Tags Module

This Terraform module helps to create a unified tagging across different projects.

Usage

Typical Folder structure within a Terraform Project:

.
├── lambda-security-group
│   └── terragrunt.hcl
├── redis
│   └── terragrunt.hcl
├── redis-security-group
│   └── terragrunt.hcl
├── ssm-store
│   └── terragrunt.hcl
└── tags
    └── terragrunt.hcl

Typical terragrunt.hcl of project tags (initialization)

terraform {
  source  = "Flaconi/tags/null"
}

include {
  path = find_in_parent_folders()
}

locals {
  # It could be simplified if terragrunt implement this: https://github.com/gruntwork-io/terragrunt/pull/858
  default_yaml_path = find_in_parent_folders("empty.yml")
  global_vars       = yamldecode(file(find_in_parent_folders("global_vars.yml", local.default_yaml_path)))
  provider_vars     = yamldecode(file(find_in_parent_folders("provider_vars.yml", local.default_yaml_path)))
  region_vars       = yamldecode(file(find_in_parent_folders("region_vars.yml", local.default_yaml_path)))
  stack_vars        = yamldecode(file(find_in_parent_folders("stack_vars.yml", local.default_yaml_path)))

  vars = merge(
    local.global_vars,
    local.provider_vars,
    local.region_vars,
    local.stack_vars
  )
}

inputs = {
  parent      = ""
  project     = basename(dirname(abspath(get_terragrunt_dir())))
  provider    = local.vars.our_provider
  environment = local.vars.env
  tags        = local.vars.global_tags
}

Example terragrunt.hcl of project tags inheritance (lambda-security-group)

dependency "vpc" {
  config_path = "../../../infra/vpc"
}

dependency "tags" {
  config_path = "../tags"
}

terraform {
  source = "github.com/terraform-aws-modules/terraform-aws-security-group?ref=v3.1.0"
}

include {
  path = find_in_parent_folders()
}

locals {
  app_name = basename(dirname(abspath(get_terragrunt_dir())))
}

inputs = {
  vpc_id = dependency.vpc.outputs.vpc_id

  name        = "${local.app_name}-lambda-sg"
  description = "Security group for lambda (${local.app_name}) with allow outgoing all"

  egress_with_cidr_blocks = [
    {
      rule        = "all-all"
      cidr_blocks = "0.0.0.0/0"
    },
  ]

  tags = dependency.tags.outputs.tags
}

Example terragrunt.hcl of project tags inheritance (redis-security-group)

dependency "vpc" {
  config_path = "../../../infra/vpc"
}

dependency "tags" {
  config_path = "../tags"
}

dependency "lambda-security-group" {
  config_path = "../lambda-security-group"
}

terraform {
  source = "github.com/terraform-aws-modules/terraform-aws-security-group?ref=v3.1.0"
}

include {
  path = find_in_parent_folders()
}

locals {
    app_name = basename(dirname(abspath(get_terragrunt_dir())))
}

inputs = {
  vpc_id = dependency.vpc.outputs.vpc_id

  name        = "${local.app_name}-redis-sg"
  description = "Security group for Redis (${local.app_name})"

  computed_ingress_with_source_security_group_id = [
    {
      rule                     = "redis-tcp"
      source_security_group_id = dependency.lambda-security-group.outputs.this_security_group_id
    }
  ]
  number_of_computed_ingress_with_source_security_group_id = 1

  tags = dependency.tags.outputs.tags
}

Resources

No resources are created.

Requirements

Name	Version
terraform	>= 0.12

Providers

No providers.

Modules

No modules.

Resources

No resources.

Inputs

Name	Description	Type	Default	Required
additional_tag_map	Additional tags for appending to each tag map	map(string)	{}	no
environment	Environment, e.g. 'prod', 'staging', 'dev', 'pre-prod', 'UAT'	string	""	no
parent	Parent folder	string	""	no
project	Solution name, e.g. 'app' or 'jenkins'	string	""	no
region	Region, e.g. 'eu-west-1', 'eu-central-1'	string	""	no
tags	Additional tags (e.g. map('BusinessUnit','XYZ')	map(string)	{}	no
terraform_provider	Namespace, which could be your organization name or abbreviation, e.g. 'eg' or 'cp'	string	""	no

Outputs

Name	Description
tags	Normalized Tag map
tags_as_list_of_maps	Additional tags as a list of maps, which can be used in several AWS resources

License

MIT

Copyright (c) 2019-2022 Flaconi GmbH