Review of Terraform Modules
The AVM module review is a critical step before an AVM Terraform module gets published to the Terraform Registry and made publicly available for customers, partners and wider community to consume and contribute to. It serves as a quality assurance step to ensure that the AVM Terraform module complies with the Terraform specifications of AVM. The below process outlines the steps that both the module owner and module reviewer need to follow.
The module owner completes the development of the module in their branch or fork.
The module owner submits a pull request (PR) titled
AVM-Review-PR
and ensures that all checks are passing on that PR as that is a pre-requisite to request a review.The module owner assigns the
avm-core-team-technical-terraform
GitHub team as reviewer on the PR.The module owner leaves the following comment as it is on the module proposal in the AVM - Module Triage project by searching for their module proposal by name there.
The AVM team moves the module proposal from “In Development” to “In Review” in the AVM - Module Triage project.
The AVM team will assign a module reviewer who will open a blank issue on the module titled “AVM-Review” and populate it with the below mark down. This template already marks the specs as compliant which are covered by the checks that run on the PR. There are some specs which don’t need to be checked at the time of publishing the module therefore they are marked as NA.
<!-- markdownlint-disable -->
Dear module owner,
As per the module ownership requirements and responsibilities at the time of [assignment](REPLACE WITH THE LINK TO THE AVM MODULE PROPOSAL), the AVM Team is opening this issue, requesting you to validate your module against the below AVM specifications and confirm its compliance.
Please don't close this issue and merge your AVM-Review-PR until advised to do so. This review is a prerequisite for publishing your module's v0.1.0 in the Terraform Registry. The AVM team is happy to assist with any questions you might have.
**Requested Actions**
1. Complete the below task list by ticking off the tasks.
2. Complete the below table by updating the Compliant column with Yes, No or NA as possible values.
Please use the comments columns to provide additional details especially if the Compliant column is updated to `No` or `NA`.
```[tasklist]
### Tasks
- [ ] Address comments on AVM-Review-PR if any
- [ ] Ensure that all checks on AVM-Review-PR are passing
- [ ] Make sure you have run [grept](https://azure.github.io/Azure-Verified-Modules/contributing/terraform/terraform-contribution-flow/owner-contribution-flow/#5-grept) and [pre-commit and pr-check](https://azure.github.io/Azure-Verified-Modules/contributing/terraform/terraform-contribution-flow/#41-run-pre-commit-and-pr-check).
- [ ] Tick this to acknowledge specs with comment "Module Owner to action this spec post-publish as appropriate" in the table below.
- [ ] Please update the _header.md file as it contains instructions which - once actioned - need to be replaced with Module Name and Description.
```
| ID | Spec | Compliant | Comments |
| --- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------- | --------------------------------------------------------------------------------------- |
| 1 | [ID: SFR1 - Category: Composition - Preview Services](https://azure.github.io/Azure-Verified-Modules/spec/SFR1) | | NA if no preview services are used |
| 2 | [ID: SFR2 - Category: Composition - WAF Aligned](https://azure.github.io/Azure-Verified-Modules/spec/SFR2) | | Ensure only high priority reliability & security recommendations are implemented if any |
| 3 | [ID: SFR3 - Category: Telemetry - Deployment/Usage Telemetry](https://azure.github.io/Azure-Verified-Modules/spec/SFR3) | | |
| 4 | [ID: SFR4 - Category: Telemetry - Telemetry Enablement Flexibility](https://azure.github.io/Azure-Verified-Modules/spec/SFR4) | Yes | Yes if AVM Template Repo has been used |
| 5 | [ID: SFR5 - Category: Composition - Availability Zones](https://azure.github.io/Azure-Verified-Modules/spec/SFR5) | | |
| 6 | [ID: SFR6 - Category: Composition - Data Redundancy](https://azure.github.io/Azure-Verified-Modules/spec/SFR6) | | |
| 7 | [ID: SNFR25 - Category: Composition - Resource Naming](https://azure.github.io/Azure-Verified-Modules/spec/SNFR25) | | |
| 8 | [ID: SNFR1 - Category: Testing - Prescribed Tests](https://azure.github.io/Azure-Verified-Modules/spec/SNFR1) | Yes | Yes if all e2e test, version-check & linting checks passed |
| 9 | [ID: SNFR2 - Category: Testing - E2E Testing](https://azure.github.io/Azure-Verified-Modules/spec/SNFR2) | Yes | Yes if e2e tests passed |
| 10 | [ID: SNFR3 - Category: Testing - AVM Compliance Tests](https://azure.github.io/Azure-Verified-Modules/spec/SNFR3) | Yes | Yes if all e2e test, version-check & linting checks passed |
| 11 | [ID: SNFR4 - Category: Testing - Unit Tests](https://azure.github.io/Azure-Verified-Modules/spec/SNFR4) | | NA if no tests created in tests folder |
| 12 | [ID: SNFR5 - Category: Testing - Upgrade Tests](https://azure.github.io/Azure-Verified-Modules/spec/SNFR5) | NA | Module Owner to action this spec post-publish as appropriate |
| 13 | [ID: SNFR6 - Category: Testing - Static Analysis/Linting Tests](https://azure.github.io/Azure-Verified-Modules/spec/SNFR6) | Yes | Yes if all linting checks passed |
| 14 | [ID: SNFR7 - Category: Testing - Idempotency Tests](https://azure.github.io/Azure-Verified-Modules/spec/SNFR7) | Yes | Yes if e2e tests passed |
| 15 | [ID: SNFR24 - Category: Testing - Testing Child, Extension & Interface Resources](https://azure.github.io/Azure-Verified-Modules/spec/SNFR24) | Yes | Yes if e2e tests passed |
| 16 | [ID: SNFR8 - Category: Contribution/Support - Module Owner(s) GitHub](https://azure.github.io/Azure-Verified-Modules/spec/SNFR8) | | |
| 17 | [ID: SNFR20 - Category: Contribution/Support - GitHub Teams Only](https://azure.github.io/Azure-Verified-Modules/spec/SNFR20) | | |
| 18 | [ID: SNFR9 - Category: Contribution/Support - AVM & PG Teams GitHub Repo Permissions](https://azure.github.io/Azure-Verified-Modules/spec/SNFR9) | | |
| 19 | [ID: SNFR10 - Category: Contribution/Support - MIT Licensing](https://azure.github.io/Azure-Verified-Modules/spec/SNFR10) | Yes | Yes if AVM Template Repo has been used |
| 20 | [ID: SNFR11 - Category: Contribution/Support - Issues Response Times](https://azure.github.io/Azure-Verified-Modules/spec/SNFR11) | NA | Module Owner to action this spec post-publish as appropriate |
| 21 | [ID: SNFR12 - Category: Contribution/Support - Versions Supported](https://azure.github.io/Azure-Verified-Modules/spec/SNFR12) | NA | Module Owner to action this spec post-publish as appropriate |
| 22 | [ID: SNFR23 - Category: Contribution/Support - GitHub Repo Labels](https://azure.github.io/Azure-Verified-Modules/spec/SNFR23) | | |
| 23 | [ID: SNFR14 - Category: Inputs - Data Types](https://azure.github.io/Azure-Verified-Modules/spec/SNFR14) | | |
| 24 | [ID: SNFR22 - Category: Inputs - Parameters/Variables for Resource IDs](https://azure.github.io/Azure-Verified-Modules/spec/SNFR22) | | |
| 25 | [ID: SNFR15 - Category: Documentation - Automatic Documentation Generation](https://azure.github.io/Azure-Verified-Modules/spec/SNFR15) | Yes | Yes if linting / docs check passed |
| 26 | [ID: SNFR16 - Category: Documentation - Examples/E2E](https://azure.github.io/Azure-Verified-Modules/spec/SNFR16) | Yes | Yes if e2e tests passed |
| 27 | [ID: SNFR17 - Category: Release - Semantic Versioning](https://azure.github.io/Azure-Verified-Modules/spec/SNFR17) | Yes | Yes if version-check check passed |
| 28 | [ID: SNFR18 - Category: Release - Breaking Changes](https://azure.github.io/Azure-Verified-Modules/spec/SNFR18) | NA | Module Owner to action this spec post-publish as appropriate |
| 29 | [ID: SNFR19 - Category: Publishing - Registries Targeted](https://azure.github.io/Azure-Verified-Modules/spec/SNFR19) | NA | Module Owner to action this spec post-publish as appropriate |
| 30 | [ID: SNFR21 - Category: Publishing - Cross Language Collaboration](https://azure.github.io/Azure-Verified-Modules/spec/SNFR21) | NA | Module Owner to action this spec post-publish as appropriate |
| 31 | [ID: RMFR1 - Category: Composition - Single Resource Only](https://azure.github.io/Azure-Verified-Modules/spec/RMFR1) | | |
| 32 | [ID: RMFR2 - Category: Composition - No Resource Wrapper Modules](https://azure.github.io/Azure-Verified-Modules/spec/RMFR2) | | |
| 33 | [ID: RMFR3 - Category: Composition - Resource Groups](https://azure.github.io/Azure-Verified-Modules/spec/RMFR3) | | |
| 34 | [ID: RMFR4 - Category: Composition - AVM Consistent Feature & Extension Resources Value Add](https://azure.github.io/Azure-Verified-Modules/spec/RMFR4) | Yes | Yes if linting / terraform check passed |
| 35 | [ID: RMFR5 - Category: Composition - AVM Consistent Feature & Extension Resources Value Add Interfaces/Schemas](https://azure.github.io/Azure-Verified-Modules/spec/RMFR5) | Yes | Yes if linting / terraform check passed |
| 36 | [ID: RMFR8 - Category: Composition - Dependency on child and other resources](https://azure.github.io/Azure-Verified-Modules/spec/RMFR8) | | |
| 37 | [ID: RMFR6 - Category: Inputs - Parameter/Variable Naming](https://azure.github.io/Azure-Verified-Modules/spec/RMFR6) | | |
| 38 | [ID: RMFR7 - Category: Outputs - Minimum Required Outputs](https://azure.github.io/Azure-Verified-Modules/spec/RMFR7) | Yes | Yes if linting / terraform check passed |
| 39 | [ID: RMNFR1 - Category: Naming - Module Naming](https://azure.github.io/Azure-Verified-Modules/spec/RMNFR1) | | |
| 40 | [ID: RMNFR2 - Category: Inputs - Parameter/Variable Naming](https://azure.github.io/Azure-Verified-Modules/spec/RMNFR2) | | |
| 41 | [ID: RMNFR3 - Category: Composition - RP Collaboration](https://azure.github.io/Azure-Verified-Modules/spec/RMNFR3) | NA | Module Owner to action this spec post-publish as appropriate |
| 42 | [ID: PMFR1 - Category: Composition - Resource Group Creation](https://azure.github.io/Azure-Verified-Modules/spec/PMFR1) | | NA if this is not a pattern module |
| 43 | [ID: PMNFR1 - Category: Naming - Module Naming](https://azure.github.io/Azure-Verified-Modules/spec/PMNFR1) | | NA if this is not a pattern module |
| 44 | [ID: PMNFR2 - Category: Composition - Use Resource Modules to Build a Pattern Module](https://azure.github.io/Azure-Verified-Modules/spec/PMNFR2) | | NA if this is not a pattern module |
| 45 | [ID: PMNFR3 - Category: Composition - Use other Pattern Modules to Build a Pattern Module](https://azure.github.io/Azure-Verified-Modules/spec/PMNFR3) | | NA if this is not a pattern module |
| 46 | [ID: PMNFR4 - Category: Hygiene - Missing Resource Module(s)](https://azure.github.io/Azure-Verified-Modules/spec/PMNFR4) | | NA if this is not a pattern module |
| 47 | [ID: PMNFR5 - Category: Inputs - Parameter/Variable Naming](https://azure.github.io/Azure-Verified-Modules/spec/PMNFR5) | | NA if this is not a pattern module |
| 48 | [ID: TFFR1 - Category: Composition - Cross-Referencing Modules](https://azure.github.io/Azure-Verified-Modules/spec/TFFR1) | | |
| 49 | [ID: TFFR2 - Category: Outputs - Additional Terraform Outputs](https://azure.github.io/Azure-Verified-Modules/spec/TFFR2) | Yes | Yes if linting / terraform check passed |
| 50 | [ID: TFNFR1 - Category: Documentation - Descriptions](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR1) | | |
| 51 | [ID: TFNFR2 - Category: Documentation - Module Documentation Generation](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR2) | Yes | Yes if linting / docs check passed |
| 52 | [ID: TFNFR3 - Category: Contribution/Support - GitHub Repo Branch Protection](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR3) | Yes | Yes if AVM Template Repo has been used |
| 53 | [ID: TFNFR4 - Category: Composition - Code Styling - lower snake_casing](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR4) | Yes | Yes if linting / terraform check passed |
| 54 | [ID: TFNFR5 - Category: Testing - Test Tooling](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR5) | Yes | Yes if linting / terraform check passed |
| 55 | [ID: TFNFR6 - Category: Code Style - Resource & Data Order](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR6) | | |
| 56 | [ID: TFNFR7 - Category: Code Style - count & for_each Use](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR7) | | |
| 57 | [ID: TFNFR8 - Category: Code Style - Resource & Data Block Orders](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR8) | Yes | Yes if linting / avmfix check passed |
| 58 | [ID: TFNFR9 - Category: Code Style - Module Block Order](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR9) | | |
| 59 | [ID: TFNFR10 - Category: Code Style - No Double Quotes in ignore_changes](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR10) | | |
| 60 | [ID: TFNFR11 - Category: Code Style - Null Comparison Toggle](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR11) | | |
| 61 | [ID: TFNFR12 - Category: Code Style - Dynamic for Optional Nested Objects](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR12) | | |
| 62 | [ID: TFNFR13 - Category: Code Style - Default Values with coalesce/try](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR13) | | |
| 63 | [ID: TFNFR14 - Category: Inputs - Not allowed variables](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR14) | | |
| 64 | [ID: TFNFR15 - Category: Code Style - Variable Definition Order](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR15) | Yes | Yes if linting / avmfix check passed |
| 65 | [ID: TFNFR16 - Category: Code Style - Variable Naming Rules](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR16) | Yes | Yes if linting / terraform check passed |
| 66 | [ID: TFNFR17 - Category: Code Style - Variables with Descriptions](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR17) | Yes | Yes if linting / terraform check passed |
| 67 | [ID: TFNFR18 - Category: Code Style - Variables with Types](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR18) | Yes | Yes if linting / terraform check passed |
| 68 | [ID: TFNFR19 - Category: Code Style - Sensitive Data Variables](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR19) | | |
| 69 | [ID: TFNFR20 - Category: Code Style - Non-Nullable Defaults for collection values](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR20) | | |
| 70 | [ID: TFNFR21 - Category: Code Style - Discourage Nullability by Default](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR21) | Yes | Yes if linting / avmfix check passed |
| 71 | [ID: TFNFR22 - Category: Code Style - Avoid sensitive = false](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR22) | Yes | Yes if linting / avmfix check passed |
| 72 | [ID: TFNFR23 - Category: Code Style - Sensitive Default Value Conditions](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR23) | Yes | Yes if linting / terraform check passed |
| 73 | [ID: TFNFR24 - Category: Code Style - Handling Deprecated Variables](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR24) | NA | Module Owner to action this spec post-publish as appropriate |
| 74 | [ID: TFNFR25 - Category: Code Style - Verified Modules Requirements](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR25) | Yes | Yes if linting / terraform check passed |
| 75 | [ID: TFNFR26 - Category: Code Style - Providers in required_providers](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR26) | Yes | Yes if linting / terraform check passed |
| 76 | [ID: TFNFR27 - Category: Code Style - Provider Declarations in Modules](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR27) | Yes | Yes if linting / terraform check passed |
| 77 | [ID: TFNFR29 - Category: Code Style - Sensitive Data Outputs](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR29) | Yes | Yes if linting / avmfix check passed |
| 78 | [ID: TFNFR30 - Category: Code Style - Handling Deprecated Outputs](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR30) | NA | Module Owner to action this spec post-publish as appropriate |
| 79 | [ID: TFNFR31 - Category: Code Style - locals.tf for Locals Only](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR31) | | |
| 80 | [ID: TFNFR32 - Category: Code Style - Alphabetical Local Arrangement](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR32) | Yes | Yes if linting / avmfix check passed |
| 81 | [ID: TFNFR33 - Category: Code Style - Precise Local Types](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR33) | | |
| 82 | [ID: TFNFR34 - Category: Code Style - Using Feature Toggles](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR34) | NA | Module Owner to action this spec post-publish as appropriate |
| 83 | [ID: TFNFR35 - Category: Code Style - Reviewing Potential Breaking Changes](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR35) | NA | Module Owner to action this spec post-publish as appropriate |
| 84 | [ID: TFNFR36 - Category: Code Style - Setting prevent_deletion_if_contains_resources](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR36) | | |
| 85 | [ID: TFNFR37 - Category: Code Style - Tool Usage by Module Owner](https://azure.github.io/Azure-Verified-Modules/spec/TFNFR37) | | |
<!-- markdownlint-restore -->
The module reviewer can update the Compliance column for specs in line 42 to 47 to
NA
, in case the module being reviewed isn’t a pattern module.The module reviewer reviews the code in the PR and leaves comments to request any necessary updates.
The module reviewer assigns the AVM-Review issue to the module owner and links the AVM-Review Issue to the AVM-Review-PR so that once the module reviewer approves the PR and the module owner merges the AVM-Review-PR, the AMV-Review issue is automatically closed. The module reviews responds to the module owner’s comment on the Module Proposal in AVM Repo with the following
The module owner updates the check list and the table in the AVM-Review issue and notifies the module reviewer in a comment.
The module reviewer performs the final review and ensures that all checks in the checklist are complete and the specifications table has been updated with no requirements having compliance as ‘No’.
The module reviewer approves the AVM-Review-PR, and leaves the following comment on the AVM-Review issue with the following comment.
Thank you for contributing this module and completing the review process per AVM specs. The AVM-Review-PR has been approved and once you merge it that will close this AVM-Review issue. You may proceed with publishing this module to the HashiCorp Terraform Registry with an initial pre-release version of v0.1.0. Please keep future versions also pre-release i.e. < 1.0.0 until AVM becomes generally available (GA) of which the AVM team will notify you.
Requested Action: Once published please update your [module proposal](REPLACE WITH THE LINK TO THE MODULE PROPOSAL) with the following comment.
“The initial review of this module is complete, and the module has been published to the registry. Requesting AVM team to close this module proposal and mark the module available in the module index.
Terraform Registry Link:
- Once the module owner perform the requested action in the previous step, the module reviewer updates the module proposal by performing the following steps:
- Assign label Status: Module Available :green_circle: to the module proposal.
- Update the module index excel file and CSV file by creating a PR to update the module index and links the module proposal as an issue that gets closed once the PR is merged which will move the module proposal from “In Review” to “Done” in the AVM - Module Triage project.