In this blog entry, I will combine a few topics as they are related:
This blog expands upon a previous entry discussing dependency management.
When managing an enterprise scale cloud environment, it is important to divide it into functional pieces that will allow segregation of duties and minimizing blast radius. As such, core components such as platform management, networking, identity, audit, etc should be managed in separate subscriptions.
To deploy resources to different Azure subscriptions, it is possible to pass environment variables to Terraform and let it authenticate accordingly. In the code snippet below, there are 3 areas of interest:
The extra_arguments section requires special attention. Basically, this configuration says to inject the 4 environment variables when the following Terragrunt commands are called (init, apply,destroy, etc).
#azure #terragrunt #azure-key-vault #terraform