Terraform & terragrunt over AWS
Terraform
Required by Terragrunt. Installation
sudo wget -O /tmp/terraform.zip $(curl -s https://www.terraform.io/downloads.html | grep linux_amd64.zip | cut -d'"' -f2)
unzip /tmp/terraform.zip -d /usr/local/bin
chmod +x /usr/local/bin/terraform
Terragrunt
Latest linux release download link
curl -s https://api.github.com/repos/gruntwork-io/terragrunt/releases/latest | jq '.assets|.[]|select(.name=="terragrunt_linux_amd64")|.browser_download_url'
Installation
sudo wget -O /usr/local/bin/terragrunt $(curl -s https://api.github.com/repos/gruntwork-io/terragrunt/releases/latest | jq '.assets|.[]|select(.name=="terragrunt_linux_amd64")|.browser_download_url')
sudo chmod +x /usr/local/bin/terragrunt
Export your AWS access & secret. If needed generate one from your IAM user (not the root user account, never !) from https://console.aws.amazon.com/iam/home?#/home
export AWS_ACCESS_KEY_ID=AKIA.............
export AWS_SECRET_ACCESS_KEY=kxT......
First is plan terragrunt plan to check code & planned result. The terragrunt apply. And terraform destroy to remove ressources.
If outputs.tf was modified, terragrunt refresh is enought to refresh the output without recreating the ressource.
Debugging the instance
SSH onto host : either via a SSH bastion, or allow port 22 and public IP, whatever, anyway make sure you dropped your SSH public key first in ec2-user (for Amazon Linux) during cloud-init.
Just to avoid typing ec2-user@ and removing previous instance key from known_hosts, add this ~/.ssh/config
Host *.compute.amazonaws.com
User ec2-user
StrictHostKeyChecking no
- Cloud init can be launched in debug via
/usr/bin/cloud-init -d modules - Logs will be in
/var/log/cloud-init-output.logand/var/log/cloud-init.log. - Scripts are in
/var/lib/cloud/instance/scripts/part-001(002, 003...)
Usefull AWS specific
Most instance should be able to
aws --region eu-central-1 ec2 describe-instances
The gateway can provides some informations too
curl http://169.254.169.254/latest/meta-data/