Skip to main content
Knowledge Base

How do I enroll a new account, not created with Gruntwork Pipelines, into the Gruntwork Pipelines?

Answer

Frequently asked customer question. --- <ins datetime="2024-02-14T19:07:19Z"> <p><a href="https://support.gruntwork.io/hc/requests/110768">Tracked in ticket #110768</a></p> </ins>

## Pre-requisites - Latest version of Terragrunt - v1.5.7 of Terraform - AWS Admin credentials for the account - Configured GitHub user with access to the Gruntwork Library ## Steps 1. Checkout your `infrastructure-live` repository locally 2. Create a git branch 3. Modify the placeholders below and add to the `accounts.yml` file located in the root of your repository: ``` ACCOUNT_NAME: email: ACCOUNT_EMAIL id: "ACCOUNT_ID" ``` 4. Duplicate an existing account's folder(example `logs`) and rename the root directory as the name of your account. The only resources we want to keep will be the GitHub OIDC roles required for Pipelines to run i.e in the `account-name/_global` directory, keep the following folders: - central-pipelines-apply-role - central-pipelines-plan-role - github-actions-openid-connect-provider - pipelines-policy-apply-update-role - pipelines-policy-plan-update-role - pipelines-pre-auth-role **and delete any other regional resources you copied**. 5. **VERY IMPORTANT**: Update the `account.hcl` in the account's directory to use the new `account_name` 6. Update the `tags.yml` in the account's directory as you see fit 7. Obtain AWS Admin console credentials for the account 8. Using the AWS credentials from the previous step, run the following commands sequentially to bootstrap the account with the OIDC roles Pipelines needs(these steps normally happen automatically for accounts provisioned using the Pipelines) ``` cd ACCOUNT-NAME/_global/github-actions-openid-connect-provider terragrunt init cd ../.. terragrunt run-all plan terragrunt run-all apply ``` 9. Commit your changes with a`[skip ci]` directive included in your commit message. This prevents Pipelines from running on this PR since all the changes have just been manually applied. 10. Open a Pull Request, review and merge. 11. Test that Gruntwork pipelines works. You can make a trivial change or add a comment to any of the `terragrunt.hcl` files in the new account's folder and open a Pull Request to trigger a Gruntwork Pipelines run.