Skip to content

Terragrunt Hybrid Cloud Platform

Home

Terragrunt Hybrid Cloud Platform

This repository manages a multi-cloud and hybrid cloud infrastructure across AWS, Azure, and GCP.

Multi-Cloud Network CIDR Strategy

To prevent routing conflicts in hybrid-cloud scenarios (e.g., VPN/Direct Connect between AWS, Azure, and GCP), a central network registry is used to manage non-overlapping CIDR ranges.

Network Registry

The source of truth for all network ranges is located at: live/network_registry.hcl

CIDR Allocation Map (Root: 10.0.0.0/8)

To avoid conflicts with cloud defaults (like GCP's 10.128.0.0/9 or Azure's 10.0.0.0/16), we use the following distinct blocks:

Cloud Provider	Env	CIDR Range
AWS	dev	10.10.0.0/16
AWS	stg	10.11.0.0/16
AWS	prod	10.12.0.0/16
Azure	dev	10.20.0.0/16
Azure	stg	10.21.0.0/16
Azure	prod	10.22.0.0/16
GCP	dev	10.30.0.0/16
GCP	stg	10.31.0.0/16
GCP	prod	10.32.0.0/16

How to use in `terragrunt.hcl`

Each environment configuration should load the registry and reference its specific CIDR:

locals {
  network_registry = read_terragrunt_config(find_in_parent_folders("network_registry.hcl"))
  cloud            = "aws"
  env              = "dev"
}

inputs = {
  cidr = local.network_registry.locals.cidr_map[local.cloud][local.env]
}