When you author a reusable Terraform module that dozens of teams will consume, how do you design it so it stays safe and maintainable as it spreads across the org?

technical-conceptual · Senior level · cloud-devops-security

What the interviewer is really asking

Probes whether the candidate can reason about IaC at platform scale: secure-by-default inputs, sane variable contracts and versioning, blast-radius isolation through state segmentation, and the paved-road tradeoff between flexibility and guardrails — beyond just writing working HCL.

What to say

What to avoid

Example answers

Strong: I treat the module's variables as an API contract. Defaults are secure — encryption on, no public access — so the lazy path is the safe path, and I add variable validation to reject obviously wrong inputs at plan time. I publish it with semver tags so teams pin a version and I can land breaking changes behind a major bump instead of surprising everyone. And I keep consumers' state segmented per environment so one team's bad apply can't take out another's.

Weak: I'd make the module flexible by exposing every possible setting as a variable so any team can configure it however they want, and they just reference the module from our shared repo so they always get the latest version with all the fixes.

Want questions matched to your role? Paste a job title, job description, or CV and get a personalized set, or go Pro to unlock the full bank.