones) : 0
  allocation_id = aws_eip.nat[count.index].id
  subnet_id     = aws_subnet.public[count.index].id

  tags = merge(var.tags, {
    Name = "${var.environment}-nat-${count.index + 1}"
  })

  depends_on = [aws_internet_gateway.main]
}

resource "aws_eip" "nat" {
  count  = var.enable_nat_gateway ? length(var.availability_zones) : 0
  domain = "vpc"

  tags = merge(var.tags, {
    Name = "${var.environment}-nat-eip-${count.index + 1}"
  })
}
```

## ECS Module

```hcl
# modules/ecs/main.tf
resource "aws_ecs_cluster" "main" {
  name = "${var.environment}-cluster"

  setting {
    name  = "containerInsights"
    value = "enabled"
  }

  tags = var.tags
}

resource "aws_ecs_cluster_capacity_providers" "main" {
  cluster_name = aws_ecs_cluster.main.name

  capacity_providers = ["FARGATE", "FARGATE_SPOT"]

  default_capacity_provider_strategy {
    base              = 1
    weight            = 100
    capacity_provider = "FARGATE"
  }
}

resource "aws_ecs_task_definition" "app" {
  family                   = "${var.environment}-${var.service_name}"
  network_mode             = "awsvpc"
  requires_compatibilities = ["FARGATE"]
  cpu                      = var.cpu
  memory                   = var.memory
  execution_role_arn       = aws_iam_role.ecs_execution.arn
  task_role_arn           = aws_iam_role.ecs_task.arn

  container_definitions = jsonencode([
    {
      name      = var.service_name
      image     = var.container_image
      essential = true

      portMappings = [
        {
          containerPort = var.container_port
          hostPort      = var.container_port
          protocol      = "tcp"
        }
      ]

      environment = var.environment_variables

      secrets = var.secrets

      logConfiguration = {
        logDriver = "awslogs"
        options = {
          "awslogs-group"         = aws_cloudwatch_log_group.app.name
          "awslogs-region"        = var.region
          "awslogs-stream-prefix" = var.service_name
        }
      }

      healthCheck = {
        command     = ["CMD-SHELL", "curl -f http://localhost:${var.container_port}/health || exit 1"]
        interval    = 30
        timeout     = 5
        retries     = 3
        startPeriod = 60
      }
    }
  ])

  tags = var.tags
}

resource "aws_ecs_service" "app" {
  name            = var.service_name
  cluster         = aws_ecs_cluster.main.id
  task_definition = aws_ecs_task_definition.app.arn
  desired_count   = var.desired_count
  launch_type     = "FARGATE"

  network_configuration {
    subnets          = var.private_subnet_ids
    security_groups  = [aws_security_group.ecs_tasks.id]
    assign_public_ip = false
  }

  load_balancer {
    target_group_arn = aws_lb_target_group.app.arn
    container_name   = var.service_name
    container_port   = var.container_port
  }

  deployment_configuration {
    maximum_percent         = 200
    minimum_healthy_percent = 100
  }

  tags = var.tags
}
```

## Environment Configuration

```hcl
# environments/production/main.tf
terraform {
  required_version = ">= 1.5"

  backend "s3" {
    bucket         = "antigravity-terraform-state"
    key            = "production/terraform.tfstate"
    region         = "us-east-1"
    encrypt        = true
    dynamodb_table = "terraform-locks"
  }
}

module "vpc" {
  source = "../../modules/vpc"

  environment        = "production"
  vpc_cidr          = "10.0.0.0/16"
  availability_zones = ["us-east-1a", "us-east-1b", "us-east-1c"]
  enable_nat_gateway = true

  tags = local.tags
}

module "ecs" {
  source = "../../modules/ecs"

  environment      = "production"
  service_name     = "api"
  container_image  = var.container_image
  container_port   = 3000
  cpu              = 512
  memory           = 1024
  desired_count    = 3
  vpc_id           = module.vpc.vpc_id
  private_subnet_ids = module.vpc.private_subnet_ids

  tags = local.tags
}
```

## Best Practices

- Use modules for reusable infrastructure
- Implement remote state with locking
- Apply least-privilege IAM policies
- Enable encryption at rest and in transit
- Use workspaces for environment separation
- Version control all configurations

Google Antigravity IDE provides Terraform templates and automatically validates your infrastructure configurations.

When to Use This Prompt

This Terraform prompt is ideal for developers working on:

Terraform applications requiring modern best practices and optimal performance
Projects that need production-ready Terraform code with proper error handling
Teams looking to standardize their terraform development workflow
Developers wanting to learn industry-standard Terraform patterns and techniques

By using this prompt, you can save hours of manual coding and ensure best practices are followed from the start. It's particularly valuable for teams looking to maintain consistency across their terraform implementations.

How to Use

Copy the prompt - Click the copy button above to copy the entire prompt to your clipboard
Paste into your AI assistant - Use with Claude, ChatGPT, Cursor, or any AI coding tool
Customize as needed - Adjust the prompt based on your specific requirements
Review the output - Always review generated code for security and correctness

💡 Pro Tip: For best results, provide context about your project structure and any specific constraints or preferences you have.

Best Practices

✓ Always review generated code for security vulnerabilities before deploying
✓ Test the Terraform code in a development environment first
✓ Customize the prompt output to match your project's coding standards
✓ Keep your AI assistant's context window in mind for complex requirements
✓ Version control your prompts alongside your code for reproducibility

Frequently Asked Questions

Can I use this Terraform prompt commercially?

Yes! All prompts on Antigravity AI Directory are free to use for both personal and commercial projects. No attribution required, though it's always appreciated.

Which AI assistants work best with this prompt?

This prompt works excellently with Claude, ChatGPT, Cursor, GitHub Copilot, and other modern AI coding assistants. For best results, use models with large context windows.

How do I customize this prompt for my specific needs?

You can modify the prompt by adding specific requirements, constraints, or preferences. For Terraform projects, consider mentioning your framework version, coding style, and any specific libraries you're using.

Related Prompts

💬 Comments

Loading comments...

# Terraform AWS Infrastructure Master infrastructure as code with Terraform and AWS using Google Antigravity IDE. This guide covers module design, state management, and production patterns. ## Why Terraform? Terraform enables declarative infrastructure management. Google Antigravity IDE's Gemini 3 engine suggests optimal resource configurations and security best practices. ## Project Structure ``` infrastructure/ ├── environments/ │ ├── dev/ │ │ ├── main.tf │ │ ├── variables.tf │ │ └── terraform.tfvars │ ├── staging/ │ └── production/ ├── modules/ │ ├── vpc/ │ ├── ecs/ │ ├── rds/ │ └── cdn/ └── shared/ ├── backend.tf └── providers.tf ``` ## VPC Module ```hcl # modules/vpc/main.tf resource "aws_vpc" "main" { cidr_block = var.vpc_cidr enable_dns_hostnames = true enable_dns_support = true tags = merge(var.tags, { Name = "${var.environment}-vpc" }) } resource "aws_subnet" "public" { count = length(var.availability_zones) vpc_id = aws_vpc.main.id cidr_block = cidrsubnet(var.vpc_cidr, 4, count.index) availability_zone = var.availability_zones[count.index] map_public_ip_on_launch = true tags = merge(var.tags, { Name = "${var.environment}-public-${count.index + 1}" Type = "public" }) } resource "aws_subnet" "private" { count = length(var.availability_zones) vpc_id = aws_vpc.main.id cidr_block = cidrsubnet(var.vpc_cidr, 4, count.index + length(var.availability_zones)) availability_zone = var.availability_zones[count.index] tags = merge(var.tags, { Name = "${var.environment}-private-${count.index + 1}" Type = "private" }) } resource "aws_internet_gateway" "main" { vpc_id = aws_vpc.main.id tags = merge(var.tags, { Name = "${var.environment}-igw" }) } resource "aws_nat_gateway" "main" { count = var.enable_nat_gateway ? length(var.availability_zones) : 0 allocation_id = aws_eip.nat[count.index].id subnet_id = aws_subnet.public[count.index].id tags = merge(var.tags, { Name = "${var.environment}-nat-${count.index + 1}" }) depends_on = [aws_internet_gateway.main] } resource "aws_eip" "nat" { count = var.enable_nat_gateway ? length(var.availability_zones) : 0 domain = "vpc" tags = merge(var.tags, { Name = "${var.environment}-nat-eip-${count.index + 1}" }) } ``` ## ECS Module ```hcl # modules/ecs/main.tf resource "aws_ecs_cluster" "main" { name = "${var.environment}-cluster" setting { name = "containerInsights" value = "enabled" } tags = var.tags } resource "aws_ecs_cluster_capacity_providers" "main" { cluster_name = aws_ecs_cluster.main.name capacity_providers = ["FARGATE", "FARGATE_SPOT"] default_capacity_provider_strategy { base = 1 weight = 100 capacity_provider = "FARGATE" } } resource "aws_ecs_task_definition" "app" { family = "${var.environment}-${var.service_name}" network_mode = "awsvpc" requires_compatibilities = ["FARGATE"] cpu = var.cpu memory = var.memory execution_role_arn = aws_iam_role.ecs_execution.arn task_role_arn = aws_iam_role.ecs_task.arn container_definitions = jsonencode([ { name = var.service_name image = var.container_image essential = true portMappings = [ { containerPort = var.container_port hostPort = var.container_port protocol = "tcp" } ] environment = var.environment_variables secrets = var.secrets logConfiguration = { logDriver = "awslogs" options = { "awslogs-group" = aws_cloudwatch_log_group.app.name "awslogs-region" = var.region "awslogs-stream-prefix" = var.service_name } } healthCheck = { command = ["CMD-SHELL", "curl -f http://localhost:${var.container_port}/health || exit 1"] interval = 30 timeout = 5 retries = 3 startPeriod = 60 } } ]) tags = var.tags } resource "aws_ecs_service" "app" { name = var.service_name cluster = aws_ecs_cluster.main.id task_definition = aws_ecs_task_definition.app.arn desired_count = var.desired_count launch_type = "FARGATE" network_configuration { subnets = var.private_subnet_ids security_groups = [aws_security_group.ecs_tasks.id] assign_public_ip = false } load_balancer { target_group_arn = aws_lb_target_group.app.arn container_name = var.service_name container_port = var.container_port } deployment_configuration { maximum_percent = 200 minimum_healthy_percent = 100 } tags = var.tags } ``` ## Environment Configuration ```hcl # environments/production/main.tf terraform { required_version = ">= 1.5" backend "s3" { bucket = "antigravity-terraform-state" key = "production/terraform.tfstate" region = "us-east-1" encrypt = true dynamodb_table = "terraform-locks" } } module "vpc" { source = "../../modules/vpc" environment = "production" vpc_cidr = "10.0.0.0/16" availability_zones = ["us-east-1a", "us-east-1b", "us-east-1c"] enable_nat_gateway = true tags = local.tags } module "ecs" { source = "../../modules/ecs" environment = "production" service_name = "api" container_image = var.container_image container_port = 3000 cpu = 512 memory = 1024 desired_count = 3 vpc_id = module.vpc.vpc_id private_subnet_ids = module.vpc.private_subnet_ids tags = local.tags } ``` ## Best Practices - Use modules for reusable infrastructure - Implement remote state with locking - Apply least-privilege IAM policies - Enable encryption at rest and in transit - Use workspaces for environment separation - Version control all configurations Google Antigravity IDE provides Terraform templates and automatically validates your infrastructure configurations.