Global Resources

Common AWS Global Services
Directory Structure for Global Resources
Next Steps
Links and References

In Terragrunt-based Terraform repositories, certain AWS services are global—they’re not bound to a specific region and are deployed once per account. To keep your directory structure clean and intuitive, isolate these global services at the top level of your project, separate from any region-specific folders.

The image is an infographic titled "Global Resources," outlining four points: services not in traditional regions, deployment per account, isolating global services, and maintaining clear hierarchy and structure.

Global AWS services deploy once per account, so housing them in a dedicated global folder prevents accidental duplication and clarifies their scope.

Common AWS Global Services

Below are some frequently used AWS services that should live in your top-level global directory:

Global Service	Purpose
IAM	Users, Groups, Roles, Policies
Route 53	DNS Zones and Record Management
CloudFront	Content Delivery Network (CDN)
AWS WAF	Web Application Firewall Rules
ACM	SSL/TLS Certificate Provisioning & Renewal

Note: Depending on your architecture, you may have additional global components (e.g., AWS Organizations, SSO, or Artifact).

Directory Structure for Global Resources

Create a global folder alongside your environment and region directories (e.g., prod, dev, region-us-east-1, region-eu-west-1). Inside global, add individual terragrunt.hcl files for each service:

The image shows a directory structure diagram for global services, with folders and files like "terragrunt.hcl" organized under categories such as "prod," "global," "region-A," and "region-B."

Example layout:

├── dev
│   └── region-us-east-1
│       └── terraform.tfvars
├── prod
│   └── region-us-west-2
│       └── terraform.tfvars
└── global
    ├── iam
    │   └── terragrunt.hcl
    ├── route53
    │   └── terragrunt.hcl
    ├── cloudfront
    │   └── terragrunt.hcl
    ├── waf
    │   └── terragrunt.hcl
    └── acm
        └── terragrunt.hcl

This setup ensures:

Clear separation between account-wide and region-specific resources
Single source of truth for global configurations
Easier navigation and maintenance across environments

Next Steps

With global services neatly isolated, you can extend your Terragrunt repository to include shared modules, environment overrides, and DRY patterns. This foundation streamlines updates and fosters collaboration across teams.

Links and References

Watch Video

Supporting Files accountregionenvcommon

terragrunt init and validate

⌘I

Introduction

Terragrunt Basic Concepts

Terragrunt Good to Know Concepts Ideas

Terragrunt Configuration

Terragrunt Commands

Terragrunt Functions

Terragrunt Blocks

Terragrunt Attributes

Managing Remote State with Terragrunt

Terragrunt Modules

Building our first AWS Demo with Terragrunt

Conclusion

Common AWS Global Services

Directory Structure for Global Resources

Next Steps

Links and References

Watch Video

Introduction

Terragrunt Basic Concepts

Terragrunt Good to Know Concepts Ideas

Terragrunt Configuration

Terragrunt Commands

Terragrunt Functions

Terragrunt Blocks

Terragrunt Attributes

Managing Remote State with Terragrunt

Terragrunt Modules

Building our first AWS Demo with Terragrunt

Conclusion

​Common AWS Global Services

​Directory Structure for Global Resources

​Next Steps

​Links and References

Watch Video

Common AWS Global Services

Directory Structure for Global Resources

Next Steps

Links and References