IaC Setup using Terragrunt and Terraform

In this post, I will be describing the setup we are using to push infrastructure changes to dev, stage and production environments. With this setup, we have built CI/CD pipeline to auto-deploy changes to lower environments and manual intervention for production push. We have many smaller repositories, separated by their purpose, for example AWS Organization, Account Bootstrap, IAM Role customization per account/env, Security setup, VPC/Networking setup, Application specific resources, Domain/Microservice resources etc.

Install Terraenv

Install Terraform and Terragrunt

Terraform Setup

Validate AWS Credentials Setup

terragrunt.hcl is dependent on two environment variables.

config : Name of Configuration file to use
region : AWS Region to Deploy (config file is looked up in this directory)

Terragrunt Generated Files
Exclude terragrunt generated files (*-generated.tf) in .gitignore

Note that we are using region,app, env to form a unique path for remote states. {app}/{region}/{env}/terraform.tfstate

variables.tf

outputs.tf

main.tf is empty in our example, as we are just showcasing how variables from different config/environment files can be made available with this setup to terraform.

config/common.yaml contains configuration common across environments, like Application Name, Tags, Terraform State Bucket, Lock Table and any other config of the resources.

config/us-east-1/dev.yaml Environment specific file, for specific region (in this case, for us-east-1). Values in this config file will be different in one or more environments.

config/us-east-2/stage.yaml Stage environment’s config file, for us-east-2 region.

config/us-east-2/prod.yaml Stage environment’s config file, for us-east-2 region.

Now that we have terragrunt setup, which uses environment variable config to pick corresponding configuration file, and optionally uses region environment variable, which defaults to us-east-1.

Build (Terraform Plan) for Dev environment

Build (Terraform Plan) for Stage environment

Deploy (Terraform apply) for Dev environment

Deploy (Terraform apply) for Stage environment

As part of your CI/CD pipeline, you can easily come up with pipeline steps which will need to adjust config and region environment variables to get your Infrastructure as Code deployed to selected environment and region. An alternate approach can be terraform workspace, we started with terragrunt originally, and have been happy with our setup so far.

If you liked this story, feel free to follow so that you can be notified of my future posts. Please drop a note with comments/details on how you are making your Infrastructure as Code easy to manage with CI/CD Pipeline, to deploy the same code to multiple environments and multiple regions.

Some of my other stories you may like:

Related posts:

After my little daughter was born a few months ago, my parents decided to retire and come to the US to spend more time together with my family and take care of the newborn baby. In the past two…

This is a painful blog to write but an important one. My story begins while waiting for a job interview at a high-kill animal shelter. It was for a position I was excited about and thought I stood a…

Ele foi simplesmente o campeão do mundo de Pró Evolution Soccer (PES) de 2017 dentro do Emirates Stadium, estádio do gigante do futebol Arsenal. Guilherme Fonseca, o Guifera, conversou com a Pixel e…