Gruntwork
Replies: 2 comments
-
|
Hi Yuri, Yes, you highlighted a key point about the for-production infrastructure-live example. It's an example generated from a real Ref Arch that we deployed using dummy values. So you need to update the terragrunt.hcl files with real inputs, which we cannot know for you ahead of time. Also make note of the region that you're deploying into, as the example code there also generates all values including the AWS region. |
Beta Was this translation helpful? Give feedback.
-
|
Hi @rhoboat I have worked today on trying to fix this. For what I know the account-baseline from the shared account need to be applied before the logs, security and apps accounts because all these accounts uses the KMS encryption key created by the shared account. And yes we can reference the KMS key before the creation, I did this today. Basically changing this line https://github.com/gruntwork-io/terraform-aws-service-catalog/blob/6c5660ca8096817e9798e77bbab2307e0af62f16/examples/for-production/infrastructure-live/_envcommon/landingzone/account-baseline-app-base.hcl#L195 to this:
You also have to change this line in the security terragrunt.hcl file: |
Beta Was this translation helpful? Give feedback.
-
Hi guys,
We are trying to deploy the infrastructure-live example on the terraform-aws-service-catalog https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/master/examples/for-production/infrastructure-live but we are having some issues related to
ExampleAMIEncryptionKMSKeyArnnot existing. Looks like this is hard coded on the account-baseline-app-base.hcl file .Other thing, which order should we apply terragrunt, so first we should apply the logs baseline or the shared?
Beta Was this translation helpful? Give feedback.
All reactions