Supply-chain hygiene for internal Terraform modules

Modules travel like compiled dependencies. We teach teams to pin sources, verify checksums, and rotate reviewers so no single engineer becomes an unspoken bottleneck. The emotional payoff is boring releases—exactly what regulated environments crave.

We also document how to communicate upstream changes. A changelog entry should mention consumer impact, test evidence, and rollback expectations. Learners critique real (anonymised) entries that failed those tests.

Finally, we discuss when to fork versus when to contribute back. Not every improvement belongs upstream immediately; politics and timing matter. We role-play those conversations with gentle humour, not cynicism.

Graduates leave with a module promotion checklist sized for two-pizza teams, not theoretical enterprises.