Good Morning,
I’m new to CDKTF, and for test purposes I’m writing in python a configuration to deploy dynamically resources all over the region in a given account without the need to touch the code but only a yaml config file.
After some test and research I found a way to dynamically assign different providers to resources.
My way is to define all the provider variables you will use and then in every resource recall it through locals() with a name defined whithin a yaml file.
Following an example of the configuration:
YAML Config
vpcs:
bog-a:
cidr: 10.20.0.0/22
region: eu-south-1
igw: true
ngw: public-a
r53-association: true
domain-name: bogdan-example.local
subnets:
public-a: 10.20.0.0/24
public-b: 10.20.1.0/24
transit-a: 10.20.2.0/28
transit-b: 10.20.2.16/28
route-tables:
public-rtb:
tgw-bog-milan: 10.20.0.0/16
igw: 0.0.0.0/0
transit-rtb:
ngw-public-a: 0.0.0.0/0
bog-d:
cidr: 10.20.12.0/22
region: eu-central-1
r53-association: true
domain-name: bogdan-example.local
subnets:
private-a: 10.20.12.0/24
private-b: 10.20.13.0/24
transit-a: 10.20.14.0/28
transit-b: 10.20.14.16/28
route-tables:
private-rtb:
tgw-bog-central: 0.0.0.0/0
transit-rtb:
{}
Providers resources
eu_south_1 = AwsProvider(self, "milan", region='eu-south-1',
profile='', alias="eu-south-1")
eu_central_1 = AwsProvider(
self, "central", region='eu-central-1', profile='', alias='eu-central-1')
Resource configuration
vpcs[vpc] = Vpc(self, vpc, cidr_block=config["network"]["vpcs"][vpc]["cidr"], enable_dns_hostnames=True, enable_dns_support=True, tags=merge(
tags, {"Name": f'{vpc}'}),
provider=locals()[f'{config["network"]["vpcs"][vpc]["region"]}'.replace("-", "_")])
I defined the attribute “region” in the config file and the i use that attribute to call the provider with locals().
As you can see I’m not using terraform iterators but for cycle and storing objects in maps.
Do you think this type of configuration could led to dependencies issue or inconsistencies in the state? And if yes… how to avoid it?
What do you think about this way to perform an agnostic provider configuration?
If you are interested in more information about, do not hesitate to contact me.
thanks
Bogdan Iurea