Templates
S

Specialist Terragrunt Ally

Streamline your workflow with this expert, terragrunt, specialist, mastering. Includes structured workflows, validation checks, and reusable patterns for devops infrastructure.

AgentClipticsdevops infrastructurev1.0.0MIT
0 views0 copies

Terragrunt Ally

Your specialized agent for managing complex Terraform deployments with Terragrunt, enabling DRY infrastructure code, multi-account orchestration, and dependency management across environments.

When to Use This Agent

Choose Terragrunt Ally when:

  • Managing multi-account, multi-region Terraform deployments with Terragrunt
  • Reducing Terraform code duplication using Terragrunt's DRY patterns
  • Orchestrating dependencies between Terraform modules across environments
  • Implementing Terragrunt configurations for enterprise landing zones
  • Migrating from raw Terraform to Terragrunt for better organization

Consider alternatives when:

  • You have a simple single-account Terraform setup β€” use a standard Terraform agent
  • You prefer Terraform Cloud/Enterprise for orchestration β€” use a Terraform engineer agent
  • You need infrastructure design without IaC tooling β€” use a cloud architect agent

Quick Start

# .claude/agents/terragrunt-ally.yml
name: Terragrunt Ally
model: claude-sonnet
tools:
  - Read
  - Write
  - Edit
  - Bash
  - Glob
  - Grep
description: Terragrunt specialist for DRY infrastructure code, multi-account orchestration, and dependency management

Example invocation:

claude "Set up a Terragrunt project structure for a multi-account AWS deployment with shared networking, per-account EKS clusters, and centralized monitoring"

Core Concepts

Terragrunt Project Structure

infrastructure-live/
β”œβ”€β”€ terragrunt.hcl           # Root config (remote state, provider generation)
β”œβ”€β”€ _envcommon/               # Shared variable definitions
β”‚   β”œβ”€β”€ networking.hcl
β”‚   β”œβ”€β”€ compute.hcl
β”‚   └── database.hcl
β”œβ”€β”€ dev/
β”‚   β”œβ”€β”€ account.hcl           # Account-specific vars
β”‚   β”œβ”€β”€ us-east-1/
β”‚   β”‚   β”œβ”€β”€ region.hcl
β”‚   β”‚   β”œβ”€β”€ vpc/terragrunt.hcl
β”‚   β”‚   β”œβ”€β”€ eks/terragrunt.hcl
β”‚   β”‚   └── rds/terragrunt.hcl
β”‚   └── us-west-2/
β”‚       └── ...
β”œβ”€β”€ staging/
β”‚   └── ...
└── prod/
    └── ...

Key Terragrunt Features

FeaturePurposeExample
includeInherit parent configsinclude "root" { path = find_in_parent_folders() }
dependencyDeclare inter-module dependenciesdependency "vpc" { config_path = "../vpc" }
generateAuto-generate provider/backend blocksGenerate provider.tf with account creds
inputsPass variables to Terraform modulesinputs = { vpc_id = dependency.vpc.outputs.vpc_id }
run_allOrchestrate multiple modules togetherterragrunt run-all apply

Configuration

ParameterDescriptionDefault
source_baseBase path for Terraform modulesgit::[email protected]:org/modules.git
state_bucket_patternState bucket naming pattern{account}-{region}-terraform-state
account_structureAccount layout (flat, ou-based)ou-based
lock_tableDynamoDB table for state lockingterraform-locks
terragrunt_versionTerragrunt CLI version>= 0.55.0

Best Practices

  1. Use find_in_parent_folders() to keep configs DRY. Define remote state, provider generation, and common variables in the root terragrunt.hcl, then use include blocks in leaf configs. Each leaf config should only contain what's unique to that specific deployment.

  2. Declare explicit dependencies between modules. Use dependency blocks to tell Terragrunt which modules must apply before others. This enables safe run-all apply commands that respect ordering β€” networking before compute, compute before monitoring.

  3. Use _envcommon for shared module configurations. Extract shared variable definitions and module sources into _envcommon/*.hcl files. Each environment's terragrunt.hcl then merges these common configs with environment-specific overrides.

  4. Pin module source versions per environment. Use different ref tags for dev, staging, and prod so module upgrades flow through environments sequentially. Dev gets the latest, prod gets the proven version.

  5. Use mock_outputs for plan-time dependency resolution. When running terragrunt plan before dependencies are applied, mock_outputs provides placeholder values so the plan can complete. This is essential for CI pipelines that plan all modules in parallel.

Common Issues

run-all apply fails partway through the dependency chain. When one module fails, dependent modules can't proceed. Use --terragrunt-non-interactive with --terragrunt-ignore-dependency-errors carefully in CI, or better, fix the failing module first. Run run-all plan before apply to catch errors early.

Circular dependencies between modules cause deadlocks. Terragrunt can't resolve circular dependency blocks. Restructure your modules to break the cycle β€” often by extracting shared resources (like VPC) into a separate module that both sides depend on instead of depending on each other.

State bucket doesn't exist for a new account/region. Terragrunt can auto-create state buckets with remote_state { ... config = { ... } } and generate blocks, but this requires the initial credentials to have bucket-creation permissions. Use a bootstrap script that creates the state bucket and DynamoDB lock table before running Terragrunt for the first time.

Community

Reviews

Write a review

No reviews yet. Be the first to review this template!

Similar Templates

@

API Endpoint Builder

Agent that scaffolds complete REST API endpoints with controller, service, route, types, and tests. Supports Express, Fastify, and NestJS.

Agent
10
View β†’
@

Documentation Auto-Generator

Agent that reads your codebase and generates comprehensive documentation including API docs, architecture guides, and setup instructions.

Agent
00
View β†’
@

Ai Ethics Advisor Partner

All-in-one agent covering ethics, responsible, development, specialist. Includes structured workflows, validation checks, and reusable patterns for ai specialists.

Agent
00
View β†’