AI Coding Agent Platforms
How do we create our first Coder workspace template using Terraform for a standard backend dev environment?
8 min read
Quick Answer: To create your first Coder workspace template for a standard backend dev environment, you define the workspace as Terraform code, register it as a template in Coder, and let developers self-serve workspaces in seconds from that template.
Frequently Asked Questions
How do we create our first Coder workspace template using Terraform for a standard backend dev environment?
Short Answer: You write a Terraform module that defines a Coder workspace (compute, image, IDE, dev tools), register it as a template in Coder, and then let developers or AI agents provision governed workspaces from that template.
Expanded Explanation:
Coder treats every workspace as code. For a standard backend dev environment—say, a containerized Linux workspace with Docker, a language runtime (Node, Python, Go, Java), and VS Code or JetBrains—you describe that environment using Terraform. The Terraform module specifies how Coder should provision the workspace (VM or Kubernetes), which image to use, which ports to expose, and what parameters developers can tweak (like CPU/RAM or runtime version).
Once that Terraform module is stored in Git and added as a Coder template, the coderd control plane handles the rest: it exposes the template in the UI/CLI, enforces access via OIDC SSO and RBAC, and provisions workspaces in seconds. Code and data stay inside your infrastructure (cloud or air-gapped on‑prem), and you get a repeatable “golden path” backend environment instead of fragile local setups.
Key Takeaways:
- A Coder template is just Terraform that defines how to provision a remote workspace.
- Platform teams control the template; developers self‑serve consistent backend workspaces from it.
What is the step‑by‑step process to build and register that first Terraform-based Coder template?
Short Answer: Decide your target infrastructure, write a minimal Terraform workspace module, push it to Git, then create a template in Coder that points at that repo and module.
Expanded Explanation:
The cleanest way to start is to build a small but production‑shaped template: pick one cloud (AWS/Azure/GCP) or Kubernetes cluster, choose a base image with your backend stack, and parameterize only what matters (like CPU/RAM and runtime version). Store the Terraform module in source control so changes go through the same review path as other infra. From there, Coder’s coderd control plane pulls the module, evaluates it using Terraform, and exposes it as a template that developers and AI coding agents can use to create workspaces.
You don’t need to model your entire platform on day one. Start with a single backend template, prove it’s faster and more stable than local environments or VDI, then iterate.
Steps:
- Decide on infra and stack: Choose VM or Kubernetes; pick a base image with your backend runtime (e.g.,
node,python,go,openjdk) and core tools. - Create a Terraform module: Use Coder’s example templates as a starting point. Define a
coder_agentresource plus compute, storage, and ports, and add Terraformcoder_parameterblocks for configurable options. - Store and register: Push the module to Git, then in Coder create a template pointing to that repo/module so users can start provisioning backend workspaces.
What’s the difference between a “Coder template” and generic Terraform IaC for backend environments?
Short Answer: Terraform IaC provisions infrastructure; a Coder template is Terraform specifically wired to provision developer workspaces through Coder with identity, RBAC, and workspace lifecycle built in.
Expanded Explanation:
You might already use Terraform to stand up backend services—databases, queues, app clusters. That’s infrastructure for your applications. A Coder template is infrastructure for your developers: it describes the workspace container/VM, dev tools, IDE connection, and policy‑driven parameters used when a developer clicks “Create workspace.”
Coder explicitly is not an IaC platform; it sits on top of whatever infra and Terraform providers you already use. The coderd control plane invokes Terraform against your template to create or modify workspaces, while enforcing identity (OIDC SSO), RBAC, and workspace policies (idle timers, quotas, dev URL access levels). You keep your existing Terraform patterns; Coder gives you a governed front door for remote dev environments.
Comparison Snapshot:
- Option A: Generic Terraform IaC: Provisions apps and infra, not tied to workspace UX or IDE connectivity.
- Option B: Coder Template (Terraform-based): Provisions developer workspaces, wired into Coder’s UI/CLI, auth, RBAC, and lifecycle controls.
- Best for: Teams who want dev environments as code, but with governed self‑service workspaces instead of ad‑hoc cloud shells or manual VM access.
How do we actually implement a standard backend dev environment in a Coder Terraform template?
Short Answer: You define a Coder agent plus your backend tools inside a Terraform module, usually as a container or VM with your language runtime, package manager, debugger, and preferred IDE integration.
Expanded Explanation:
For a “standard backend” environment, think opinionated but not locked‑down. A typical first template uses:
- Compute: A container on Kubernetes (or a VM) with CPU/RAM sized for backend development.
- Base image: Linux image with git, your runtime (Node/Python/Go/Java), package manager, and shell tools.
- Coder agent: The
coder_agentthat connects the workspace to coderd and your IDE (VS Code remote, JetBrains Gateway, browser IDEs, Cursor, Windsurf). - Ports and URLs: Exposed ports (e.g., 3000/8080) with dev URLs and access levels (public/private/org‑only).
- Parameters: Terraform
coder_parameterblocks to let devs choose CPU/RAM, maybe runtime version, without editing code.
In Terraform, you wire these together as a module. For example (simplified, conceptual layout):
# variables.tf
variable "workspace_cpu" {
type = number
default = 2
description = "vCPU for backend workspaces"
}
variable "workspace_memory" {
type = number
default = 4
description = "Memory (GiB) for backend workspaces"
}
# main.tf
data "coder_parameter" "runtime" {
name = "runtime"
display_name = "Backend runtime"
default = "python"
option {
name = "Python"
value = "python"
}
option {
name = "Node.js"
value = "node"
}
}
resource "coder_agent" "dev" {
os = "linux"
arch = "amd64"
startup_script = <<-EOT
#!/bin/bash
set -e
# install tools depending on runtime
if [ "${data.coder_parameter.runtime.value}" = "python" ]; then
apt-get update && apt-get install -y python3 python3-pip
elif [ "${data.coder_parameter.runtime.value}" = "node" ]; then
curl -fsSL https://deb.nodesource.com/setup_20.x | bash -
apt-get update && apt-get install -y nodejs
fi
# add your backend tooling here (Docker CLI, debugger, etc.)
EOT
}
# Then add your provider-specific resources (Kubernetes pod, VM, etc.) that run coder_agent.dev
You then create a Coder template that points at this module. Developers see “Backend Dev Environment” as an option, choose a runtime and resource size, and get a ready‑to‑use workspace.
What You Need:
- A running Coder deployment on your infrastructure (cloud or air‑gapped on‑prem) with Terraform access.
- A Git repo to store the Terraform module that defines your backend workspace image, agent, and parameters.
How should we think about this template strategically so it scales across teams and governance requirements?
Short Answer: Treat your first backend template as a golden path: simple enough for fast onboarding, structured enough for policy enforcement, and designed to evolve into a family of governed templates over time.
Expanded Explanation:
Your initial backend dev template isn’t just a one‑off config—it’s the contract between platform, security, and engineering. Define it like something you’ll operate at scale:
- Standardize the baseline: Decide what “every backend developer gets” (shell tools, language runtimes, debuggers, package managers) and bake that into the image or startup script.
- Separate concerns: Keep infra details (VPC, subnets, node pools) in reusable modules; keep workspace logic in the Coder template module. This makes it easy to support AWS, Azure, GCP, or multiple Kubernetes clusters with shared patterns.
- Enforce boundaries: Use Coder’s RBAC to control who can use which templates; use dev URL access levels and network policies to control how workspaces talk to internal systems; avoid secrets in Terraform templates and rely on proper secret stores and auth.
- Plan for AI agents: As AI coding agents show up in your org, they can use the same backend templates—governed by the same policies—while AI Bridge proxies LLM calls and logs prompts, usage, and tool calls inside your infrastructure.
Teams like Dropbox and Skydio have proven that standardized, template‑based environments can cut onboarding time by 4x and reduce VDI or cloud costs by up to 90%. The pattern is the same: define a few strong templates, wire them into Coder, and iterate under version control.
Why It Matters:
- You get fast, self‑service backend workspaces without losing control over compute, access, or data location.
- You establish a repeatable, auditable pattern for dev and AI agent environments that can span clouds, clusters, and classification levels.
Quick Recap
To create your first Coder workspace template using Terraform for a standard backend dev environment, you: (1) self‑host Coder on your infrastructure, (2) write a Terraform module that defines a backend workspace (compute, image, tools, parameters, and a Coder agent), (3) store it in Git, and (4) register it as a template in Coder. From there, developers and AI coding agents can provision consistent, governed backend workspaces in seconds, while platform and security teams retain control over infrastructure, access, and auditability.