This is a practical and experience-backed take. The shift from local state to remote state with S3 and DynamoDB locking is a foundational move that many teams only appreciate after a painful incident. Splitting state by environment and domain is especially valuable it reduces blast radius and improves team autonomy without sacrificing safety. Your point about IAM scoping by prefix is also critical for scaling across teams responsibly. Clear, disciplined state management isn’t just a Terraform detail it’s core infrastructure hygiene, and this breakdown highlights that well.