Our great sponsors
-
terraform
Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
-
terragrunt-infrastructure-live-example
A repo used to show examples file/folder structures you can use with Terragrunt and Terraform
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
terragrunt
Terragrunt is a thin wrapper for Terraform that provides extra tools for working with multiple Terraform modules.
locals { # Automatically load region-level variables region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl")) # Automatically load environment-level variables` environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl")) # Extract the variables we need for easy access account_name = local.environment_vars.locals.account_name account_id = local.environment_vars.locals.aws_account_id aws_region = local.region_vars.locals.aws_region # This is the S3 bucket where the Terraform State Files will be stored remote_state_bucket = "devops-bucket" # This is the DynamoDB table where Terraform will add the locking status dynamodb_table = "terraform-state-lock" # IAM Role for Terraform backend to assume terraform_backend_role = "arn:aws:iam::{shared-services_account_id}:role/terraform-backend-role" environment_path = replace(path_relative_to_include(), "environments/", "") # https://github.com/hashicorp/terraform/releases terraform_version = "latest" # https://github.com/gruntwork-io/terragrunt/releases terragrunt_version = "latest" } # Generate an AWS provider block generate "provider" { path = "provider.tf" if_exists = "overwrite_terragrunt" contents = <
NOTE: More information about the terragrunt.hcl file can be found in this example repository.
Alternatively, you can look at solutions like Atlantis or spacelift.
locals { # Automatically load region-level variables region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl")) # Automatically load environment-level variables` environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl")) # Extract the variables we need for easy access account_name = local.environment_vars.locals.account_name account_id = local.environment_vars.locals.aws_account_id aws_region = local.region_vars.locals.aws_region # This is the S3 bucket where the Terraform State Files will be stored remote_state_bucket = "devops-bucket" # This is the DynamoDB table where Terraform will add the locking status dynamodb_table = "terraform-state-lock" # IAM Role for Terraform backend to assume terraform_backend_role = "arn:aws:iam::{shared-services_account_id}:role/terraform-backend-role" environment_path = replace(path_relative_to_include(), "environments/", "") # https://github.com/hashicorp/terraform/releases terraform_version = "latest" # https://github.com/gruntwork-io/terragrunt/releases terragrunt_version = "latest" } # Generate an AWS provider block generate "provider" { path = "provider.tf" if_exists = "overwrite_terragrunt" contents = <
Terrateam: After getting into some really big issues when running Terragrunt with Github Actions, I decided to look for a better CI solution. Terrateam is my CI/CD tool of choice here. Unfortunately as of December 2023, they increased their price from USD $175 to USD $496 monthly. Me being an existing customer I still pay the old amount (thank God!) Alternatively, you can look at solutions like Atlantis or spacelift.
If you're provisioning the above resources for the first time, you'll have to either configure Terraform to use specific AWS keys as you won't have OIDC connection yet. In my case, I chose to have those pre-requesites resources in a CloudFormation template and deploy them with StackSets.
Related posts
- Deploying a Containerized App to ECS Fargate Using a Private ECR Repo & Terragrunt
- Top Terraform Tools to Know in 2024
- DevSecOps with AWS- IaC at scale - Building your own platform - Part 1
- Shielding Your Apps in the Cloud: Integrating CloudFront and AWS WAF with Terraform
- Advanced Terraform: Getting Started With Terragrunt