[mlhpdx]

The amount of duplication in `main.tf` (copy/pasta for each region) is shocking, but I'm not a Terraform user -- is that normal? It also seems problematic for re-use since not all accounts have those regions enabled. Perhaps using something like the below to discover enabled regions at deploy time would make it more "consumable" by other folks:

  aws account list-regions \
    --region-opt-status-contains "ENABLED" "ENABLED_BY_DEFAULT" \
    --no-paginate \
    --query "Regions[].RegionName" \
    --output text

That's the approach I've taken with SAM/Cloudformation deployments[1].

[1] https://github.com/mlhpdx/email-origin/blob/main/scripts/dep...

[myzie]

Aha, indeed. A few interesting notes on this. And thanks for the link to your Makefile.

I see you're a Cloudformation Stacks user (good stuff), so you may know some of what I say below already, but maybe the Terraform specific notes will be of interest.

Many AWS deployments (Terraform or otherwise) are single region unfortunately, with a primary factor there being that AWS APIs are for the most part region-specific. The AWS Terraform provider was built with this mindset too, unfortunately. Then the situation is complicated by Terraform's lack of support for dynamic providers, which is one of the most discussed still-open issues in Terraform.

Some related open issues:

https://github.com/hashicorp/terraform/issues/24476 https://github.com/hashicorp/terraform/issues/25244 https://github.com/hashicorp/terraform/issues/19932

My understanding is that people that have this as a first-class concern use something like Terragrunt to dynamically generate the HCL as needed.

https://terragrunt.gruntwork.io/

For Burrow here, I was was focused on shipping something and didn't want to spend time on generating that code just yet. But the project has gotten some attention so if this is a recurring request I'll probably do it.

Note that I intentionally chose the 17 AWS regions that are default enabled in every new AWS account, so it should only be if you want to customize it that this becomes important.

A Cloudformation Stacks based deployment to achieve multi-region would be another good (and perhaps better) option here. I could add that to the Makefile, with inspiration from your link there.

[myzie]

Oh I realized I was thinking of Cloudformation Stacksets, since those like you automate deployment of a Stack across multiple regions.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGui...

[JohnMakin]

Yea, unfortunately dynamic provider blocks to use a loop to handle this type of thing have been on the wishlist forever. IIRC Hashicorp's response is that it simply isn't possible, but I believe the OpenTofu project was targeting this (or may have already done it).

I manage a particular file right now that has 100 entries of something very similar. Just silly and annoying to search through and prone to copy/paste errors (one time I accidentally deployed something to a prod account in this way).

[jyufnlwfnzvbm]

> The amount of duplication in `main.tf` (copy/pasta for each region) is shocking, but I'm not a Terraform user -- is that normal?

Yes, we do not have dynamic providers yet.

I lost patience and switched to CDKTF and then Pulumi soon after.