Terraform Registry
The Terraform Registry is the central hub for discovering and sharing Terraform providers and modules. Instead of writing every piece of infrastructure from scratch, you can use battle-tested community modules for common patterns like VPCs, EKS clusters, and RDS databases.
What’s on the Registry
Providers — 3,000+ provider plugins for connecting to cloud APIs:
hashicorp/aws— Amazon Web Serviceshashicorp/azurerm— Microsoft Azurehashicorp/google— Google Cloud Platformcloudflare/cloudflare— Cloudflare DNS/CDNdatadog/datadog— Datadog monitoringhashicorp/kubernetes— Kubernetes resources
Modules — reusable infrastructure components:
terraform-aws-modules/vpc/aws— Production-ready AWS VPCterraform-aws-modules/eks/aws— Amazon EKS clusterterraform-aws-modules/rds/aws— Amazon RDS instancesAzure/aks/azurerm— Azure Kubernetes Serviceterraform-google-modules/network/google— GCP networking
Using Public Registry Modules
# AWS VPC — most popular Terraform module with 80M+ downloadsmodule "vpc" { source = "terraform-aws-modules/vpc/aws" version = "~> 5.8"
name = "production-vpc" cidr = "10.0.0.0/16"
azs = ["us-east-1a", "us-east-1b", "us-east-1c"] private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"] public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
enable_nat_gateway = true single_nat_gateway = false # One NAT GW per AZ for HA enable_dns_hostnames = true
tags = { Environment = "production" ManagedBy = "terraform" }}
# Reference module outputsresource "aws_instance" "app" { subnet_id = module.vpc.private_subnets[0]}EKS Cluster via Registry Module
module "eks" { source = "terraform-aws-modules/eks/aws" version = "~> 20.0"
cluster_name = "production-eks" cluster_version = "1.30"
vpc_id = module.vpc.vpc_id subnet_ids = module.vpc.private_subnets cluster_endpoint_public_access = true
eks_managed_node_groups = { general = { instance_types = ["m6i.large"] min_size = 2 max_size = 10 desired_size = 3 } gpu = { instance_types = ["g5.xlarge"] min_size = 0 max_size = 4 desired_size = 0 taints = [{ key = "nvidia.com/gpu" value = "true" effect = "NO_SCHEDULE" }] } }
tags = local.common_tags}RDS Module
module "rds_postgres" { source = "terraform-aws-modules/rds/aws" version = "~> 6.6"
identifier = "production-postgres" engine = "postgres" engine_version = "16.3" instance_class = "db.r6g.large" allocated_storage = 100 storage_type = "gp3" storage_encrypted = true
db_name = "appdb" username = "dbadmin" manage_master_user_password = true # Secrets Manager integration
multi_az = true publicly_accessible = false vpc_security_group_ids = [aws_security_group.rds.id] db_subnet_group_name = aws_db_subnet_group.main.name
backup_retention_period = 7 backup_window = "03:00-06:00" maintenance_window = "Mon:00:00-Mon:03:00" deletion_protection = true skip_final_snapshot = false final_snapshot_identifier = "production-postgres-final"
tags = local.common_tags}Finding Modules on the Registry
Visit registry.terraform.io/modules and filter by:
- Provider (AWS, Azure, GCP)
- Verified modules (marked with ✓ — maintained by HashiCorp partners)
- Download count (popularity indicates community trust)
- Last update date
# Search via CLI (requires Terraform 1.x)terraform providers search aws
# Or use the web interface and copy the use block:module "example" { source = "terraform-aws-modules/vpc/aws" version = "5.8.1" # ...}Module Source Types
The Registry is just one of several module source locations:
# Terraform Registry (official)source = "terraform-aws-modules/vpc/aws"
# GitHub (public repository)source = "github.com/my-org/terraform-modules//vpc"
# GitHub with specific tag/branchsource = "github.com/my-org/terraform-modules//vpc?ref=v1.2.0"
# Private Git (with SSH)source = "git::ssh://git@github.com/my-org/private-modules.git//vpc?ref=v2.0.0"
# Local path (same repo)source = "./modules/vpc"source = "../shared/modules/networking"
# Terraform Cloud Private Registrysource = "app.terraform.io/my-org/vpc/aws"
# S3 bucket (uncommon)source = "s3::https://s3-us-west-2.amazonaws.com/acme-terraform-modules/vpc/1.0.0.zip"Evaluating Registry Modules
Before using a community module, check:
| Signal | What to Look For |
|---|---|
| Verified badge | Module maintained by a HashiCorp Technology Partner |
| Download count | 1M+ downloads suggests battle-tested |
| Last published | Updated in last 6 months = actively maintained |
| GitHub stars | Community confidence indicator |
| Open issues/PRs | High count of unresolved issues is a warning sign |
| License | MIT or Apache 2.0 for commercial use |
# Review what a module will create before using# Clone and inspect the module sourcegit clone https://github.com/terraform-aws-modules/terraform-aws-vpccat terraform-aws-vpc/main.tf # Review all resources the module createsPrivate Module Registry
For internal modules used across your organization, Terraform Cloud/Enterprise provides a private registry:
# Internal module from Terraform Cloud private registrymodule "internal_vpc" { source = "app.terraform.io/my-company/vpc/aws" version = "~> 2.0"}For open-source alternatives, host modules in a git monorepo and reference by path and git tag.