If you want to deploy a terraform module to multiple locations (different VPCs, Regions, Accounts) this module can help. In most examples we use regions as the location separator but that doesnt have to be the case. The premise is simple, create your root module in a public VCS repo then using your Terraform Cloud (TFC) Organization, create workspaces for each deployment location.
To use you must have:
- Terraform Cloud Organization with Admin Access
- VCS repo with your HCL root module
- Connect the repo to TFC (To be automated)
Once the above is complete, simply execute this module with references for each location in a way that TFC can reference.
Workspaces are defined in a nested map as each deployment location. A workspace key within the var.workspaces
can utilize any workspace argument.
It can also accept var.workspaces.<>.vars
which can accept variable declarations as described below.
This module allows you to specify variables in 3 different ways:
- Attach a pre-created variable set id to each workspace with the key
shared_variable_set_ids
. - Specify on a per-workspace using the nested map structure below
module "multi_region_deployment" {
source = "aws-ia/workspace-orchestrator/tfe"
...
shared_variable_set_ids = [
data.tfe_variable_set.creds.id,
]
workspaces = {
eastcoast = {
vars = {
AWS_REGION = {
value = "us-east-1"
# category = "env" # unnecessary, default behavior
}
my_tf_var = {
value = "test"
category = "terraform"
}
}
}
westcoast = {...}
}
}
For examples see here
organization = "<>"
# variable set contains my AWS_ACCESS_KEY_ID & AWS_SECRET_ACCESS_KEY, attach to all workspaces
creds_variable_set_name = "dev_aws_creds"
vcs_repo = {
identifier = "drewmullen/aws-infra" # https://github.com/drewmullen/aws-infra
oauth_token_id = "<oauth token from TFC>"
branch = "master"
}
Currently there is no way to wait for any workspace variable sets prior to the initial workspace creation. If the inital apply
fails you can rekick them off. This will hopefully be resolved in a future release
Name | Version |
---|---|
terraform | >= 1.3.2 |
aws | >=4.0.0, < 6.0.0 |
tfe | >= 0.51.1 |
Name | Version |
---|---|
tfe | >= 0.51.1 |
No modules.
Name | Type |
---|---|
tfe_variable.workspace | resource |
tfe_workspace.main | resource |
tfe_workspace_settings.this | resource |
tfe_workspace_variable_set.shared_preexisting_variable_set_ids | resource |
tfe_workspace_variable_set.this | resource |
Name | Description | Type | Default | Required |
---|---|---|---|---|
organization | TFC Organization | string |
n/a | yes |
workspaces | Nested map of workspaces to create and the associated arguments they can accept: Example: workspaces = {Arguments accepted within workspace definition: - All arguments from tfe_workspace. Defaults set as documented in July 2022 (v0.33.0). - vars = A nested map of variables, their value and categoryvars = {Workspace tag_names will attempt to combine specific tag_names and from var.shared_workspace_tag_names . |
any |
n/a | yes |
shared_variable_set_ids | A variable set ID to set to all workspaces. Use if you have a pre-existing variable set. | list(string) |
[] |
no |
shared_workspace_tag_names | Tag names to set for all workspaces. To set per-workspace, see var.workspaces . |
list(any) |
[] |
no |
vcs_repo | Definition of the VCS repo to attach to every workspace. | object({ |
null |
no |
Name | Description |
---|---|
workspaces_attributes | Attributes associated with the created workspaces. |