Unable to use Terraform modules stored in a private S3 bucket - Githubissues

gruntwork-io / terragrunt

Terragrunt is a flexible orchestration tool that allows Infrastructure as Code written in OpenTofu/Terraform to scale.

https://terragrunt.gruntwork.io/

MIT License

7.91k stars 966 forks source link

Unable to use Terraform modules stored in a private S3 bucket #3294

Open carlosjgp opened 1 month ago

carlosjgp commented 1 month ago

Describe the bug

Storing private Terraform modules into an S3 bucket is not supported with Terragrunt

This works just fine with Terraform

Steps To Reproduce

Upload a Terraform module to a private S3 bucket that can only be accessed with AWS credentials

terraform {
  source = "s3::https://s3-<REGION>.amazonaws.com/<BUCKET>/<MODULE>.zip"
}

Expected behavior

Similar behaviour as seen when using Terraform where this works just fine

Maybe make use the iam_role to download the modules from S3 https://terragrunt.gruntwork.io/docs/reference/config-blocks-and-attributes/#iam_role

IAM role that Terragrunt should assume prior to invoking Terraform.

Nice to haves

[ ] Terminal output
[ ] Screenshots

Versions

Terragrunt version: v0.63.5
OpenTofu/Terraform version: v1.9.2
Environment details (Ubuntu 20.04, Windows 10, etc.): 22.04.1-Ubuntu

Additional context

More problems with go-getter

denis256 commented 1 month ago

I think can be investigated approach of updating getter to inject session details or replace existing ones with one that can use AWS details

References: https://github.com/gruntwork-io/terragrunt/blob/master/cli/commands/terraform/download_source.go#L191