Terragrunt vs Terraform: A Practical Guide

Chinnayya ChinthaChinnayya Chintha
5 min read

Infrastructure as Code (IaC) tools have revolutionized how teams manage and provision their cloud resources. Among these tools, Terraform and its wrapper, Terragrunt, are two popular choices. While Terraform is an excellent tool for defining and provisioning infrastructure, Terragrunt enhances it with features that simplify management, especially for large-scale, multi-environment setups. This article explores the key differences between Terraform and Terragrunt, their unique features, and practical examples to help you understand when and how to use each tool.

Prerequisites

Before diving into Terragrunt and Terraform, ensure the following prerequisites are met:

  1. Install Terraform:

    • Download the latest Terraform binary from Terraform Downloads.

    • Add the binary to your system's PATH.

    • Verify the installation:

        terraform version

  2. Install Terragrunt:

    • Download the latest Terragrunt binary from Terragrunt Releases.

    • Add the binary to your system's PATH.

    • Verify the installation:

        terragrunt version

  3. Install Terraform and Terragrunt on Ubuntu:

    • Update your system and install dependencies:

        sudo apt update
  sudo apt install -y curl unzip

    • Install Terraform:

        curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
  echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
  sudo apt update
  sudo apt install terraform

    • Install Terragrunt:

        curl -L https://github.com/gruntwork-io/terragrunt/releases/latest/download/terragrunt_linux_amd64 -o terragrunt
  chmod +x terragrunt
  sudo mv terragrunt /usr/local/bin/

    • Verify installations:

        terraform version
  terragrunt version

  4. Configure AWS CLI (if using AWS):

    • Install AWS CLI and configure it with your credentials:

        aws configure

  5. Access to Terraform Code:

    • Ensure you have existing Terraform code or modules ready to be integrated with Terragrunt.

What is Terraform?

Terraform is an open-source IaC tool developed by HashiCorp. It allows users to define, provision, and manage infrastructure resources using a declarative configuration language called HCL (HashiCorp Configuration Language). Terraform enables consistent and repeatable provisioning of infrastructure across various cloud providers like AWS, Azure, GCP, and on-premise systems.

Key Features of Terraform:

  • Modularity: Supports reusable modules for resource definitions.

  • State Management: Tracks infrastructure changes using a state file.

  • Multi-Provider Support: Works with multiple cloud providers and third-party services.

  • Plan and Apply: Allows you to preview changes before applying them.

What is Terragrunt?

Terragrunt is a lightweight wrapper around Terraform that simplifies and enhances its functionality. It is designed to make working with Terraform in complex environments easier by focusing on code reuse, managing dependencies, and simplifying remote state configurations.

Key Features of Terragrunt:

  • Code Reuse with DRY Principle: Share and reuse Terraform configurations using terragrunt.hcl files.

  • Remote State Management: Automates backend configurations for Terraform’s state files.

  • Dependency Management: Easily manage dependencies between Terraform modules.

  • Dynamic Configuration: Inject variables dynamically for different environments (e.g., dev, staging, prod).

  • Execution Wrapper: Adds features like locking, retries, and fail-safe execution for Terraform commands.

Key Differences Between Terraform and Terragrunt

FeatureTerraformTerragrunt
Primary UseDefines and provisions infrastructure resources.Simplifies and enhances the use of Terraform, particularly for multi-environment setups.
Code ReuseRequires manual setup with modules and repetitive configurations.Implements the DRY principle with shared configurations and terragrunt.hcl.
State ManagementUsers must manually configure remote backends for each environment.Automates and centralizes backend configurations for remote state.
Dependency HandlingManages dependencies manually using outputs and variable inputs.Provides native dependency management using dependency blocks.
Ease of UseStraightforward for small projects but can become complex for larger setups.Ideal for managing large, multi-environment, and multi-team projects.

Practical Examples

Example 1: Basic Terraform Setup

Here’s an example of setting up an S3 bucket using Terraform:

Folder Structure

project
├── main.tf
├── variables.tf
└── outputs.tf

main.tf

provider "aws" {
  region = var.region
}

resource "aws_s3_bucket" "example" {
  bucket = var.bucket_name
  acl    = "private"
}

variables.tf

variable "region" {
  default = "us-east-1"
}

variable "bucket_name" {}

outputs.tf

output "bucket_name" {
  value = aws_s3_bucket.example.bucket
}

To deploy:

terraform init
terraform plan
terraform apply

Example 2: Terragrunt Setup for Multi-Environment Management

Let’s enhance the above example for managing multiple environments using Terragrunt.

Folder Structure

project
├── modules
│   └── s3
│        ├── main.tf
│        ├── variables.tf
│        └── outputs.tf
├── environments
    ├── dev
    │   └── terragrunt.hcl
    ├── staging
    │   └── terragrunt.hcl
    └── prod
        └── terragrunt.hcl

modules/s3/main.tf

resource "aws_s3_bucket" "example" {
  bucket = var.bucket_name
  acl    = "private"
}

variable "bucket_name" {}

environments/dev/terragrunt.hcl

terraform {
  source = "../../modules/s3"
}

inputs = {
  bucket_name = "dev-bucket"
}

remote_state {
  backend = "s3"
  config = {
    bucket         = "terraform-state"
    key            = "dev/terraform.tfstate"
    region         = "us-east-1"
    dynamodb_table = "terraform-locks"
    encrypt        = true
  }
}

environments/prod/terragrunt.hcl

terraform {
  source = "../../modules/s3"
}

inputs = {
  bucket_name = "prod-bucket"
}

remote_state {
  backend = "s3"
  config = {
    bucket         = "terraform-state"
    key            = "prod/terraform.tfstate"
    region         = "us-east-1"
    dynamodb_table = "terraform-locks"
    encrypt        = true
  }
}

To deploy the dev environment:

cd environments/dev
terragrunt init
terragrunt plan
terragrunt apply

Benefits of Using Terragrunt

  1. Centralized State Management: Automates remote state configurations, reducing manual effort and errors.

  2. Reusability: DRY principle eliminates code duplication across environments.

  3. Dependency Management: Automatically resolves dependencies, streamlining multi-module workflows.

  4. Multi-Environment Support: Simplifies managing environments like dev, staging, and prod.

  5. Ease of Scaling: Easily add new environments or resources with minimal changes.

When to Use Terraform vs Terragrunt

Use Terraform When:

  • You are managing a single environment or a small project.

  • You want direct control over backend configurations and state management.

  • The complexity of dependencies and multi-environment setups is low.

Use Terragrunt When:

  • You are managing multi-environment setups (e.g., dev, staging, prod).

  • You want to enforce the DRY principle for reusable configurations.

  • Your project involves complex state management and dependencies.

Conclusion

Terraform and Terragrunt are both powerful tools, each suited for different use cases. While Terraform is an excellent choice for defining and provisioning infrastructure, Terragrunt simplifies and enhances its functionality for large-scale, multi-environment projects. By understanding the key differences and applying the practical examples shared in this guide, you can choose the right tool for your infrastructure needs and improve the efficiency of your workflows.

Ready to simplify your Terraform workflows? Give Terragrunt a try in your next project!

0
Subscribe to my newsletter

Read articles from Chinnayya Chintha directly inside your inbox. Subscribe to the newsletter, and don't miss out.

terragruntTerraformAWSTerraform vs Terragrunt

Written by

Chinnayya Chintha
Chinnayya Chintha

I am 𝗖𝗵𝗶𝗻𝗻𝗮𝘆𝘆𝗮 𝗖𝗵𝗶𝗻𝘁𝗵𝗮, 𝗮 𝗿𝗲𝘀𝘂𝗹𝘁𝘀-𝗱𝗿𝗶𝘃𝗲𝗻 𝗦𝗶𝘁𝗲 𝗥𝗲𝗹𝗶𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗘𝗻𝗴𝗶𝗻𝗲𝗲𝗿 (𝗦𝗥𝗘) with proven expertise in 𝗮𝘂𝘁𝗼𝗺𝗮𝘁𝗶𝗻𝗴, 𝗮𝗻𝗱 𝗺𝗮𝗻𝗮𝗴𝗶𝗻𝗴 𝘀𝗲𝗰𝘂𝗿𝗲, 𝘀𝗰𝗮𝗹𝗮𝗯𝗹𝗲, 𝗮𝗻𝗱 𝗿𝗲𝗹𝗶𝗮𝗯𝗹𝗲 𝗶𝗻𝗳𝗿𝗮𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲 𝘀𝗼𝗹𝘂𝘁𝗶𝗼𝗻𝘀. My experience spans 𝗰𝗹𝗼𝘂𝗱-𝗻𝗮𝘁𝗶𝘃𝗲 𝘁𝗲𝗰𝗵𝗻𝗼𝗹𝗼𝗴𝗶𝗲𝘀, 𝗖𝗜/𝗖𝗗 𝗮𝘂𝘁𝗼𝗺𝗮𝘁𝗶𝗼𝗻, 𝗮𝗻𝗱 𝗜𝗻𝗳𝗿𝗮𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲 𝗮𝘀 𝗖𝗼𝗱𝗲 (𝗜𝗮𝗖), enabling me to deliver 𝗵𝗶𝗴𝗵-𝗽𝗲𝗿𝗳𝗼𝗿𝗺𝗶𝗻𝗴 𝘀𝘆𝘀𝘁𝗲𝗺𝘀 that enhance operational efficiency and drive innovation. As a 𝗙𝗿𝗲𝗲𝗹𝗮𝗻𝗰𝗲 𝗦𝗶𝘁𝗲 𝗥𝗲𝗹𝗶𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗘𝗻𝗴𝗶𝗻𝗲𝗲𝗿, I specialize in: ✅𝗜𝗺𝗽𝗹𝗲𝗺𝗲𝗻𝘁𝗶𝗻𝗴 𝘀𝗲𝗰𝘂𝗿𝗲 𝗮𝗻𝗱 𝘀𝗰𝗮𝗹𝗮𝗯𝗹𝗲 𝗽𝗮𝘆𝗺𝗲𝗻𝘁 𝗴𝗮𝘁𝗲𝘄𝗮𝘆 𝘀𝗼𝗹𝘂𝘁𝗶𝗼𝗻𝘀 𝘂𝘀𝗶𝗻𝗴 𝗔𝗪𝗦 𝘀𝗲𝗿𝘃𝗶𝗰𝗲𝘀 𝗹𝗶𝗸𝗲 𝗔𝗣𝗜 𝗚𝗮𝘁𝗲𝘄𝗮𝘆, 𝗟𝗮𝗺𝗯𝗱𝗮, 𝗮𝗻𝗱 𝗗𝘆𝗻𝗮𝗺𝗼𝗗𝗕.. ✅𝗔𝘂𝘁𝗼𝗺𝗮𝘁𝗶𝗻𝗴 𝗶𝗻𝗳𝗿𝗮𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲 𝗽𝗿𝗼𝘃𝗶𝘀𝗶𝗼𝗻𝗶𝗻𝗴 with 𝗧𝗲𝗿𝗿𝗮𝗳𝗼𝗿𝗺. ✅𝗢𝗽𝘁𝗶𝗺𝗶𝘇𝗶𝗻𝗴 𝗺𝗼𝗻𝗶𝘁𝗼𝗿𝗶𝗻𝗴 using 𝗖𝗹𝗼𝘂𝗱𝗪𝗮𝘁𝗰𝗵. ✅Ensuring compliance with 𝗣𝗖𝗜-𝗗𝗦𝗦 𝘀𝘁𝗮𝗻𝗱𝗮𝗿𝗱𝘀 through 𝗲𝗻𝗰𝗿𝘆𝗽𝘁𝗶𝗼𝗻 𝗺𝗲𝗰𝗵𝗮𝗻𝗶𝘀𝗺𝘀 ✅implemented with 𝗔𝗪𝗦 𝗞𝗠𝗦 and 𝗦𝗲𝗰𝗿𝗲𝘁𝘀 𝗠𝗮𝗻𝗮𝗴𝗲𝗿. These efforts have resulted in 𝗲𝗻𝗵𝗮𝗻𝗰𝗲𝗱 𝘁𝗿𝗮𝗻𝘀𝗮𝗰𝘁𝗶𝗼𝗻 𝗿𝗲𝗹𝗶𝗮𝗯𝗶𝗹𝗶𝘁𝘆 and 𝘀𝘁𝗿𝗲𝗮𝗺𝗹𝗶𝗻𝗲𝗱 𝗼𝗽𝗲𝗿𝗮𝘁𝗶𝗼𝗻𝗮𝗹 𝘄𝗼𝗿𝗸𝗳𝗹𝗼𝘄𝘀 for payment processing systems. I am passionate about 𝗺𝗲𝗻𝘁𝗼𝗿𝗶𝗻𝗴 𝗮𝗻𝗱 𝗸𝗻𝗼𝘄𝗹𝗲𝗱𝗴𝗲 𝘀𝗵𝗮𝗿𝗶𝗻𝗴, having delivered 𝗵𝗮𝗻𝗱𝘀-𝗼𝗻 𝘁𝗿𝗮𝗶𝗻𝗶𝗻𝗴 in 𝗰𝗹𝗼𝘂𝗱 𝘁𝗲𝗰𝗵𝗻𝗼𝗹𝗼𝗴𝗶𝗲𝘀, 𝗞𝘂𝗯𝗲𝗿𝗻𝗲𝘁𝗲𝘀, 𝗮𝗻𝗱 𝗮𝘂𝘁𝗼𝗺𝗮𝘁𝗶𝗼𝗻. My proactive approach helps me anticipate system challenges and create 𝗿𝗼𝗯𝘂𝘀𝘁, 𝘀𝗰𝗮𝗹𝗮𝗯𝗹𝗲 𝘀𝗼𝗹𝘂𝘁𝗶𝗼𝗻𝘀 𝘁𝗵𝗮𝘁 𝗲𝗻𝗵𝗮𝗻𝗰𝗲 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆, 𝗰𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲, 𝗮𝗻𝗱 𝗼𝗽𝗲𝗿𝗮𝘁𝗶𝗼𝗻𝗮𝗹 𝗲𝗳𝗳𝗶𝗰𝗶𝗲𝗻𝗰𝘆. Dedicated to 𝗰𝗼𝗻𝘁𝗶𝗻𝘂𝗼𝘂𝘀 𝗹𝗲𝗮𝗿𝗻𝗶𝗻𝗴, I stay updated with 𝗲𝗺𝗲𝗿𝗴𝗶𝗻𝗴 𝘁𝗲𝗰𝗵𝗻𝗼𝗹𝗼𝗴𝗶𝗲𝘀 and thrive on contributing to 𝘁𝗿𝗮𝗻𝘀𝗳𝗼𝗿𝗺𝗮𝘁𝗶𝘃𝗲 𝗽𝗿𝗼𝗷𝗲𝗰𝘁𝘀 that push boundaries in technology.