# Terraform Profile

## Concept → Terraform Mapping

| ABC Concept   | Meaning                 | Terraform Mapping                                  |
|---------------|-------------------------|----------------------------------------------------|
| ABC‑C0        | Construct               | Terraform module                                   |
| ABC‑C1        | Application Stack       | Root Terraform module                              |
| ABC‑C2        | Logical Unit            | Child module representing a domain                 |
| ABC‑C3        | Resource Group          | Submodule representing a cohesive resource cluster |
| ABC‑C4        | Input Contract          | variables.tf in a module                           |
| ABC‑C5        | Output Contract         | outputs.tf in a module                             |
| ABC‑C6        | Instantiation Interface | `module "" { ... }` block                          |
| ABC‑C7        | Capturing Down          | Passing variables from parent to child module      |
| ABC‑C8        | Bubbling Up             | Exposing outputs from child modules to parent      |

## Proile Rules

Terraform profile rules follow the canonical identifier format:

```default
ABC-PROFILE-TF-R#
```

These rules are profile‑specific, not core ABC rules.

### ABC-PROFILE-TF-R1 (SHOULD)

Each ABC construct SHOULD be implemented as a Terraform module.

### ABC-PROFILE-TF-R2 (SHOULD)

The directory structure SHOULD reflect the ABC hierarchy:

```default
root/
  main.tf
  data/
    main.tf
    storage/
      main.tf
    database/
      main.tf
  logic/
    main.tf
  presentation/
    main.tf
```

### ABC-PROFILE-TF-R3 (SHOULD)

Each module SHOULD contain:

* main.tf
* variables.tf (InputContract)
* outputs.tf (OutputContract)

### ABC-PROFILE-TF-R4 (MUST)

Module inputs MUST be declared exclusively in variables.tf.

### ABC-PROFILE-TF-R5 (MUST)

Module outputs MUST be declared exclusively in outputs.tf.

### ABC-PROFILE-TF-R6 (MUST)

Modules MUST NOT reference parent or sibling modules directly; all data MUST
flow through variables and outputs.

(This enforces ABC‑R22, ABC‑R40, ABC‑R42.)

### ABC-PROFILE-TF-R7 (MUST)

Modules MUST be instantiated using a module “<name>” { … } block with explicit
variable assignments.

### ABC-PROFILE-TF-R8 (MUST)

Modules MUST NOT read Terraform state from other modules except via outputs.

### ABC-PROFILE-TF-R9 (MUST)

Capturing Down MUST be implemented by passing parent variables or outputs into
child module inputs.

### ABC-PROFILE-TF-R10 (MUST)

Bubbling Up MUST be implemented by exposing child module outputs and re‑exposing
them in the parent module if needed.

### ABC-PROFILE-TF-R11 (MUST)

Resource definitions MUST reside only in Resource Group modules (ABC‑C3).

### ABC-PROFILE-TF-R12 (MUST)

Logical Units MUST NOT contain Terraform resources directly.

### ABC-PROFILE-TF-R13 (SHOULD)

Logical Units SHOULD only orchestrate child modules and expose aggregated
outputs.

## Canonical Example

A minimal 3‑tier ABC architecture in Terraform.

### Application Stack

```hcl
module "data" {
  source = "./data"
  environment = var.environment
  region      = var.region
}

module "logic" {
  source = "./logic"
  environment      = var.environment
  region           = var.region
  database_endpoint = module.data.database_endpoint
}

module "presentation" {
  source = "./presentation"
  environment           = var.environment
  region                = var.region
  frontend_assets_bucket = module.data.storage_bucket_name
  api_endpoint           = module.logic.api_endpoint
}

output "frontend_url" {
  value = module.presentation.frontend_url
}

output "api_endpoint" {
  value = module.logic.api_endpoint
}
```

```hcl
variable "environment" { type = string }
variable "region"      { type = string }
```

### Data Logical Unit

```default
module "storage" {
  source = "./storage"
  environment  = var.environment
  region       = var.region
  storage_class = var.storage_class
}

module "database" {
  source = "./database"
  environment      = var.environment
  db_engine        = var.db_engine
  db_instance_size = var.db_instance_size
}

output "storage_bucket_name" {
  value = module.storage.bucket_name
}

output "database_endpoint" {
  value = module.database.endpoint
}
```

```default
variable "environment"   { type = string }
variable "region"        { type = string }
variable "storage_class" { type = string }
variable "db_engine"     { type = string }
variable "db_instance_size" { type = string }
```

#### Storage Resource Group

```hcl
resource "aws_s3_bucket" "bucket" {
  bucket = "${var.environment}-storage"
}
```

```hcl
variable "environment"   { type = string }
variable "region"        { type = string }
variable "storage_class" { type = string }
```

```hcl
output "bucket_name" {
  value = aws_s3_bucket.bucket.bucket
}
```