Infrastructure environment progression with Terraform

Most teams have at least one other environment where changes are tested before applying them in production where they can have either good or bad customer impact. In various organisations we have tried several approaches to how infrastructure changes make their way to production. We would like to share what we've learnt about the pros and cons of each approach and provide some tips on how to choose the right set of tradeoffs in different situations. Some of these approaches are: - Just do it in prod - Every environment is a snowflake - Using Terraform targeted apply to pick what to put in each environment (don't do this) - Branches for each environment - Directories for each environment - Using local and remote modules to share code across environments - Taking the same config and applying it with different tfvars to each environment Some of these are universally a bad idea but most have situations where they are a reasonable choice.

Most teams have at least one other environment where changes are tested before applying them in production where they can have either good or bad customer impact.

In various organisations we have tried several approaches to how infrastructure changes make their way to production.

We would like to share what we've learnt about the pros and cons of each approach and provide some tips on how to choose the right set of tradeoffs in different situations.

Some of these approaches are:
- Just do it in prod
- Every environment is a snowflake
- Using Terraform targeted apply to pick what to put in each environment (don't do this)
- Branches for each environment
- Directories for each environment
- Using local and remote modules to share code across environments
- Taking the same config and applying it with different tfvars to each environment

Some of these are universally a bad idea but most have situations where they are a reasonable choice.