I design and write modular, environment-separated Terraform for AWS, GCP, and Azure — so your infrastructure is reproducible, auditable, and maintainable by your team, not just by the person who built it.
Architecture follows proven patterns: reusable module library with proper input/output contracts; separate environments via workspace or directory structure; remote state backend (S3+DynamoDB, GCS, or Azure Blob) with state locking; variable structure with environment-specific tfvars; naming conventions and tagging taxonomy enforced at the module level; and IAM roles, policies, and service accounts provisioned with least privilege.
I build for the full stack: VPCs, subnets, route tables, security groups, compute (EC2, GCE, Azure VM, ECS, GKE, AKS, EKS), databases (RDS, Cloud SQL, Azure SQL), caches, storage, and supporting services (Route53, Cloud DNS, load balancers, CDN).
For teams wanting automation, I add Terraform CI/CD (Atlantis or Terraform Cloud) with plan-on-PR and apply-on-merge, plus optional OPA or Sentinel policy checks. I can also import existing manually-created infrastructure into Terraform state.