Skip to content

MBaranekTech/terraform-terragrunt-aws-environments

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

3 Commits
live
live
Β 
Β 
modules/s3
modules/s3
Β 
Β 
.gitignore
.gitignore
Β 
Β 
README.md
README.md
Β 
Β 

Repository files navigation

Terraform + Terragrunt Multi-Environment AWS (Part 2)

Multi-environment AWS infrastructure using Terragrunt (dev/test/prod) with remote state. It also includes:

  • S3 remote backend
  • DynamoDB state locking
  • Environment inheritance
  • Reusable modules

🧱 Skills Practiced

  • Terragrunt folder hierarchy
  • DRY Terragrunt configuration
  • Remote backend (S3 + DynamoDB)
  • Managing multiple AWS environments

πŸ“ Project Structure

terraform-terragrunt-aws-environments/
β”œβ”€β”€ live/
β”‚   β”œβ”€β”€ dev/
β”‚   β”‚   └── s3/
β”‚   β”‚       └── terragrunt.hcl
β”‚   β”œβ”€β”€ test/
β”‚   β”‚   └── s3/
β”‚   β”‚       └── terragrunt.hcl
β”‚   └── prod/
β”‚       └── s3/
β”‚           └── terragrunt.hcl
β”œβ”€β”€ modules/
β”‚   └── s3/
β”‚       β”œβ”€β”€ main.tf
β”‚       β”œβ”€β”€ variables.tf
β”‚       └── outputs.tf
β”œβ”€β”€ README.md
└── .gitignore

πŸ” Remote State & Locking

This setup uses:
S3 bucket: for storing Terraform state
DynamoDB table: for locking to prevent concurrent state writes
To create DynamoDB table manually (if required): 

aws dynamodb create-table --table-name terraform-locks --attribute-definitions AttributeName=LockID,AttributeType=S --key-schema AttributeName=LockID,KeyType=HASH --billing-mode PAY_PER_REQUEST --region us-west-2

Confirm table creation

aws dynamodb list-tables --region us-west-2
You should see:
{
    "TableNames": [
        "terraform-locks"
    ]
}
SnΓ­mek obrazovky 2025-11-23 152604

How to Deploy

Initialize Terragrunt:

cd live/dev/s3
terragrunt init

Apply changes:

terragrunt apply

Repeat for test and prod folders.

SnΓ­mek obrazovky 2025-11-23 152633

🧹 Cleanup / Destroy

To remove all resources:

terragrunt destroy -auto-approve
aws s3 rb s3://<state-bucket> --force --region <region>
aws dynamodb delete-table --table-name <lock-table> --region <region>

# Destroy Terraform-managed resources
cd live/dev/s3  
terragrunt destroy -auto-approve  

cd ../test/s3  
terragrunt destroy -auto-approve  

cd ../prod/s3  
terragrunt destroy -auto-approve


# Remove the S3 backend bucket
aws s3 rb s3://my-tf-state-bucket-martin-001 --force --region us-west-2

# Delete the DynamoDB state locking table
aws dynamodb delete-table --table-name terraform-locks --region us-west-2

🧠 Why This Matters

Scalable: Add more environments/modules without duplicating code
Safe: Remote state + locking prevents race conditions
Reusable: Terraform modules can be shared or extended
Secure: State is encrypted and managed in a centralized place
Maintainable: Clear folder structure and separation of concerns

About

Multi-environment AWS infrastructure using Terragrunt (dev/test/prod) with remote state.

Topics

aws devops cd dynamodb s3-bucket iac infrastructure-as-code aws-cloud gitops aws-provider

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages