Introducing Terragen – The Terraform Tamer

I’ve been working with Terraform off and on for around 4 years now. Generally I love it, it’s a powerful tool for managing your cloud based infrastructure and the HCL definition language makes your Infrastructure-as-Code files reasonably readable and maintainable.

However, it does have its wrinkles, my personal top 5 annoyances:

  1. Managing infrastructure across multiple accounts, eg DEV/TEST/PROD can be painful and can lead to duplication without careful thought
  2. The management of shared infra (eg VPCs, Databases) and app level infra in the same repo can be tricky. Eg I definitely don’t want to accidentally tear down a shared database when I’m tearing down my little hello-world app.
  3. Configuration changes between environments, eg TEST environment runs t3.small instances but prod runs m5.xlarge can be cumbersome
  4. Establishing enterprise standards, like tags that should be attached to all instances, shared Security Groups and so on can be difficult
  5. There can be a lot of boilerplate config files and so on.

To ease the pain on the above I wrote Terragen, a pip installable python utility that provides a powerful but lightweight configuration engine ontop of your existing Terraform modules. Let’s see it in action:

Faust

With Terragen you can:

  1. Bring your own modules, Terragen wants to as much as possible stay out of your working modules.
  2. Establish default configs with embedded standards like tags, security groups that you can apply to all configs that “inherit” from them
  3. Control the construction/destruction of Shared infra (VPCs, Databases) from App specific infra separately if you want.
  4. Create mandatory values so your teams are alerted if they miss config that are embeeded in Company standards
  5. Powerful lookup syntax making it easy to set environment specific config, like instance types, disk space and so on.
  6. Fine grained CLI control, all config values can be overridden on the CLI meaning it works nicely with your CI tool of choice
  7. View generated Terraform files before they are applied. Each run creates a timestamped output directory
  8. Boiler plate Terraform files like config, tfvars are automatically generated.

Terragen uses a provider based model, while it currently only supports AWS, providers for Azure, GCP could be created by the community if the project gets some traction.

Terragen is on github here

You can find example config files are available to look at here.

Just run pip install terragen to get started :)