Required by Terragrunt. Installation

sudo wget -O /tmp/terraform.zip $(curl -s https://www.terraform.io/downloads.html | grep linux_amd64.zip | cut -d'"' -f2)
unzip /tmp/terraform.zip -d /usr/local/bin
chmod +x /usr/local/bin/terraform


Latest linux release download link

curl -s https://api.github.com/repos/gruntwork-io/terragrunt/releases/latest | jq '.assets|.[]|select(.name=="terragrunt_linux_amd64")|.browser_download_url'


sudo wget -O /usr/local/bin/terragrunt $(curl -s https://api.github.com/repos/gruntwork-io/terragrunt/releases/latest | jq '.assets|.[]|select(.name=="terragrunt_linux_amd64")|.browser_download_url')
sudo chmod +x /usr/local/bin/terragrunt

Export your AWS access & secret. If needed generate one from your IAM user (not the root user account, never !) from https://console.aws.amazon.com/iam/home?#/home

export AWS_ACCESS_KEY_ID=AKIA............. 
export AWS_SECRET_ACCESS_KEY=kxT......

First is plan terragrunt plan to check code & planned result. The terragrunt apply. And terraform destroy to remove ressources.

If outputs.tf was modified, terragrunt refresh is enought to refresh the output without recreating the ressource.

Debugging the instance

SSH onto host : either via a SSH bastion, or allow port 22 and public IP, whatever, anyway make sure you dropped your SSH public key first in ec2-user (for Amazon Linux) during cloud-init.

Just to avoid typing ec2-user@ and removing previous instance key from known_hosts, add this ~/.ssh/config

Host *.compute.amazonaws.com
    User ec2-user
    StrictHostKeyChecking no
  • Cloud init can be launched in debug via /usr/bin/cloud-init -d modules
  • Logs will be in /var/log/cloud-init-output.log and /var/log/cloud-init.log.
  • Scripts are in /var/lib/cloud/instance/scripts/part-001 (002, 003...)

Usefull AWS specific

Most instance should be able to

aws --region eu-central-1 ec2 describe-instances

The gateway can provides some informations too