Why state strategy matters
Terraform state is your source of truth. In multi-cloud setups, small state decisions can turn into big operational issues:
- cross-team collisions and accidental drifts
- over-broad IAM permissions for CI/CD
- inconsistent promotion from dev → staging → prod
- painful refactors when you split or merge stacks later
A simple baseline that scales
Start with a boring structure:
- one state per environment (
dev,staging,prod) - one state per bounded domain (network, kubernetes, observability, security)
- strict backend locking and versioning enabled
If your team grows, this layout is still easy to evolve.
What to avoid early
- one giant monolithic state file for “everything”
- workspace sprawl without conventions
- mixing app deploy artifacts and foundational infra in the same state
Practical checklist
- enable state locking
- enforce least-privilege for the state backend
- require review for
terraform applyon shared environments - keep modules versioned and reusable across clouds