From d7674a14be9a92ade9c16c04404101f068a8514c Mon Sep 17 00:00:00 2001 From: Jan David Date: Fri, 3 May 2024 10:04:24 +0200 Subject: [PATCH] Support multiple AWS regions in Terragrunt Some of our Terraform modules deploy resources to different regions simultaneously. This is done by defining multiple `provider` blocks for AWS with different regions and different aliases, which can then be references in the Terraform resources. With Terragrunt, we are dynamically creating the `provider` block and overwriting any additional providers that are defined in Terraform files. Our script has therefore been extended to accept multiple regions in the `account.json` file and expand them to the same structure that we were using before with Terraform. --- terragrunt/accounts/bors-prod/account.json | 6 ++++- terragrunt/accounts/bors-staging/account.json | 6 ++++- .../accounts/crates-io-prod/account.json | 6 ++++- .../accounts/crates-io-staging/account.json | 10 +++++++- .../accounts/dev-desktops-prod/account.json | 6 ++++- terragrunt/accounts/legacy/account.json | 6 ++++- terragrunt/accounts/root/account.json | 6 ++++- .../accounts/sync-team-prod/account.json | 6 ++++- terragrunt/terragrunt-locals.py | 25 +++++++++++-------- 9 files changed, 59 insertions(+), 18 deletions(-) diff --git a/terragrunt/accounts/bors-prod/account.json b/terragrunt/accounts/bors-prod/account.json index 7ce810d26..a1801707e 100644 --- a/terragrunt/accounts/bors-prod/account.json +++ b/terragrunt/accounts/bors-prod/account.json @@ -1,6 +1,10 @@ { "aws": { "profile": "bors-prod", - "region": "us-east-2" + "regions": [ + { + "region": "us-east-2" + } + ] } } diff --git a/terragrunt/accounts/bors-staging/account.json b/terragrunt/accounts/bors-staging/account.json index 04d49ca70..17406635c 100644 --- a/terragrunt/accounts/bors-staging/account.json +++ b/terragrunt/accounts/bors-staging/account.json @@ -1,6 +1,10 @@ { "aws": { "profile": "bors-staging", - "region": "us-east-2" + "regions": [ + { + "region": "us-east-2" + } + ] } } diff --git a/terragrunt/accounts/crates-io-prod/account.json b/terragrunt/accounts/crates-io-prod/account.json index 3ace57de4..50e359651 100644 --- a/terragrunt/accounts/crates-io-prod/account.json +++ b/terragrunt/accounts/crates-io-prod/account.json @@ -1,6 +1,10 @@ { "aws": { "profile": "crates-io-prod", - "region": "us-west-1" + "regions": [ + { + "region": "us-west-1" + } + ] } } diff --git a/terragrunt/accounts/crates-io-staging/account.json b/terragrunt/accounts/crates-io-staging/account.json index a3300d35a..922a9d76b 100644 --- a/terragrunt/accounts/crates-io-staging/account.json +++ b/terragrunt/accounts/crates-io-staging/account.json @@ -1,6 +1,14 @@ { "aws": { "profile": "crates-io-staging", - "region": "us-west-1" + "regions": [ + { + "region": "us-west-1" + }, + { + "region": "us-east-1", + "alias": "us-east-1" + } + ] } } diff --git a/terragrunt/accounts/dev-desktops-prod/account.json b/terragrunt/accounts/dev-desktops-prod/account.json index 58d11175f..30cbb7cd6 100644 --- a/terragrunt/accounts/dev-desktops-prod/account.json +++ b/terragrunt/accounts/dev-desktops-prod/account.json @@ -1,6 +1,10 @@ { "aws": { "profile": "dev-desktops-prod", - "region": "us-east-1" + "regions": [ + { + "region": "us-east-1" + } + ] } } diff --git a/terragrunt/accounts/legacy/account.json b/terragrunt/accounts/legacy/account.json index be9d5cbab..79e4cd95c 100644 --- a/terragrunt/accounts/legacy/account.json +++ b/terragrunt/accounts/legacy/account.json @@ -1,6 +1,10 @@ { "aws": { "profile": null, - "region": "us-west-1" + "regions": [ + { + "region": "us-west-1" + } + ] } } diff --git a/terragrunt/accounts/root/account.json b/terragrunt/accounts/root/account.json index 5f56e0ae7..971d79e34 100644 --- a/terragrunt/accounts/root/account.json +++ b/terragrunt/accounts/root/account.json @@ -1,6 +1,10 @@ { "aws": { "profile": "rust-root", - "region": "us-east-1" + "regions": [ + { + "region": "us-east-1" + } + ] } } diff --git a/terragrunt/accounts/sync-team-prod/account.json b/terragrunt/accounts/sync-team-prod/account.json index 3d39c0bf1..863d92a08 100644 --- a/terragrunt/accounts/sync-team-prod/account.json +++ b/terragrunt/accounts/sync-team-prod/account.json @@ -1,6 +1,10 @@ { "aws": { "profile": "sync-team-prod", - "region": "us-east-2" + "regions": [ + { + "region": "us-east-2" + } + ] } } diff --git a/terragrunt/terragrunt-locals.py b/terragrunt/terragrunt-locals.py index 02305def6..b416c8b0a 100755 --- a/terragrunt/terragrunt-locals.py +++ b/terragrunt/terragrunt-locals.py @@ -56,20 +56,25 @@ def calculate_remote_state_key(account_json_file, terragrunt_dir): def calculate_providers_content(account_json): - if account_json["aws"]["profile"] is not None: - return f""" -provider "aws" {{ - profile = "{account_json["aws"]["profile"]}" - region = "{account_json["aws"]["region"]}" -}} -""" - else: - return f""" + providers = "" + + for region in account_json["aws"]["regions"]: + body = f' region = "{region["region"]}"' + + if account_json["aws"]["profile"] is not None: + body += f'\n profile = "{account_json["aws"]["profile"]}"' + + if "alias" in region: + body += f'\n alias = "{region["alias"]}"' + + providers += f""" provider "aws" {{ - region = "{account_json["aws"]["region"]}" +{body} }} """ + return providers + def profile_args(account_json): if account_json["aws"]["profile"] is not None: