Discover Terragrunt: An Advanced Guide Beyond Terraform 🌟

Gopika JayakrishnanGopika Jayakrishnan
6 min read

Table of contents

What Is Terragrunt?

Terragrunt is an open-source tool developed by GruntWork that helps manage Terraform configurations with ease. By reducing code duplication, it keeps your Terraform code DRY (Don't Repeat Yourself). Terraform itself is a powerful Infrastructure as Code (IaC) tool used for defining and provisioning infrastructure on various cloud platforms like AWS, GCP, and Azure.

Why Terragrunt? πŸš€

Terraform is fantastic for defining infrastructure configurations, but managing these configurations across multiple environments and accounts can be complex. This is where Terragrunt comes in, offering additional features and enhancements that make managing Terraform configurations easier and more scalable. Here’s how Terragrunt elevates your Terraform experience:

Key Features of Terragrunt πŸ› οΈ

1. Remote State Management 🌐 Terragrunt simplifies the management of Terraform remote state by automatically configuring remote state storage and locking. This helps prevent conflicts when multiple users are working on the same infrastructure, ensuring a smooth and efficient workflow.

2. Dependency and Environment Management 🌲 Terragrunt allows you to define dependencies between Terraform modules, ensuring they are applied in the correct order. It also facilitates managing multiple environments by allowing you to define configuration overrides and variable values for each environment.

3. DRY Configuration 🧹 Terragrunt helps you avoid code duplication by providing mechanisms to reuse code across multiple Terraform configurations. This keeps your codebase clean and maintainable.

4. Multi-Environment Orchestration 🌍 Terragrunt streamlines the orchestration of multiple environments by clearly segregating them. This makes it easier to manage Terraform code across different AWS, GCP, and Azure accounts.

5. Hooks for Automation βš™οΈ Terragrunt introduces hooks, which are powerful triggers for executing actions before or after Terraform commands are run. These hooks provide a flexible way to integrate various behaviors into your Terraform workflow.

6. CI/CD Integration πŸ“¦ You can integrate Terragrunt with your CI/CD pipelines for automatic infrastructure deployment on various cloud platforms like AWS, GCP, and Azure. This makes your deployment process faster and more reliable.

7. Secure Secret Management πŸ”’ Terragrunt can be integrated with external secret management tools like HashiCorp Vault or AWS Secrets Manager. This enables secure handling of sensitive data within your Terraform configurations, ensuring robust security measures while managing sensitive data.

Common Terragrunt Commands πŸ“œ

Here are some Terragrunt commands that you can use in place of basic Terraform commands:

  • terragrunt init

  • terragrunt plan

  • terragrunt apply

  • terragrunt output

  • terragrunt destroy

How Terragrunt Revolutionizes AWS Credential Management πŸŒπŸ”’

Terragrunt is transforming AWS credential management by providing a secure and flexible method for specifying IAM roles during deployment. With the --terragrunt-iam-role CLI argument or the TERRAGRUNT_IAM_ROLE environment variable, users can effortlessly define the IAM role to be used during infrastructure provisioning.

Terragrunt leverages the sts-assume-role API to retrieve temporary credentials seamlessly. This means you can deploy infrastructure across different environments without storing AWS credentials in plaintext. Terragrunt’s support for specifying IAM roles marks a significant shift in AWS credential management, offering a robust solution for securely and conveniently deploying infrastructure without compromising security. πŸŒŸπŸš€

Installation of Terragrunt πŸ“₯

To install the Terragrunt, make sure you have already installed the Terraform before.

  • Follow this link to install Terraform.

  • Download the Terragrunt binary from the here.

  • Select the correct binary for your Operating System.

  • Copy the link and download on your terminal using the wget command. For Example: wget https://github.com/gruntwork-io/terragrunt/releases/download/v0.54.19/terragrunt_linux_amd64

  • Rename the binary to terragrunt: mv terragrunt_linux_amd64 terragrunt

  • Make the file executable by using the command: chmod u+x terragrunt

  • Move the file to the /usr/local/bin directory using the command: `sudo mv terragrunt /usr/local/bin/terragrunt'

  • To verify your installation, run the command: terragrunt --version.

Case Study: Managing Infrastructure with Terragrunt 🌐

Let’s explore how Terragrunt can simplify managing infrastructure with a practical example. We'll use a scenario where we want to create an EC2 instance using Terraform and Terragrunt.

Scenario Overview πŸš€

In this example, we'll manage the creation of an EC2 instance on AWS using Terraform. We will then enhance this setup with Terragrunt to manage the configuration across different environments more efficiently.

Sample Terraform Code for Creating an EC2 Instance πŸ–₯️

Here’s a basic Terraform configuration to create an EC2 instance:

terraform {
required_providers {
    aws = {
        source = "hashicorp/aws"
        version = "~> 4.16"
        }
    }
    required_version = ">= 1.2.0"
}

provider "aws" {
    region = "us-west-2"
}

resource "aws_instance" "app_server" {
ami = "ami-830c94e3"
instance_type = "t2.micro"

tags = {
    Name = "ExampleAppServerInstance"
    }
}

In this we can see the main problem is that, how do you create this instance across several environments?

Ordinarily, you wants to duplicate the same code for each environment and then modify the parameters. You may wish to specify different instance types for each environment. For example, you might want to use a t2.micro instance for development environment, a t3.medium for test environment and a t2.large for production.

The problem is that this would be a very manual process -inefficient and leaves plenty room for errors. Using Terragrunt, we can improve this code without having to copy and paste the code across several environments.

Also these environments might be spread out across different AWS accounts and you'd also have to worry about managing the different AWS credentials and IAM roles required. The terraform backend does not support variables or any type of expression whatsoever. So you would have to manually copy and edit the backend configuration code for each of the environments.

Working With Terragrunt

First we need to create seperate directories for each of the enviornments like test production and dev In each of the directories, a terragrunt.hcl file will be created.

This is how terragrunt.hcl file looks like:

terraform {
    source = "tfr:///terraform-aws-modules/ec2-instance/aws?version=5.6.0"
}

generate "provider" {
    path = "provider.tf"
    if_exists = "overwrite_terragrunt"
    contents = <<EOF
    provider "aws" {
        profile = "default"
        region = "us-east-1"
        }
    EOF
}

inputs = {
    ami = "ami-0005e0cfe09cc9050"
    instance_type = "t2.micro"
    tags = {
        Name = "grunt-ec2"
        }
    }

Now In the case I have to replicate this in my test directory with a very few changes. The instance type for test directory will be t2.medium, the tags have also been modified to reflect the environment.

This is how terragrunt.hcl of test environment looks like:

terraform {
    source = "tfr:///terraform-aws-modules/ec2-instance/aws?version=5.6.0"
}

generate "provider" {
    path = "provider.tf"
    if_exists = "overwrite_terragrunt"
    contents = <<EOF
    provider "aws" {
        profile = "default"
        region = "us-east-1"
        }
    EOF
}

inputs = {
    ami = "ami-0005e0cfe09cc9050"
    instance_type = "t2.medium"
    tags = {
        Name = "grunt-test-ec2"
        Environment = "test"
        }
    }

The next stage is to execute terragrunt commands to read our configuration and invoke terraform with it.

  • Switch to the dev directory.

  • First, run the command terragrunt init.

  • Now run terragrunt plan command to see proposed infrastructure changes.

  • Then, Finally run terragrunt apply command to actually create the instance.

Conclusion

Terragrunt enhances the usability and scalability of Terraform configurations, making it easier for teams to manage infrastructure as code in complex environments. By integrating features like remote state management, dependency management, DRY configuration, hooks, and secure secret management, Terragrunt makes Terraform even more powerful and efficient. Whether you're working with AWS, GCP, or Azure, Terragrunt can simplify and streamline your infrastructure management process.

Ready to take your Terraform experience to the next level? Give Terragrunt a try and see the difference for yourself! πŸŽ‰

If you found this information helpful, please like, follow and share to spread the knowledge Thank You !!🀝✨.

2
Subscribe to my newsletter

Read articles from Gopika Jayakrishnan directly inside your inbox. Subscribe to the newsletter, and don't miss out.

TerraformterragruntTerraform vs Terragrunt AWSec2Devops#IaCInfrastructure as codeinfrastructurePythonJavaScriptCSS

Written by

Gopika Jayakrishnan
Gopika Jayakrishnan

😊 I'm a Cloud DevOps engineer ☁️. I develop, deploy, and maintain software applications in cloud environments, ensuring they are scalable, reliable, and secure πŸ”’. My expertise lies in programming languages and cloud platforms, and I work collaboratively to deliver innovative solutions that meet business needs πŸš€.