Terraform Infrastructure as Code | Google Antigravity Directory

.antigravity

# Terraform Infrastructure as Code for Google Antigravity

Terraform enables declarative infrastructure management. This guide covers Terraform patterns optimized for Google Antigravity IDE and Gemini 3 development.

## Project Structure

```
infrastructure/
├── environments/
│   ├── dev/
│   │   ├── main.tf
│   │   ├── variables.tf
│   │   └── terraform.tfvars
│   ├── staging/
│   └── production/
├── modules/
│   ├── vpc/
│   ├── eks/
│   ├── rds/
│   └── s3/
├── backend.tf
└── versions.tf
```

## AWS VPC Module

```hcl
# modules/vpc/main.tf
variable "name" {
  description = "VPC name"
  type        = string
}

variable "cidr" {
  description = "VPC CIDR block"
  type        = string
  default     = "10.0.0.0/16"
}

variable "azs" {
  description = "Availability zones"
  type        = list(string)
}

variable "private_subnets" {
  description = "Private subnet CIDRs"
  type        = list(string)
}

variable "public_subnets" {
  description = "Public subnet CIDRs"
  type        = list(string)
}

variable "tags" {
  description = "Resource tags"
  type        = map(string)
  default     = {}
}

resource "aws_vpc" "main" {
  cidr_block           = var.cidr
  enable_dns_hostnames = true
  enable_dns_support   = true

  tags = merge(var.tags, {
    Name = var.name
  })
}

resource "aws_internet_gateway" "main" {
  vpc_id = aws_vpc.main.id

  tags = merge(var.tags, {
    Name = "${var.name}-igw"
  })
}

resource "aws_subnet" "public" {
  count                   = length(var.public_subnets)
  vpc_id                  = aws_vpc.main.id
  cidr_block              = var.public_subnets[count.index]
  availability_zone       = var.azs[count.index]
  map_public_ip_on_launch = true

  tags = merge(var.tags, {
    Name = "${var.name}-public-${var.azs[count.index]}"
    Type = "public"
  })
}

resource "aws_subnet" "private" {
  count             = length(var.private_subnets)
  vpc_id            = aws_vpc.main.id
  cidr_block        = var.private_subnets[count.index]
  availability_zone = var.azs[count.index]

  tags = merge(var.tags, {
    Name = "${var.name}-private-${var.azs[count.index]}"
    Type = "private"
  })
}

resource "aws_eip" "nat" {
  count  = length(var.azs)
  domain = "vpc"

  tags = merge(var.tags, {
    Name = "${var.name}-nat-eip-${var.azs[count.index]}"
  })
}

resource "aws_nat_gateway" "main" {
  count         = length(var.azs)
  allocation_id = aws_eip.nat[count.index].id
  subnet_id     = aws_subnet.public[count.index].id

  tags = merge(var.tags, {
    Name = "${var.name}-nat-${var.azs[count.index]}"
  })
}

output "vpc_id" {
  value = aws_vpc.main.id
}

output "private_subnet_ids" {
  value = aws_subnet.private[*].id
}

output "public_subnet_ids" {
  value = aws_subnet.public[*].id
}
```

## RDS Database Module

```hcl
# modules/rds/main.tf
variable "identifier" {
  type = string
}

variable "engine_version" {
  type    = string
  default = "15.4"
}

variable "instance_class" {
  type    = string
  default = "db.t3.medium"
}

variable "allocated_storage" {
  type    = number
  default = 20
}

variable "database_name" {
  type = string
}

variable "username" {
  type = string
}

variable "vpc_id" {
  type = string
}

variable "subnet_ids" {
  type = list(string)
}

variable "allowed_security_groups" {
  type = list(string)
}

resource "random_password" "master" {
  length  = 32
  special = false
}

resource "aws_db_subnet_group" "main" {
  name       = "${var.identifier}-subnet-group"
  subnet_ids = var.subnet_ids

  tags = {
    Name = "${var.identifier}-subnet-group"
  }
}

resource "aws_security_group" "rds" {
  name        = "${var.identifier}-rds-sg"
  description = "Security group for RDS"
  vpc_id      = var.vpc_id

  ingress {
    from_port       = 5432
    to_port         = 5432
    protocol        = "tcp"
    security_groups = var.allowed_security_groups
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

resource "aws_db_instance" "main" {
  identifier           = var.identifier
  engine               = "postgres"
  engine_version       = var.engine_version
  instance_class       = var.instance_class
  allocated_storage    = var.allocated_storage
  storage_type         = "gp3"
  storage_encrypted    = true
  db_name              = var.database_name
  username             = var.username
  password             = random_password.master.result
  db_subnet_group_name = aws_db_subnet_group.main.name
  vpc_security_group_ids = [aws_security_group.rds.id]
  skip_final_snapshot  = false
  final_snapshot_identifier = "${var.identifier}-final-snapshot"
  backup_retention_period = 7
  multi_az             = true
  deletion_protection  = true

  tags = {
    Name = var.identifier
  }
}

resource "aws_secretsmanager_secret" "db_credentials" {
  name = "${var.identifier}-db-credentials"
}

resource "aws_secretsmanager_secret_version" "db_credentials" {
  secret_id = aws_secretsmanager_secret.db_credentials.id
  secret_string = jsonencode({
    username = var.username
    password = random_password.master.result
    host     = aws_db_instance.main.address
    port     = aws_db_instance.main.port
    database = var.database_name
  })
}

output "endpoint" {
  value = aws_db_instance.main.endpoint
}

output "secret_arn" {
  value = aws_secretsmanager_secret.db_credentials.arn
}
```

## Environment Configuration

```hcl
# environments/production/main.tf
terraform {
  backend "s3" {
    bucket         = "my-terraform-state"
    key            = "production/terraform.tfstate"
    region         = "us-east-1"
    encrypt        = true
    dynamodb_table = "terraform-locks"
  }
}

provider "aws" {
  region = var.aws_region

  default_tags {
    tags = {
      Environment = "production"
      ManagedBy   = "terraform"
      Project     = var.project_name
    }
  }
}

module "vpc" {
  source = "../../modules/vpc"

  name            = "${var.project_name}-${var.environment}"
  cidr            = var.vpc_cidr
  azs             = var.availability_zones
  private_subnets = var.private_subnet_cidrs
  public_subnets  = var.public_subnet_cidrs
}

module "rds" {
  source = "../../modules/rds"

  identifier              = "${var.project_name}-${var.environment}"
  database_name           = var.database_name
  username                = var.database_username
  vpc_id                  = module.vpc.vpc_id
  subnet_ids              = module.vpc.private_subnet_ids
  allowed_security_groups = [module.eks.node_security_group_id]
}
```

## Best Practices

1. **State Management**: Use remote state with locking
2. **Modules**: Create reusable modules for common resources
3. **Variables**: Use variables for environment-specific values
4. **Outputs**: Export important values for other configurations
5. **Secrets**: Never commit secrets; use AWS Secrets Manager
6. **Workspaces**: Use workspaces or separate directories per environment

Google Antigravity's Gemini 3 can generate Terraform configurations from architecture descriptions and help optimize resource definitions.

When to Use This Prompt

This Terraform prompt is ideal for developers working on:

Terraform applications requiring modern best practices and optimal performance
Projects that need production-ready Terraform code with proper error handling
Teams looking to standardize their terraform development workflow
Developers wanting to learn industry-standard Terraform patterns and techniques

By using this prompt, you can save hours of manual coding and ensure best practices are followed from the start. It's particularly valuable for teams looking to maintain consistency across their terraform implementations.

How to Use

Copy the prompt - Click the copy button above to copy the entire prompt to your clipboard
Paste into your AI assistant - Use with Claude, ChatGPT, Cursor, or any AI coding tool
Customize as needed - Adjust the prompt based on your specific requirements
Review the output - Always review generated code for security and correctness

💡 Pro Tip: For best results, provide context about your project structure and any specific constraints or preferences you have.

Best Practices

✓ Always review generated code for security vulnerabilities before deploying
✓ Test the Terraform code in a development environment first
✓ Customize the prompt output to match your project's coding standards
✓ Keep your AI assistant's context window in mind for complex requirements
✓ Version control your prompts alongside your code for reproducibility

Frequently Asked Questions

Can I use this Terraform prompt commercially?

Yes! All prompts on Antigravity AI Directory are free to use for both personal and commercial projects. No attribution required, though it's always appreciated.

Which AI assistants work best with this prompt?

This prompt works excellently with Claude, ChatGPT, Cursor, GitHub Copilot, and other modern AI coding assistants. For best results, use models with large context windows.

How do I customize this prompt for my specific needs?

You can modify the prompt by adding specific requirements, constraints, or preferences. For Terraform projects, consider mentioning your framework version, coding style, and any specific libraries you're using.

Related Prompts

💬 Comments

Loading comments...

# Terraform Infrastructure as Code for Google Antigravity Terraform enables declarative infrastructure management. This guide covers Terraform patterns optimized for Google Antigravity IDE and Gemini 3 development. ## Project Structure ``` infrastructure/ ├── environments/ │ ├── dev/ │ │ ├── main.tf │ │ ├── variables.tf │ │ └── terraform.tfvars │ ├── staging/ │ └── production/ ├── modules/ │ ├── vpc/ │ ├── eks/ │ ├── rds/ │ └── s3/ ├── backend.tf └── versions.tf ``` ## AWS VPC Module ```hcl # modules/vpc/main.tf variable "name" { description = "VPC name" type = string } variable "cidr" { description = "VPC CIDR block" type = string default = "10.0.0.0/16" } variable "azs" { description = "Availability zones" type = list(string) } variable "private_subnets" { description = "Private subnet CIDRs" type = list(string) } variable "public_subnets" { description = "Public subnet CIDRs" type = list(string) } variable "tags" { description = "Resource tags" type = map(string) default = {} } resource "aws_vpc" "main" { cidr_block = var.cidr enable_dns_hostnames = true enable_dns_support = true tags = merge(var.tags, { Name = var.name }) } resource "aws_internet_gateway" "main" { vpc_id = aws_vpc.main.id tags = merge(var.tags, { Name = "${var.name}-igw" }) } resource "aws_subnet" "public" { count = length(var.public_subnets) vpc_id = aws_vpc.main.id cidr_block = var.public_subnets[count.index] availability_zone = var.azs[count.index] map_public_ip_on_launch = true tags = merge(var.tags, { Name = "${var.name}-public-${var.azs[count.index]}" Type = "public" }) } resource "aws_subnet" "private" { count = length(var.private_subnets) vpc_id = aws_vpc.main.id cidr_block = var.private_subnets[count.index] availability_zone = var.azs[count.index] tags = merge(var.tags, { Name = "${var.name}-private-${var.azs[count.index]}" Type = "private" }) } resource "aws_eip" "nat" { count = length(var.azs) domain = "vpc" tags = merge(var.tags, { Name = "${var.name}-nat-eip-${var.azs[count.index]}" }) } resource "aws_nat_gateway" "main" { count = length(var.azs) allocation_id = aws_eip.nat[count.index].id subnet_id = aws_subnet.public[count.index].id tags = merge(var.tags, { Name = "${var.name}-nat-${var.azs[count.index]}" }) } output "vpc_id" { value = aws_vpc.main.id } output "private_subnet_ids" { value = aws_subnet.private[*].id } output "public_subnet_ids" { value = aws_subnet.public[*].id } ``` ## RDS Database Module ```hcl # modules/rds/main.tf variable "identifier" { type = string } variable "engine_version" { type = string default = "15.4" } variable "instance_class" { type = string default = "db.t3.medium" } variable "allocated_storage" { type = number default = 20 } variable "database_name" { type = string } variable "username" { type = string } variable "vpc_id" { type = string } variable "subnet_ids" { type = list(string) } variable "allowed_security_groups" { type = list(string) } resource "random_password" "master" { length = 32 special = false } resource "aws_db_subnet_group" "main" { name = "${var.identifier}-subnet-group" subnet_ids = var.subnet_ids tags = { Name = "${var.identifier}-subnet-group" } } resource "aws_security_group" "rds" { name = "${var.identifier}-rds-sg" description = "Security group for RDS" vpc_id = var.vpc_id ingress { from_port = 5432 to_port = 5432 protocol = "tcp" security_groups = var.allowed_security_groups } egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } } resource "aws_db_instance" "main" { identifier = var.identifier engine = "postgres" engine_version = var.engine_version instance_class = var.instance_class allocated_storage = var.allocated_storage storage_type = "gp3" storage_encrypted = true db_name = var.database_name username = var.username password = random_password.master.result db_subnet_group_name = aws_db_subnet_group.main.name vpc_security_group_ids = [aws_security_group.rds.id] skip_final_snapshot = false final_snapshot_identifier = "${var.identifier}-final-snapshot" backup_retention_period = 7 multi_az = true deletion_protection = true tags = { Name = var.identifier } } resource "aws_secretsmanager_secret" "db_credentials" { name = "${var.identifier}-db-credentials" } resource "aws_secretsmanager_secret_version" "db_credentials" { secret_id = aws_secretsmanager_secret.db_credentials.id secret_string = jsonencode({ username = var.username password = random_password.master.result host = aws_db_instance.main.address port = aws_db_instance.main.port database = var.database_name }) } output "endpoint" { value = aws_db_instance.main.endpoint } output "secret_arn" { value = aws_secretsmanager_secret.db_credentials.arn } ``` ## Environment Configuration ```hcl # environments/production/main.tf terraform { backend "s3" { bucket = "my-terraform-state" key = "production/terraform.tfstate" region = "us-east-1" encrypt = true dynamodb_table = "terraform-locks" } } provider "aws" { region = var.aws_region default_tags { tags = { Environment = "production" ManagedBy = "terraform" Project = var.project_name } } } module "vpc" { source = "../../modules/vpc" name = "${var.project_name}-${var.environment}" cidr = var.vpc_cidr azs = var.availability_zones private_subnets = var.private_subnet_cidrs public_subnets = var.public_subnet_cidrs } module "rds" { source = "../../modules/rds" identifier = "${var.project_name}-${var.environment}" database_name = var.database_name username = var.database_username vpc_id = module.vpc.vpc_id subnet_ids = module.vpc.private_subnet_ids allowed_security_groups = [module.eks.node_security_group_id] } ``` ## Best Practices 1. **State Management**: Use remote state with locking 2. **Modules**: Create reusable modules for common resources 3. **Variables**: Use variables for environment-specific values 4. **Outputs**: Export important values for other configurations 5. **Secrets**: Never commit secrets; use AWS Secrets Manager 6. **Workspaces**: Use workspaces or separate directories per environment Google Antigravity's Gemini 3 can generate Terraform configurations from architecture descriptions and help optimize resource definitions.