Skip to content
/ terraform-multi-account Public

An example of how to manage a terraform project with multiple AWS accounts making use of AWS Organizations, AWS SSO, and shared variables across environments.

2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

terraform-mars/terraform-multi-account

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
accounts
accounts
 
 
modules/myapp
modules/myapp
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

terraform-multi-account

(Work-In-Progress)

An example of how to manage a terraform project with multiple AWS accounts.

AWS Organizations

  • mgt is the management account
    • Maintains the S3 bucket for terraform state files and dynamodb table for terraform locks
  • dev/stage/prod are child accounts
    • Allow mgt account to access them via the IAM role OrganizationAccountAccessRole

AWS SSO

The type of credentials that AWS SSO generates currently is not supported on terraform. A lookup for credentials in the aws cli cache is being done as a workaround.

E.g. https://github.com/terraform-mars/terraform-multi-account/blob/main/accounts/dev/myapp/provider.tf

Shared variables

Variables in a file named "vars.yml" in any level of directory will be read. The closest relative path of a vars file to the current module directory takes precedence.

About

An example of how to manage a terraform project with multiple AWS accounts making use of AWS Organizations, AWS SSO, and shared variables across environments.

Resources

Readme
Activity
Custom properties

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages