Loren Gordon

Terragrunt works fine with AWS SSO, but it's using an older aws sdk version. So what doesn't work is just the "new" config style. Change your config to the old...

I'm not sure how useful this is as far as addressing the issue from within terragrunt, but figured I'd share in the sense that there are approaches users could take...

>But there is a drawback too, this will not work correctly with modules, since, unlike providers, only a specific version of the module is stored in .terraform/modules, and in the...

One place I know of that my approach _does_ fall over for modules though, is nested modules. If a `vendor` module is itself referencing another remote module, there is no...

>For example, how does Terraform work in an air gapped environment? I also support air-gapped environments. We only use modules that use `source = git:https://...`, and then we mirror modules...

>Oh really, this idea won't work with nested terraform modules, since each terraform module creates its own .terraform folder in its root. Modules are tricky overall anyway, since the terraform...

>1. Parse all tf configs to create a single config of all providers. One sticking point with that step, even for providers, is any config that uses a module with...

>doesn't `terraform init` ensure that all providers are downloaded for nested or nested nested modules? Yes, it does. The "single config" option, using what I called the `vendor` config, does...

> > `TF_PLUGIN_CACHE_DIR` is it concurrency safe? > > [Nope](https://www.terraform.io/cli/config/config-file) > > ``` > Note: The plugin cache directory is not guaranteed to be concurrency safe. The provider installer's behavior...

@RanVaknin Is there a similar tracking issue for the SSO endpoint resolution? There's an [open issue](https://github.com/hashicorp/terraform-provider-aws/issues/23619) on terraform where folks are reporting several of the other impacted services, also: *...