Reputation: 7559
How should global resources be declared in Terragrunt?
I need to create a single Azure Container Registry. I'm using Terragrunt to manage several environments in Azure. My simplified layout looks similar to this:
/modules
/environments
/development
/staging
/production
The registry does not really fit in any of these environments since it is shared. Is there a "best practices" way to create one-off global resources such as a container registry? I could not come up with a way that I liked that didn't feel wrong.
Upvotes: 2
Views: 1175
Answers (2)
Reputation: 34426
You can create a directory structure similar to the following:
account
├── _global
│ └── acr
├── dev
├── prod
└── stage
For each Azure account/subscription you have, create a top level account directory. Within that directory, at the top level, set up a _global folder for resources that are global to that account. Also create subdirectories for each environment.
Gruntwork's example repo is a good reference.
Upvotes: 1
Reputation: 339
Not Azure specific, but have gone through a similar exercise, I assume there are global objects that associated with your account and not an environment. This is the case in AWS with VPCs, instances etc, though items like IAM (user,role,role policy management) are owned by the account, so after a bit of trail and error I came up with the following at the same root as dev, staging, and prod....there are sub repositories of global mainly to keep down on the change scope.
All of the dev,stage,prod use the global directory through terraform_remote_state, actually dependency since i'm using terragrunt, but its analogous.
HTH
tree global
global
├── cloud_watch_alarm.tf
├── dynamo_db
│ └── terragrunt.hcl
├── iam
│ ├── iam_groups.tf
│ ├── iam_instance_profile.tf
│ ├── iam_policies.tf
│ ├── iam_policy_attachment.tf
│ ├── iam_role_policies.tf
│ ├── iam_roles.tf
│ ├── iam_user_group_membership.tf
│ ├── iam_users.tf
│ ├── main.tf
│ ├── provider.tf
│ ├── terragrunt.hcl
│ └── variables.tf
├── main.tf
├── s3
│ ├── main.tf
│ ├── provider.tf
│ ├── s3-ohio.tf
│ ├── s3.tf
│ └── terragrunt.hcl
├── sns_topic_subscription.tf
├── sns_topic.tf
├── sqs.tf
├── terragrunt.hcl
└── variables.tf
EDIT: Alas i can't state my practice is best, i asked the same question and got a similar answer
Upvotes: 1
Related Questions
- How to define global variables in terraform?
- How to declare a managed resource in Terraform sub-folder
- How to reference a resource created by a Terraform module
- Terragrunt - variables declarations
- How to define global variables for a Terragrunt deployment
- Terraform convention: Should I declare a "constant" as a variable or local?
- Terragrunt Global Variables
- How to generalize resources etc in terraform?
- Referring to resources named with variables in Terraform
- Need to understand terraform resource structure