This repository contains a Terragrunt blueprint with a common project structure.
- AWS provider
- AWS dummy module
- STACKIT cloud dummy module
- local backend
- gitlab remote backend
- STACKIT cloud s3 remote backend
- add some
export AWS_PROFILE=aws_dummy
export AWS_ACCOUNT_ID=123456789
# required if you want to use the gitlab backend
export TF_HTTP_PASSWORD=your_gitlab_token
export TF_HTTP_USERNAME=your_gitlab_user_name
cd deployments/terraform/env/dev/aws_dummy
terragrunt applyReference: https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs#authentication
Use the recommended "key flow" authentication. You should end up with two files in your home directory:
-
~/.stackit/credentials.json{ "STACKIT_SERVICE_ACCOUNT_KEY_PATH": "/Users/<username>/.stackit/key.json" }Note: relative paths like
~/.stackit/key.jsonwhere not working for me. -
~/.stackit/key.json{ "id": "uuid", "publicKey": "public key", "createdAt": "2023-08-24T14:15:22Z", "validUntil": "2023-08-24T14:15:22Z", "keyType": "USER_MANAGED", "keyOrigin": "USER_PROVIDED", "keyAlgorithm": "RSA_2048", "active": true, "credentials": { "kid": "string", "iss": "[email protected]", "sub": "uuid", "aud": "string", (optional) "privateKey": "private key when generated by the SA service" } }you can generate and download this file in the stackit cloud web console
If you like to use the s3 state backend you need to set the bucket credentials as environment variables:
export AWS_ACCESS_KEY_ID=AAAAAAAAAAAAAAAAAAAA
export AWS_SECRET_ACCESS_KEY=BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBcd deployments/terraform/env/stackit_dev/stackit_dummy
terragrunt apply
# cleanup
terragrunt plan -destroy -out=destroy.tfplan
terragrunt apply destroy.tfplanThis repository is a work in progress.