This is Day 12, a direct continuation of our deep dive into Terraform's built-in functions. If Day 11 focused on basic string and collection manipulation, today we unlock the true power of HCL by mastering validation, type conversion, numeric calculations, and file handling.
Understanding these functions is essential for building robust, secure, and highly dynamic infrastructure configurations.
1. Validation Functions: Enforcing Constraints
Validation functions ensure that the input values provided by the user meet specific criteria before Terraform attempts to execute a plan. This prevents failures later in the provisioning process.
Validation rules are placed directly within the variable declaration, using a validation block which contains a condition and an error_message.
A. Checking Length and Logic
You can combine the length() function with logical operators (&& for logical AND) to enforce length constraints on input strings, such as ensuring an instance type name is between 2 and 20 characters.
Code Example (Length Validation):
variable "instance_type" {
default = "t2.micro"
validation {
condition = length(var.instance_type) >= 2 && length(var.instance_type) <= 20
error_message = "Instance type must be between 2 and 20 characters."
}
}
B. Regular Expressions and can()
For more complex pattern matching, the can() function, combined with regex() (regular expression), allows you to define stringent requirements, such as ensuring an instance type starts with 't2' or 't3'.
C. String Endings (endswith) and Sensitive Data
The endswith() validation function ensures a string meets a naming convention, such as requiring a backup variable name to end with _backup.
Furthermore, you can flag variables as sensitive by setting sensitive = true in the declaration. This prevents the value from being printed in logs or standard output during terraform plan and apply. While this is a critical security feature, it’s important to remember that the value is still saved (Base64 encoded, not truly encrypted) in the state file, so exercise caution.
2. Type Conversion and Collection Functions
Type conversion functions allow you to change the structure of data, which is often necessary when manipulating collections.
A. Combining and Making Unique (concat and toset)
While the concat() function combines two or more lists, the resulting list may contain duplicate values. To eliminate duplicates and ensure a collection of only unique values, you must convert the list into a set using the toset() function.
Code Example (Removing Duplicates):
variable "user_locations" {
type = list(string)
default = ["us-east-1", "us-east-1", "us-west-1"]
}
variable "default_location" {
type = list(string)
default = ["us-west-2"]
}
locals {
all_locations = concat(var.user_locations, var.default_location)
# Result: ["us-east-1", "us-east-1", "us-west-1", "us-west-2"] (Duplicates remain)
unique_locations = toset(local.all_locations)
# Result: {"us-east-1", "us-west-1", "us-west-2"} (Set removes duplicates)
}
3. Numeric Functions and Spread Operators
Numeric functions handle mathematical operations. Functions like sum(), max(), and min() are designed to work on numbers, but when operating on complex collections like tuples or lists, they require additional iteration or the use of a spread operator.
Calculating Absolute Values and Totals
The abs() function returns the absolute value of a number (converting negative values to positive). To apply abs() to every element in a list (like a list of monthly costs where negative values represent credits), you must use a for loop to iterate through the collection.
The Spread Operator (...)
To use aggregate functions like max() or min() on a list of numbers, you must use the spread operator (...) after the list variable. This operator tells Terraform to treat the elements of the list as individual numbers, allowing the function to work correctly.
Code Example (Calculating Max Cost):
locals {
# Assuming positive_cost is a list of absolute values like
max_cost = max(local.positive_cost...)
# The '...' spreads the list elements, treating them as arguments: max(200, 100, 75, 50)
}
This technique also allows for calculating the average cost, which involves dividing the total sum by the length of the list.
4. File and Date/Time Functions
A. File Handling
Terraform can interact with local files. The fileexists() function checks if a file is present. You can read the contents of a file using the file() function, and if the file contains structured data (like JSON), you can use jsondecode() to parse it into an accessible HCL map.
B. Date and Time
The timestamp() function returns the current timestamp. The formatdate() function allows you to reformat this timestamp string into a desired structure (e.g., YYYY-MM-DD), which is useful for creating unique, time-based resource names.
Mastering these advanced functions solidifies your ability to write highly dynamic, reusable, and secure configurations, moving you beyond simple resource declarations from @piyushsachdeva
Top comments (0)