Terragrunt: How can I share remote_state infos between modules and stay DRY?
I have two modules vpc and vpn and I use this remote_state config in my root terragrunt.hcl
root
โโโ modules
โ โโโ vpc
โ โ โโโ backend.tf
โ โ โโโ provider.tf
โ โ โโโ vpc.tf
โ โโโ vpn
โ โโโ backend.tf
โ โโโ provider.tf
โ โโโ vpn.tf
โโโ prod
โ โโโ vpc
โ โ โโโ terragrunt.hcl
โ โโโ vpn
โ โโโ terragrunt.hcl
โโโ terragrunt.hcl
remote_state {
backend = "s3"
config = {
bucket = "test-tf-state"
key = "${path_relative_to_include()}/terraform.tfstate"
region = "eu-central-1"
encrypt = true
dynamodb_table = "test-tf-lock-table"
}
}
data "terraform_remote_state" "vpc" {
backend = "s3"
config = {
bucket = "${var.bucket}"
key = "${var.key}"
region = "${var.region}"
encrypt = true
dynamodb_table = "${var.lock-table}"
}
}
In my vpn module I need data from the vpc module, so I have to use data sources from terraform_remote_state. But now I can't access the data from the remote_state and I can't use variables in the remote_state.
What is the best way to stay clean and don't repeat myself?
hniemann
All 5 comments
Here's how I do it with AWS S3:
- use distinct S3 buckets per environment
- use root terraform.hcl per env
- no common terraform.hcl across envs - usually not a problem
# root/prod/terragrunt.hcl
remote_state {
backend = "s3"
config = {
bucket = "tfstate.prod.example.com"
region = "us-west-2"
key = "${path_relative_to_include()}/terraform.tfstate"
encrypt = true
dynamodb_table = "terraform-locks"
s3_bucket_tags = {
Name = "Terraform state storage"
Terraform = "true"
}
dynamodb_table_tags = {
Name = "Terraform lock table"
Terraform = "true"
}
}
}
inputs = {
terraform_state_bucket = "tfstate.prod.example.com"
terraform_state_region = "us-west-2"
vpc_state_file = "vpc/terraform.tfstate"
vpn_state_file = "vpn/terraform.tfstate"
}
# root/modules/vpn/data.tf
# VPN module reading VPC module state file
data "terraform_remote_state" "vpc" {
backend = "s3"
config = {
bucket = var.terraform_state_bucket
region = var.terraform_state_region
key = var.vpc_state_file
}
}
This is the best I could come up with, sadly the remote state part cannot use variables, so you get some variable duplication there.
Sadly I didn't find any way of not having to define the full path to the state files in the bucket, so you need to know your folder structure in the root terragrunt.hcl file. :(
reegnz
on 24 Jul 2019
Hi reegnz,
thanks for sharing your approach. That's works for me...
Variables in the remote state part would be great and it would help to improve the DRY approach.
Best regards
hniemann
on 26 Jul 2019
Would the new, dependency block system help here? This is an alternative to using remote_state to message pass across modules that was introduced in v0.19.20. You can learn more about it in the current README.
Note that if you want to use this, we rolled out a few bugfixes since then so you will want to use the latest version.
yorinasub17
on 17 Oct 2019
Most definitely. I have migrated from terraform_remote_state to dependency block of terragrunt and it works beautifully.
reegnz
on 17 Oct 2019
Hi reegnz can you tell me how you use terragrunt source and structure resolve the above problem i got source file path error and lot of confusion..
venu1428
on 24 Oct 2019
Related issues
ozbillwang
ยท
3Comments
michelzanini
ยท
3Comments
mmorianos
ยท
3Comments
goseeped
ยท
3Comments
lsc
ยท
4Comments
Most helpful comment
Most definitely. I have migrated from
terraform_remote_statetodependencyblock of terragrunt and it works beautifully.