Complete kit for your Terraform/Terragrunt controlled infrastructure
MIT License
terraform-control is a boilerplate starter kit repo that will help you succeed in managing your infrastructure using Terraform with Terragrunt. We started with the example docs/repo maintained by the Gruntwork team but found there were still plenty of improvements to make.
Terraform and Terragrunt are both very powerful and extensible tools that offer an overwhelming amount of options on how to structure your repo. Use the patterns we laid out here so you can enjoy a scalable IaC code repository that won't bite you in the butt a few months down the line.
Prior to using this repo you should already have prerequisite knowledge of both Terraform and Terragrunt. Ideally you have already used Terraform in production and have become familiar with its pitfalls and shortcomings that make it difficult to maintain. Same for Terragrunt, even if it is less prone to these issues.
In addition to Terraform and Terragrunt best practices:
modules/
directory only contains Terraform code and all variable data is set as a variable {}
live/
directory contains Terragrunt code with the configuration data (inputs {}
) that gets fed into the actual Terraform code in modules/
User-defined Configuration is when a human defines a customizable variable. Examples: the instance-type of their EC2 instance, the number of instances in an ASG, setting an RDS instance Multi-AZ, etc.
live/<env>/terragrunt.hcl
of the stack you are creatingterraform.tfvars
, or $ENVVAR
s, or any other methodDiscovered Configuration Data are attributes of resources that Terraform has created. Examples: The VPC module needs to share subnet-id
data with an RDS module, the RDS module needs to share its endpoint
with the App module, etc.
data.terraform_remote_state
, or outputs {}
, or any other method.Remote State Configuration Data is the information on the S3 bucket and DynamoDB table to use for your backend.config.{}
.
config/remote_state.config
See each vendor's documentation for detailed installation docs. Below is a TL;DR for OSX people.
brew install tfenv && tfenv install latest
brew install terragrunt
awscli
and configure it with your API keys
brew install awscli
aws configure
This is the only "stack" where we are forced to break just two rules: #1 - Use the local
backend with no remote locking. Commit the local state db into the git repo. #2 - Use wrapper process to populate the backend.config.{}
.
cp terraform/config/remote_state.config.example terraform/config/remote_state.config
remote_state.config
to your needscd terraform/live/global/terraform-remote-state
terragrunt apply
Now we are ready to create infrastructure.
This repo comes equipped an example of how you can launch a a webserver running on an EC2 Instance, and dependencies of a VPC and RDS MySQL instance.
cd terraform/live/stg
terragrunt apply-all
terragrunt destroy-all
If you have an App Stack you want to add:
modules/myappstack
and define all of your Terraform code, or better yet just pull in a module from Terraform Module Registry
live/{stg,prod}/myappstack/terragrunt.hcl
that calls the module from step 1.terragrunt apply
We welcome any and all contributions. Please create an Issue or a PR.
See LICENSE.md