HashiConf The full conference agenda's now LIVE. Buy your pass and plan your schedule. Register
Well-Architected Framework
Well-Architected Framework Home

Define your database infrastructure

Before you can automate database processes, you need to define the database systems and configurations you require. Using infrastructure as code to define your database infrastructure creates consistent, version-controlled specifications for database provisioning, management, and operations. Whether you're working with cloud-managed services or self-hosted solutions, Terraform provides a unified approach to provisioning database instances, managing schemas, and controlling access across all major platforms.

Define databases with Terraform

Terraform can define, deploy, manage, and interact with database management systems. You can use cloud providers like AWS, GCP, or Azure to deploy database services such as RDS, and vendor providers to deploy databases like CockroachDB and MongoDB.

Terraform can define, deploy, manage, and interact with database management systems across cloud providers such as AWS, GCP, and Azure, for managed services like RDS, as well as vendor-provided databases like CockroachDB and MongoDB. Terraform enables you to provision database infrastructure, manage schemas and structures, and control access policies—all through version-controlled code that ensures consistent configurations across environments, reducing manual errors.

  • Provision database: You can use Terraform to deploy and configure database systems across all major cloud providers and database vendors, ensuring consistent configurations and reducing deployment complexity. For cloud-managed services, you can provision AWS RDS instances, Azure SQL databases, Google Cloud SQL instances, and configure parameter groups, subnet groups, and backup policies. For self-managed databases, you can define server infrastructure, storage configurations, and networking requirements. This approach lets you standardize database deployments across environments while maintaining granular control over compute resources, storage types, and network security settings.

  • Manage schema and structure: Terraform enables you to manage database schemas alongside infrastructure, allowing you to version control your entire database structure including table definitions, indexes, constraints, and relationships. You can define database schemas, manage table structures and data types, configure indexes for optimal performance, and implement data integrity constraints. This schema-as-code approach ensures consistent database structures across environments and enables automated schema migrations through your CI/CD pipeline.

  • Manage access control and security: You can integrate Terraform with database security features to manage user access, permissions, and security policies consistently across your database infrastructure. You can provision database users and roles, define granular permission policies and access controls, configure connection security with SSL/TLS encryption, and implement network-level security through VPC configurations and firewall rules. This centralized approach to database security ensures compliance with organizational policies while enabling least-privilege access patterns.

Next steps

In this section of Codify infrastructure and tools, you learned how to define your database systems using infrastructure as code to establish consistent database management processes. Define your database infrastructure is part of the Define and automate processes pillar.

If you are interested in learning more about database infrastructure with Terraform, you can check out the following resources:

Edit this page on GitHub