Infrastructure Best Practices

Managing infrastructure as code on Google Cloud requires disciplined practices across organisation, security, state management, testing, and operations. This lesson consolidates best practices for Deployment Manager, Terraform, and the broader IaC workflow on GCP.

Organisation and Structure

Project Structure

Organise your IaC code to match your environments and team structure:

infrastructure/
  modules/
    vpc/
    gke-cluster/
    cloud-run-service/
    cloud-sql/
  environments/
    dev/
      main.tf
      variables.tf
      terraform.tfvars
      backend.tf
    staging/
      main.tf
      variables.tf
      terraform.tfvars
      backend.tf
    production/
      main.tf
      variables.tf
      terraform.tfvars
      backend.tf

Naming Conventions

Resource Type	Convention	Example
Projects	`{org}-{env}-{service}`	`acme-prod-payments`
VPCs	`{env}-{purpose}-vpc`	`prod-main-vpc`
Subnets	`{env}-{region}-{purpose}`	`prod-euw1-web`
GKE clusters	`{env}-{region}-{name}`	`prod-euw1-primary`
Service accounts	`{service}-{role}@`	`payments-api@`
Buckets	`{project}-{purpose}`	`acme-prod-terraform-state`

Tagging and Labels

Apply labels consistently to all resources:

locals {
  common_labels = {
    environment = var.environment
    team        = var.team
    managed_by  = "terraform"
    cost_centre = var.cost_centre
  }
}

resource "google_compute_instance" "web" {
  # ...
  labels = local.common_labels
}

Infrastructure Best Practices

Infrastructure Best Practices

Organisation and Structure

Project Structure

Naming Conventions

Tagging and Labels

State Management

Terraform State Best Practices

More in Cloud