Bird
Raised Fist0
Terraformcloud~30 mins

Module registry for organization in Terraform - Mini Project: Build & Apply

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Module registry for organization
📖 Scenario: Your company wants to organize reusable Terraform modules in a private module registry within your organization. This helps teams share and manage infrastructure code easily and consistently.
🎯 Goal: Create a Terraform configuration that sets up a private module registry for your organization, defines a module with versioning, and configures access permissions.
📋 What You'll Learn
Create a Terraform configuration file to define the module registry
Add a variable to specify the organization name
Define a module with a source and version
Configure access permissions for the module
💡 Why This Matters
🌍 Real World
Organizations use private Terraform module registries to share and manage infrastructure code securely and consistently across teams.
💼 Career
Cloud engineers and DevOps professionals often create and manage module registries to improve infrastructure automation and collaboration.
Progress0 / 4 steps
1
Define the organization variable
Create a Terraform variable called organization of type string with the default value "my-org".
Terraform
Hint

Use the variable block to define a variable with a default string value.

2
Add module source and version variables
Add two Terraform variables: module_source with default "registry.terraform.io/my-org/my-module/aws" and module_version with default "1.0.0".
Terraform
Hint

Define variables similarly to step 1, with the given default values.

3
Declare the module with source and version
Declare a Terraform module called my_module using the variables module_source for source and module_version for version.
Terraform
Hint

Use the module block with source and version set from variables.

4
Configure module access permissions
Add a Terraform resource terraform_organization_module_access named my_module_access that grants read permission to the module my_module in the organization var.organization.
Terraform
Hint

Use a resource block with the specified name and attributes to set access permissions.

Practice

(1/5)
1. What is the main purpose of using a module registry in Terraform for an organization?
easy
A. To share and reuse Terraform modules easily within the organization
B. To store Terraform state files securely
C. To automatically deploy infrastructure without configuration
D. To monitor cloud resource usage in real-time

Solution

  1. Step 1: Understand what a module registry does

    A module registry is a place where Terraform modules are stored and shared.

  2. Step 2: Identify the organizational benefit

    It allows teams to reuse modules easily, promoting consistency and saving time.

  3. Final Answer:

    To share and reuse Terraform modules easily within the organization -> Option A

  4. Quick Check:

    Module registry = share & reuse modules [OK]
Hint: Module registry = easy sharing of modules [OK]
Common Mistakes:
  • Confusing module registry with state storage
  • Thinking it automates deployment without config
  • Mixing it up with monitoring tools
2. Which of the following is the correct syntax to use a module from your organization's Terraform registry?
easy
A. source = "github.com/org-name/module-name"
B. source = "app.terraform.io/org-name/module-name/aws"
C. source = "terraform.io/module-name"
D. source = "registry.terraform.io/module-name"

Solution

  1. Step 1: Recall the format for organization module source

    The source for an organization's registry uses the format: app.terraform.io/org-name/module-name/provider.

  2. Step 2: Match the correct option

    source = "app.terraform.io/org-name/module-name/aws" matches this format exactly, including the organization and module name.

  3. Final Answer:

    source = "app.terraform.io/org-name/module-name/aws" -> Option B

  4. Quick Check:

    Org registry source format = app.terraform.io/org-name/module-name/provider [OK]
Hint: Org registry source starts with app.terraform.io [OK]
Common Mistakes:
  • Using GitHub URL instead of Terraform registry format
  • Omitting the provider name at the end
  • Using registry.terraform.io without org prefix
3. Given this Terraform module block:
module "vpc" {
  source  = "app.terraform.io/myorg/vpc/aws"
  version = "1.2.0"
}

What happens if version "1.2.0" is not available in the registry?
medium
A. Terraform will use the latest available version automatically
B. Terraform will ignore the version and use the source code locally
C. Terraform will download an empty module
D. Terraform will throw an error and stop the plan or apply

Solution

  1. Step 1: Understand versioning in Terraform modules

    Terraform requires the specified version to exist in the registry to ensure consistent infrastructure.

  2. Step 2: Behavior when version is missing

    If the version is not found, Terraform stops and shows an error to prevent unexpected changes.

  3. Final Answer:

    Terraform will throw an error and stop the plan or apply -> Option D

  4. Quick Check:

    Missing version causes error, no fallback [OK]
Hint: Missing version = error, no automatic fallback [OK]
Common Mistakes:
  • Assuming Terraform uses latest version automatically
  • Thinking Terraform ignores version and uses local code
  • Believing Terraform downloads empty module silently
4. You wrote this module block:
module "db" {
  source = "app.terraform.io/myorg/db/aws"
  version = "1.0"
}

Terraform fails with an error about version format. What is the likely problem?
medium
A. Version should be a full semantic version like "1.0.0"
B. Source URL is missing the organization name
C. Module name "db" is invalid
D. Version attribute is not supported in module blocks

Solution

  1. Step 1: Check version format requirements

    Terraform module versions must follow semantic versioning, e.g., "1.0.0".

  2. Step 2: Identify the error cause

    Using "1.0" is incomplete and causes a format error.

  3. Final Answer:

    Version should be a full semantic version like "1.0.0" -> Option A

  4. Quick Check:

    Version format = semantic (x.y.z) [OK]
Hint: Use full semantic version (e.g., 1.0.0) [OK]
Common Mistakes:
  • Using short version like 1.0 instead of 1.0.0
  • Forgetting organization name in source
  • Thinking version attribute is invalid
5. Your team wants to ensure all Terraform modules used from the organization registry are locked to specific versions to avoid unexpected changes. Which practice should you follow?
hard
A. Remove the version attribute and rely on Terraform to pick stable versions
B. Use the latest version without specifying version to get updates automatically
C. Specify exact module versions in the module block using the version attribute
D. Download modules manually and use local paths instead of registry

Solution

  1. Step 1: Understand version locking importance

    Locking module versions prevents unexpected changes and keeps infrastructure stable.

  2. Step 2: Apply version locking in Terraform

    Use the version attribute in the module block to specify exact versions from the registry.

  3. Final Answer:

    Specify exact module versions in the module block using the version attribute -> Option C

  4. Quick Check:

    Version attribute locks module version [OK]
Hint: Always specify exact version to lock modules [OK]
Common Mistakes:
  • Using latest version without locking causes surprises
  • Thinking manual download is better than registry
  • Removing version attribute leads to unstable infra