DEV Community: Panchanan Panigrahi The latest articles on DEV Community by Panchanan Panigrahi (@sre_panchanan). https://dev.to/sre_panchanan https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1229790%2F38058399-d5ea-4758-a537-ad5305b5412e.png DEV Community: Panchanan Panigrahi https://dev.to/sre_panchanan en Introduction to AWS S3 Remote Backend with Terraform Panchanan Panigrahi Mon, 30 Sep 2024 20:41:23 +0000 https://dev.to/sre_panchanan/introduction-to-aws-s3-remote-backend-with-terraform-28i7 https://dev.to/sre_panchanan/introduction-to-aws-s3-remote-backend-with-terraform-28i7 <p>Infrastructure as Code (IaC) is revolutionizing how we manage and provision infrastructure, and <strong>Terraform</strong> has become a standout tool in this landscape. However, a critical aspect of using Terraform effectively is managing the <strong>Terraform state file</strong>—the single source of truth that records your infrastructure’s current status.</p> <p>In this guide, we’ll explore the importance of the Terraform state file, why local storage can be risky, and how using AWS S3 as a remote backend offers a scalable, secure, and collaborative solution.</p> <h2> What is the Terraform State File? </h2> <p>The Terraform state file, <code>terraform.tfstate</code>, is an essential JSON file that maintains the mapping between your Terraform configuration and the actual resources in your infrastructure. It contains:</p> <ul> <li> <strong>Resource IDs</strong>: Unique identifiers of resources.</li> <li> <strong>Attributes</strong>: Resource properties (e.g., IP addresses, configurations).</li> <li> <strong>Dependencies</strong>: Relationships between resources, ensuring proper order during changes.</li> </ul> <p>This file enables Terraform to manage your infrastructure efficiently, understanding what exists and what needs updating, creating, or deleting.</p> <h2> Why Is the State File So Important? </h2> <ol> <li> <strong>Single Source of Truth</strong>: It provides Terraform with a clear and consistent view of your infrastructure.</li> <li> <strong>Change Detection</strong>: When running <code>terraform plan</code> or <code>terraform apply</code>, Terraform checks this state file to understand what has changed.</li> <li> <strong>Dependency Management</strong>: Terraform uses the state file to maintain resource dependencies, ensuring changes happen in the correct sequence.</li> </ol> <p>Without an accurate state file, Terraform wouldn’t know how to manage your infrastructure, leading to potential inconsistencies and misconfigurations.</p> <h2> Backends for Storing Terraform State </h2> <p>Terraform offers two main ways to store the state file:</p> <ol> <li> <strong>Local Backend</strong>: Stores the state file on your local machine or a shared file system.</li> <li> <strong>Remote Backend</strong>: Stores the state file on a remote service, such as AWS S3, ensuring centralized access and better collaboration.</li> </ol> <p>Let's explore why using the remote backend is usually a better choice.</p> <h2> Limitations of Local Backend </h2> <p>The local backend, while simple, introduces several challenges:</p> <ol> <li> <strong>Collaboration Issues</strong>: Storing the state file locally means only one person can access it at a time, hindering team collaboration.</li> <li> <strong>Risk of Data Loss</strong>: If your local machine crashes or the state file is accidentally deleted, you lose your infrastructure’s state, leading to potential rework and errors.</li> <li> <strong>No State Locking</strong>: When multiple users try to modify the state file simultaneously, conflicts arise, causing corruption or inconsistencies.</li> <li> <strong>Manual Backups</strong>: Regular backups are critical, but manually handling them is error-prone and inconvenient.</li> <li> <strong>Security Concerns</strong>: Storing sensitive data on your local machine lacks the robust security controls that remote storage offers.</li> <li> <strong>Scalability Issues</strong>: As your infrastructure grows, managing and maintaining larger state files becomes inefficient.</li> </ol> <p>Because of these limitations, the local backend isn’t ideal for production or collaborative environments.</p> <h2> Why Not Store State Files in Version Control Systems (VCS)? </h2> <p>It might seem convenient to use Git or another VCS for tracking state files, but this practice introduces serious problems:</p> <ol> <li> <strong>Sensitive Data Exposure</strong>: The state file often contains sensitive information, such as access keys or credentials, which can be compromised if stored in a VCS.</li> <li> <strong>Concurrency Issues</strong>: Git doesn’t offer a locking mechanism, making it easy for multiple users to create conflicting changes to the state file.</li> <li> <strong>Inefficient Handling</strong>: State files can be large and frequently change, making them a poor fit for version control tracking.</li> </ol> <p>For these reasons, using a dedicated remote backend is a more secure and efficient option.</p> <h2> The Benefits of Using AWS S3 as a Remote Backend </h2> <p>AWS S3 is one of the most popular choices for Terraform's remote backend due to its:</p> <ol> <li> <strong>Reliability</strong>: AWS S3 ensures high availability and durability for your state file.</li> <li> <strong>Access Control</strong>: You can use AWS Identity and Access Management (IAM) to control access to the state file.</li> <li> <strong>Versioning and Recovery</strong>: S3’s versioning capability allows you to recover previous versions of your state file if needed.</li> <li> <strong>State Locking</strong>: By integrating with AWS DynamoDB, you can enable state locking to prevent simultaneous modifications.</li> <li> <strong>Scalability and Security</strong>: AWS S3 scales effortlessly and offers server-side encryption, making it ideal for managing your infrastructure state securely.</li> </ol> <h2> Step-by-Step Guide to Setting Up AWS S3 as a Remote Backend </h2> <p>We'll configure the S3 backend in two steps:</p> <ol> <li> <p><strong>Step 1: Create and configure an S3 bucket and a DynamoDB table using a local backend.</strong> </p> <ul> <li>This ensures the necessary infrastructure (S3 for state storage and DynamoDB for state locking) is set up before migrating, providing a secure and reliable environment.</li> </ul> </li> <li> <p><strong>Step 2: Migrate to using the S3 backend in our Terraform configuration.</strong> </p> <ul> <li>This step transfers state management to the S3 bucket, enabling centralized state storage and collaboration, along with state locking through DynamoDB.</li> </ul> </li> </ol> <p><strong>Directory Structure</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Terraform-AWS-S3-Backend/ ├── global/ │ └── state.tf └── README.md </code></pre> </div> <p>Feel free to check out my GitHub repository: <a href="https://github.com/panchanandevops/Terraform-AWS-S3-Backend" rel="noopener noreferrer">Terraform-AWS-S3-Backend</a>. It contains the complete code and configurations for setting up an AWS S3 backend with Terraform. If you encounter any difficulties or have questions, this resource may help you troubleshoot or understand the process better!</p> <h2> Step 1: Create and Configure the S3 Bucket and DynamoDB Table Locally </h2> <p>In this first step, we define the configuration to <strong>set up an S3 bucket and DynamoDB table locally</strong>. Here's the <code>state.tf</code> file:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">terraform</span> <span class="p">{</span> <span class="nx">required_providers</span> <span class="p">{</span> <span class="nx">aws</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"hashicorp/aws"</span> <span class="nx">version</span> <span class="p">=</span> <span class="s2">"~&gt; 5.56"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">provider</span> <span class="s2">"aws"</span> <span class="p">{</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"us-east-1"</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_s3_bucket"</span> <span class="s2">"terraform_state_bucket"</span> <span class="p">{</span> <span class="nx">bucket</span> <span class="p">=</span> <span class="s2">"panchanandevops-tf-state"</span> <span class="nx">force_destroy</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">lifecycle</span> <span class="p">{</span> <span class="nx">prevent_destroy</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_s3_bucket_versioning"</span> <span class="s2">"terraform_bucket_versioning"</span> <span class="p">{</span> <span class="nx">bucket</span> <span class="p">=</span> <span class="nx">aws_s3_bucket</span><span class="p">.</span><span class="nx">terraform_state_bucket</span><span class="p">.</span><span class="nx">id</span> <span class="nx">versioning_configuration</span> <span class="p">{</span> <span class="nx">status</span> <span class="p">=</span> <span class="s2">"Enabled"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_s3_bucket_server_side_encryption_configuration"</span> <span class="s2">"terraform_state_crypto_conf"</span> <span class="p">{</span> <span class="nx">bucket</span> <span class="p">=</span> <span class="nx">aws_s3_bucket</span><span class="p">.</span><span class="nx">terraform_state_bucket</span><span class="p">.</span><span class="nx">id</span> <span class="nx">rule</span> <span class="p">{</span> <span class="nx">apply_server_side_encryption_by_default</span> <span class="p">{</span> <span class="nx">sse_algorithm</span> <span class="p">=</span> <span class="s2">"AES256"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_s3_bucket_public_access_block"</span> <span class="s2">"terraform_state"</span> <span class="p">{</span> <span class="nx">bucket</span> <span class="p">=</span> <span class="nx">aws_s3_bucket</span><span class="p">.</span><span class="nx">terraform_state_bucket</span><span class="p">.</span><span class="nx">id</span> <span class="nx">block_public_acls</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">block_public_policy</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">ignore_public_acls</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">restrict_public_buckets</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_dynamodb_table"</span> <span class="s2">"terraform_state_lock_table"</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"terraform-state-lock-table"</span> <span class="nx">billing_mode</span> <span class="p">=</span> <span class="s2">"PAY_PER_REQUEST"</span> <span class="nx">hash_key</span> <span class="p">=</span> <span class="s2">"LockID"</span> <span class="nx">attribute</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"LockID"</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"S"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>Explanation of the Terraform Configuration</strong></p> <h3> 1. Main S3 Bucket Configuration: <code>aws_s3_bucket</code> </h3> <h4> <strong>Purpose</strong>: </h4> <p>The <code>aws_s3_bucket</code> resource creates the S3 bucket that will store your Terraform state file. This is the core resource that defines the actual storage location for your state.</p> <h4> Benefits </h4> <ul> <li> <p><strong>Bucket Name (<code>bucket</code>)</strong>: </p> <ul> <li> <code>bucket = "panchanandevops-tf-state"</code> defines the name of the S3 bucket that will store your Terraform state file. This unique bucket name (<code>panchanandevops-tf-state</code>) ensures there is no naming conflict, as bucket names must be globally unique across all AWS accounts.</li> </ul> </li> <li> <p><strong>Force Destroy (<code>force_destroy</code>)</strong>: </p> <ul> <li> <code>force_destroy = true</code> enables the bucket to be deleted even if it contains objects. This setting can be useful if you want to quickly remove the bucket during the development or testing phase, as it allows deletion without manually clearing out objects.</li> </ul> </li> <li> <p><strong>Lifecycle Configuration (<code>lifecycle</code>)</strong>:</p> <ul> <li> <code>prevent_destroy = true</code> adds an additional layer of protection by preventing accidental deletion of the bucket through Terraform. This means that any attempt to destroy the bucket using <code>terraform destroy</code> will result in an error, ensuring your state data remains intact unless this setting is explicitly changed.</li> </ul> </li> </ul> <p><strong>Code Reference</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"aws_s3_bucket"</span> <span class="s2">"terraform_state_bucket"</span> <span class="p">{</span> <span class="nx">bucket</span> <span class="p">=</span> <span class="s2">"panchanandevops-tf-state"</span> <span class="nx">force_destroy</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">lifecycle</span> <span class="p">{</span> <span class="nx">prevent_destroy</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> 2. Versioning: <code>aws_s3_bucket_versioning</code> </h3> <ul> <li> <strong>Purpose</strong>: This resource enables versioning for the S3 bucket, meaning that every time the Terraform state file changes, a new version is stored instead of overwriting the existing one.</li> <li> <strong>Benefit</strong>: <ul> <li> <strong>Accidental Deletion Recovery</strong>: If you accidentally delete or corrupt the state file, you can easily restore a previous version.</li> <li> <strong>Tracking Changes</strong>: Allows you to track changes made to the state file over time, providing a history of your infrastructure's evolution.</li> </ul> </li> </ul> <p><strong>Code Reference</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"aws_s3_bucket_versioning"</span> <span class="s2">"terraform_bucket_versioning"</span> <span class="p">{</span> <span class="nx">bucket</span> <span class="p">=</span> <span class="nx">aws_s3_bucket</span><span class="p">.</span><span class="nx">terraform_state_bucket</span><span class="p">.</span><span class="nx">id</span> <span class="nx">versioning_configuration</span> <span class="p">{</span> <span class="nx">status</span> <span class="p">=</span> <span class="s2">"Enabled"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <ul> <li>Here, the <code>status = "Enabled"</code> line activates versioning, ensuring that every modification to the state file results in a new version being saved.</li> </ul> <h3> 3. Encryption: <code>aws_s3_bucket_server_side_encryption_configuration</code> </h3> <ul> <li> <strong>Purpose</strong>: This resource configures server-side encryption for the S3 bucket using the AES256 encryption algorithm. It ensures that all data stored in the bucket, including your Terraform state file, is encrypted at rest.</li> <li> <strong>Benefit</strong>: <ul> <li> <strong>Data Security</strong>: Protects sensitive data in your state file (such as passwords, keys, and configurations) from unauthorized access.</li> <li> <strong>Compliance</strong>: Helps meet security and compliance requirements, as many organizations mandate encryption for data stored in the cloud.</li> </ul> </li> </ul> <p><strong>Code Reference</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"aws_s3_bucket_server_side_encryption_configuration"</span> <span class="s2">"terraform_state_crypto_conf"</span> <span class="p">{</span> <span class="nx">bucket</span> <span class="p">=</span> <span class="nx">aws_s3_bucket</span><span class="p">.</span><span class="nx">terraform_state_bucket</span><span class="p">.</span><span class="nx">id</span> <span class="nx">rule</span> <span class="p">{</span> <span class="nx">apply_server_side_encryption_by_default</span> <span class="p">{</span> <span class="nx">sse_algorithm</span> <span class="p">=</span> <span class="s2">"AES256"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <ul> <li>The <code>sse_algorithm = "AES256"</code> ensures that the Advanced Encryption Standard (AES) with a 256-bit key is used for encryption. This is a widely accepted, strong encryption standard.</li> </ul> <h3> 4. Access Control: <code>aws_s3_bucket_public_access_block</code> </h3> <ul> <li> <strong>Purpose</strong>: This resource blocks public access to your S3 bucket, ensuring that the Terraform state file is not exposed to the internet.</li> <li> <strong>Benefit</strong>: <ul> <li> <strong>Enhanced Security</strong>: Prevents unauthorized access by making sure that no one can view or modify your state file from outside your AWS account.</li> <li> <strong>Data Privacy</strong>: Ensures sensitive infrastructure details remain private, preventing leaks or breaches.</li> </ul> </li> </ul> <p><strong>Code Reference</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"aws_s3_bucket_public_access_block"</span> <span class="s2">"terraform_state"</span> <span class="p">{</span> <span class="nx">bucket</span> <span class="p">=</span> <span class="nx">aws_s3_bucket</span><span class="p">.</span><span class="nx">terraform_state_bucket</span><span class="p">.</span><span class="nx">id</span> <span class="nx">block_public_acls</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">block_public_policy</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">ignore_public_acls</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">restrict_public_buckets</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> </code></pre> </div> <ul> <li> <strong>Explanation of Each Parameter</strong>: <ul> <li> <code>block_public_acls = true</code>: Prevents any public access control lists (ACLs) from being applied to the bucket.</li> <li> <code>block_public_policy = true</code>: Ensures that the bucket policy does not allow public access.</li> <li> <code>ignore_public_acls = true</code>: Ignores any public ACLs that may be attached to the bucket.</li> <li> <code>restrict_public_buckets = true</code>: Ensures that no public policies can be applied to this bucket, fully restricting access.</li> </ul> </li> </ul> <p>Together, these settings make it impossible for your bucket to be publicly accessible, ensuring maximum security.</p> <h3> 5. State Locking: <code>aws_dynamodb_table</code> </h3> <ul> <li> <strong>Purpose</strong>: The DynamoDB table is used for state locking, which prevents multiple users or processes from making changes to the state file at the same time.</li> <li> <strong>Benefit</strong>: <ul> <li> <strong>Prevents Conflicts</strong>: State locking ensures that only one <code>terraform apply</code> or <code>terraform plan</code> command can run at a time, avoiding race conditions and potential corruption of the state file.</li> <li> <strong>Collaborative Safety</strong>: Enables multiple team members to work on Terraform configurations simultaneously without overwriting each other's changes.</li> </ul> </li> </ul> <p><strong>Code Reference</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"aws_dynamodb_table"</span> <span class="s2">"terraform_state_lock_table"</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"terraform-state-lock-table"</span> <span class="nx">billing_mode</span> <span class="p">=</span> <span class="s2">"PAY_PER_REQUEST"</span> <span class="nx">hash_key</span> <span class="p">=</span> <span class="s2">"LockID"</span> <span class="nx">attribute</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"LockID"</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"S"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <ul> <li> <strong>Explanation of Each Component</strong>: <ul> <li> <code>name = "terraform-state-lock-table"</code>: Specifies the name of the DynamoDB table.</li> <li> <code>billing_mode = "PAY_PER_REQUEST"</code>: Charges based on the actual usage of the table, making it cost-effective since the state locking feature doesn’t require constant access.</li> <li> <code>hash_key = "LockID"</code>: Defines <code>LockID</code> as the primary key for the table. This key is used to lock the state file during Terraform operations.</li> <li> <code>attribute</code> block: Declares the <code>LockID</code> attribute of type <code>S</code> (string), which is necessary for identifying the lock record.</li> </ul> </li> </ul> <p>By integrating this DynamoDB table, you ensure that your state file remains consistent and protected, even in a collaborative environment.</p> <h3> Initializing and Applying Terraform Infrastructure Locally </h3> <ol> <li> <p><strong>Initialize Terraform:</strong> </p> <ul> <li>Run <code>terraform init</code> in your project's root directory to initialize the Terraform configuration. This sets up the necessary plugins and prepares your working directory.</li> </ul> </li> <li> <p><strong>Plan Infrastructure:</strong> </p> <ul> <li>Execute <code>terraform plan</code> to preview the changes Terraform will make. This step ensures that your configuration is correct before applying any changes.</li> </ul> </li> <li> <p><strong>Apply Infrastructure:</strong></p> <ul> <li>If the plan looks good, run <code>terraform apply</code> to create the infrastructure. When prompted, type <strong>yes</strong> to confirm and apply the changes.</li> </ul> </li> </ol> <p>With this, Step 1 is complete, and your infrastructure is successfully created locally. Next, we'll move to Step 2.</p> <h2> Step 2: Add the S3 Backend Configuration </h2> <p>After creating the bucket and DynamoDB table, update your Terraform configuration to include the remote backend settings:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">terraform</span> <span class="p">{</span> <span class="nx">backend</span> <span class="s2">"s3"</span> <span class="p">{</span> <span class="nx">bucket</span> <span class="p">=</span> <span class="s2">"panchanandevops-tf-state"</span> <span class="nx">key</span> <span class="p">=</span> <span class="s2">"global/s3/terraform.tfstate"</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"us-east-1"</span> <span class="nx">dynamodb_table</span> <span class="p">=</span> <span class="s2">"terraform-state-lock-table"</span> <span class="nx">encrypt</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">terraform</span> <span class="p">{</span> <span class="nx">required_providers</span> <span class="p">{</span> <span class="nx">aws</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"hashicorp/aws"</span> <span class="nx">version</span> <span class="p">=</span> <span class="s2">"~&gt; 5.56"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">provider</span> <span class="s2">"aws"</span> <span class="p">{</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"us-east-1"</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_s3_bucket"</span> <span class="s2">"terraform_state_bucket"</span> <span class="p">{</span> <span class="nx">bucket</span> <span class="p">=</span> <span class="s2">"panchanandevops-tf-state"</span> <span class="nx">force_destroy</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">lifecycle</span> <span class="p">{</span> <span class="nx">prevent_destroy</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_s3_bucket_versioning"</span> <span class="s2">"terraform_bucket_versioning"</span> <span class="p">{</span> <span class="nx">bucket</span> <span class="p">=</span> <span class="nx">aws_s3_bucket</span><span class="p">.</span><span class="nx">terraform_state_bucket</span><span class="p">.</span><span class="nx">id</span> <span class="nx">versioning_configuration</span> <span class="p">{</span> <span class="nx">status</span> <span class="p">=</span> <span class="s2">"Enabled"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_s3_bucket_server_side_encryption_configuration"</span> <span class="s2">"terraform_state_crypto_conf"</span> <span class="p">{</span> <span class="nx">bucket</span> <span class="p">=</span> <span class="nx">aws_s3_bucket</span><span class="p">.</span><span class="nx">terraform_state_bucket</span><span class="p">.</span><span class="nx">id</span> <span class="nx">rule</span> <span class="p">{</span> <span class="nx">apply_server_side_encryption_by_default</span> <span class="p">{</span> <span class="nx">sse_algorithm</span> <span class="p">=</span> <span class="s2">"AES256"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_s3_bucket_public_access_block"</span> <span class="s2">"terraform_state"</span> <span class="p">{</span> <span class="nx">bucket</span> <span class="p">=</span> <span class="nx">aws_s3_bucket</span><span class="p">.</span><span class="nx">terraform_state_bucket</span><span class="p">.</span><span class="nx">id</span> <span class="nx">block_public_acls</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">block_public_policy</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">ignore_public_acls</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">restrict_public_buckets</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_dynamodb_table"</span> <span class="s2">"terraform_state_lock_table"</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"terraform-state-lock-table"</span> <span class="nx">billing_mode</span> <span class="p">=</span> <span class="s2">"PAY_PER_REQUEST"</span> <span class="nx">hash_key</span> <span class="p">=</span> <span class="s2">"LockID"</span> <span class="nx">attribute</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"LockID"</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"S"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>Explanation of the Backend Block:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">terraform</span> <span class="p">{</span> <span class="nx">backend</span> <span class="s2">"s3"</span> <span class="p">{</span> <span class="nx">bucket</span> <span class="p">=</span> <span class="s2">"panchanandevops-tf-state"</span> <span class="nx">key</span> <span class="p">=</span> <span class="s2">"global/s3/terraform.tfstate"</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"us-east-1"</span> <span class="nx">dynamodb_table</span> <span class="p">=</span> <span class="s2">"terraform-state-lock-table"</span> <span class="nx">encrypt</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <ul> <li> <code>bucket</code>: Name of the S3 bucket to store the state file.</li> <li> <code>key</code>: Path to the state file within the bucket.</li> <li> <code>region</code>: AWS region where the bucket is located.</li> <li> <code>dynamodb_table</code>: Table used for state locking.</li> <li> <code>encrypt</code>: Ensures that the state file is encrypted in transit and at rest.</li> </ul> <h3> Migrating the State File from Local to Remote S3 Bucket </h3> <p>In Step 1, we configured all the necessary settings for our S3 backend. Now, it's time to migrate our state file from the local machine to the S3 bucket.</p> <ol> <li> <p><strong>Initiate Migration:</strong></p> <ul> <li>Run <strong><code>terraform init -migrate-state</code></strong>. This command reinitializes Terraform and detects that you want to move the state file to the remote S3 backend.</li> </ul> </li> <li> <p><strong>Confirm Migration:</strong></p> <ul> <li>When prompted, type <strong>yes</strong> to confirm the migration. This action will transfer your local state file to the configured S3 bucket, ensuring that your infrastructure's state is now managed remotely.</li> </ul> </li> </ol> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftsjdmu5kom7tkzi3y75e.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftsjdmu5kom7tkzi3y75e.png" alt="AWS S3 Bucket"></a></p> <p>By completing this step, you have successfully migrated your state management to a secure and centralized S3 backend.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fduxf3jjl8uq07bs1ohvu.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fduxf3jjl8uq07bs1ohvu.png" alt="AWS S3 Bucket"></a></p> <h4> Check AWS S3 Bucket and our Statefile through UI </h4> <p><strong>S3 bucket</strong></p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fk7xiui4voc30ag6apag6.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fk7xiui4voc30ag6apag6.png" alt="AWS S3 Bucket"></a></p> <p><strong>terraform.statefile</strong></p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7ss6q50v6zdqahod42xc.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7ss6q50v6zdqahod42xc.png" alt="AWS S3 Bucket"></a></p> <h3> Cleanup Our Infrastructure </h3> <p>To effectively clean up our infrastructure after migrating to the S3 backend, we need to follow a reverse process of the steps we took during the setup. This ensures that we remove the resources without leaving any orphaned components.</p> <h4> Remove the S3 Backend Configuration </h4> <ol> <li> <p><strong>Edit Configuration:</strong></p> <ul> <li>Open your Terraform configuration file and remove the block that defines the S3 backend. This will prevent Terraform from attempting to manage the state in the S3 bucket.</li> </ul> </li> <li> <p><strong>Reinitialize Terraform:</strong></p> <ul> <li>Run the command <code>terraform init -migrate-state</code>. This command will inform Terraform to reinitialize the working directory and migrate any remaining state files back to your local machine.</li> </ul> </li> </ol> <h4> Adjust S3 Bucket Lifecycle Settings </h4> <ol> <li> <strong>Modify Lifecycle Block:</strong> <ul> <li>Change the lifecycle setting in the <code>aws_s3_bucket</code> resource. Update the <code>prevent_destroy</code> attribute from <code>true</code> to <code>false</code>. This adjustment allows the bucket to be destroyed when you run the <code>terraform destroy</code> command.</li> </ul> </li> </ol> <p>Your updated <code>aws_s3_bucket</code> resource should look like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">resource</span> <span class="s2">"aws_s3_bucket"</span> <span class="s2">"terraform_state_bucket"</span> <span class="p">{</span> <span class="nx">bucket</span> <span class="p">=</span> <span class="s2">"panchanandevops-tf-state"</span> <span class="nx">force_destroy</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">lifecycle</span> <span class="p">{</span> <span class="nx">prevent_destroy</span> <span class="p">=</span> <span class="kc">false</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h4> Destroy the Infrastructure </h4> <ol> <li> <strong>Execute Destruction:</strong> <ul> <li>Now that the configuration is ready, run <code>terraform destroy -auto-approve</code>. This command will initiate the destruction of all resources managed by Terraform, including the S3 bucket and any other associated infrastructure. The <code>-auto-approve</code> flag skips the confirmation prompt, allowing the destruction to proceed without additional input.</li> </ul> </li> </ol> <p>By following these steps, you ensure that all resources are cleaned up properly without any leftover components in your AWS account.</p> <h3> Check AWS S3 Bucket, dynamodb table though UI </h3> <p><strong>S3 bucket</strong></p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F65ok7bjr6c7cawbjrux6.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F65ok7bjr6c7cawbjrux6.png" alt="AWS S3 Bucket"></a></p> <p><strong>Dynamodb table</strong></p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fh55scuh317xfilovcm8b.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fh55scuh317xfilovcm8b.png" alt="AWS S3 Bucket"></a></p> <h2> Conclusion </h2> <p>Using AWS S3 as a Terraform remote backend offers a robust, secure, and scalable solution for managing your infrastructure state files. By combining S3 with DynamoDB for state locking, you ensure a reliable and collaborative environment that is ideal for production-grade infrastructure.</p> <p>This guide demonstrated step-by-step instructions on how to set up AWS S3 as a remote backend, emphasizing why it's a superior alternative to local storage or version control systems. Adopting a remote backend like AWS S3 is a crucial step in building resilient and scalable infrastructure with Terraform.</p> terraform devops aws cloud Mastering Conditional Expressions in Terraform Panchanan Panigrahi Sun, 29 Sep 2024 12:18:19 +0000 https://dev.to/sre_panchanan/mastering-conditional-expressions-in-terraform-11a2 https://dev.to/sre_panchanan/mastering-conditional-expressions-in-terraform-11a2 <ul> <li>1. Using Conditional Expressions with count</li> <li>2. Using Conditional Expressions with for_each</li> <li>3. Using Conditional Expressions in Modules</li> <li>4. Using Conditional Expressions with Data Blocks</li> <li>5. Using Conditional Expressions for Assigning Variables</li> <li>Conclusion</li> </ul> <p>In Terraform, conditional expressions are essential for building dynamic infrastructure configurations. They provide the flexibility to control resource creation, modify values, and streamline infrastructure as code workflows, making your Terraform configurations more efficient and adaptable.</p> <p>This blog will explore how to use conditional expressions effectively in various contexts like the <code>count</code> and <code>for_each</code> parameters, working with modules, and employing them with data blocks.</p> <h2> 1. Using Conditional Expressions with count </h2> <p>The <code>count</code> parameter in Terraform allows us to create multiple instances of a resource or conditionally skip its creation. Conditional expressions make <code>count</code> highly adaptable, enabling you to adjust how many resources to create based on specific conditions.</p> <h3> Example: Conditionally Creating EC2 Instances Based on Type </h3> <p>In this scenario, we want to create EC2 instances only if the <code>instance_type</code> is <code>t2.micro</code>. Otherwise, no instances should be created.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_names"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"List of names for each EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"ubuntu_server_1"</span><span class="p">,</span> <span class="s2">"ubuntu_server_2"</span><span class="p">,</span> <span class="s2">"ubuntu_server_3"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"instance_type"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"The type of EC2 instance to create"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"ubuntu_instance"</span> <span class="p">{</span> <span class="nx">count</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_type</span> <span class="p">==</span> <span class="s2">"t2.micro"</span> <span class="err">?</span> <span class="nx">length</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span><span class="p">)</span> <span class="err">:</span> <span class="mi">0</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0a0e5d9c7acc336f1"</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_type</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span><span class="p">[</span><span class="nx">count</span><span class="p">.</span><span class="nx">index</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>Explanation:</strong></p> <ul> <li> <code>count = var.instance_type == "t2.micro" ? length(var.instance_names) : 0</code>: The conditional expression evaluates whether the <code>instance_type</code> is <code>t2.micro</code>. If true, instances are created based on the length of <code>instance_names</code>; otherwise, no instances are created.</li> <li>This approach ensures that resources are only created when necessary, making your configuration more efficient.</li> </ul> <h2> 2. Using Conditional Expressions with for_each </h2> <p>While <code>count</code> is great for simple scenarios, <code>for_each</code> offers more flexibility when iterating over complex structures like maps or sets. Using conditional expressions with <code>for_each</code> lets you manage resources based on specific criteria.</p> <h3> Example: Creating EC2 Instances Dynamically Based on a List </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_names"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"List of names for each EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"ubuntu_server_1"</span><span class="p">,</span> <span class="s2">"ubuntu_server_2"</span><span class="p">,</span> <span class="s2">"ubuntu_server_3"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"ubuntu_instance"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">length</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span><span class="p">)</span> <span class="err">&gt;</span> <span class="mi">0</span> <span class="err">?</span> <span class="nx">toset</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span><span class="p">)</span> <span class="err">:</span> <span class="p">{}</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0a0e5d9c7acc336f1"</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="nx">each</span><span class="p">.</span><span class="nx">value</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>Explanation:</strong></p> <ul> <li> <code>for_each = length(var.instance_names) &gt; 0 ? toset(var.instance_names) : {}</code>: This conditional expression ensures that instances are created only if <code>instance_names</code> is not empty.</li> <li>This method offers greater flexibility in handling resources with varying requirements, making your Terraform configurations more adaptable.</li> </ul> <h2> 3. Using Conditional Expressions in Modules </h2> <p>Modules help encapsulate Terraform configurations into reusable components. By incorporating conditional expressions, you can create resources within a module based on specific conditions.</p> <h3> Example: Using Modules to Deploy EC2 Instances Conditionally </h3> <h4> <strong>Child Module (<code>modules/ec2_instance/main.tf</code>):</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_name"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Name of the EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"ubuntu_instance"</span> <span class="p">{</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0a0e5d9c7acc336f1"</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_name</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h4> <strong>Root Module (<code>main.tf</code>):</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"deploy_instances"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Flag to control EC2 instance creation"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">bool</span> <span class="nx">default</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"instance_names"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"List of names for each EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"ubuntu_server_1"</span><span class="p">,</span> <span class="s2">"ubuntu_server_2"</span><span class="p">,</span> <span class="s2">"ubuntu_server_3"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">module</span> <span class="s2">"ec2_instances"</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"./modules/ec2_instance"</span> <span class="nx">count</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">deploy_instances</span> <span class="err">?</span> <span class="nx">length</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span><span class="p">)</span> <span class="err">:</span> <span class="mi">0</span> <span class="nx">instance_name</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span><span class="p">[</span><span class="nx">count</span><span class="p">.</span><span class="nx">index</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"instance_ids"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"IDs of the created EC2 instances"</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">module</span><span class="p">.</span><span class="nx">ec2_instances</span><span class="p">[*].</span><span class="nx">id</span> <span class="p">}</span> </code></pre> </div> <p><strong>Explanation:</strong></p> <ul> <li> <code>count = var.deploy_instances ? length(var.instance_names) : 0</code>: This expression controls whether the module creates instances based on the <code>deploy_instances</code> flag.</li> <li>Conditional expressions in modules provide greater control over resource creation, ensuring that unnecessary resources are avoided.</li> </ul> <h2> 4. Using Conditional Expressions with Data Blocks </h2> <p>Conditional expressions are not limited to just resource blocks; they can also be applied to data blocks to manage the flow of data retrieval based on specific conditions. This ensures that we only retrieve data when certain criteria are met, optimizing resource usage and improving the efficiency of our infrastructure code.</p> <h3> <strong>Example: Using Conditional Expressions in a Data Block</strong> </h3> <p>In this example, we use a conditional expression to determine whether to fetch AWS instance data based on whether we have a non-empty list of instance names.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_names"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"List of names for each EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"ubuntu_server_1"</span><span class="p">,</span> <span class="s2">"ubuntu_server_2"</span><span class="p">,</span> <span class="s2">"ubuntu_server_3"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">data</span> <span class="s2">"aws_instances"</span> <span class="s2">"ubuntu_instance"</span> <span class="p">{</span> <span class="nx">count</span> <span class="p">=</span> <span class="nx">length</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span><span class="p">)</span> <span class="err">&gt;</span> <span class="mi">0</span> <span class="err">?</span> <span class="mi">1</span> <span class="err">:</span> <span class="mi">0</span> <span class="nx">filter</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"tag:Name"</span> <span class="nx">values</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span> <span class="p">}</span> <span class="nx">filter</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"instance-state-name"</span> <span class="nx">values</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"running"</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> <strong>Explanation:</strong> </h3> <ul> <li>The <code>count</code> parameter in the <code>data "aws_instances" "ubuntu_instance"</code> block uses a conditional expression: <ul> <li><code>count = length(var.instance_names) &gt; 0 ? 1 : 0</code></li> <li>This expression evaluates whether <code>var.instance_names</code> contains any elements. </li> <li>If the list is non-empty (<code>length(var.instance_names) &gt; 0</code>), the data block will execute once (<code>count = 1</code>), allowing us to fetch data.</li> <li>If the list is empty, the data block will be skipped entirely (<code>count = 0</code>).</li> </ul> </li> </ul> <h2> 5. Using Conditional Expressions for Assigning Variables </h2> <p>Conditional expressions aren't limited to resource creation; they can also be used to assign variable values based on certain conditions.</p> <h3> Example: Setting Variables Based on Environment </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"environment"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Environment (dev, staging, prod)"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"dev"</span> <span class="p">}</span> <span class="nx">locals</span> <span class="p">{</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">environment</span> <span class="p">==</span> <span class="s2">"prod"</span> <span class="err">?</span> <span class="s2">"m5.large"</span> <span class="err">:</span> <span class="s2">"t2.micro"</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"example"</span> <span class="p">{</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0a0e5d9c7acc336f1"</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="nx">local</span><span class="p">.</span><span class="nx">instance_type</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Environment</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">environment</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>Explanation:</strong></p> <ul> <li> <code>local.instance_type = var.environment == "prod" ? "m5.large" : "t2.micro"</code>: This expression sets the <code>instance_type</code> based on the environment, ensuring the appropriate instance size is used.</li> </ul> <h2> Conclusion </h2> <p>Conditional expressions in Terraform are incredibly versatile, allowing you to create adaptable, efficient, and cost-effective configurations. By integrating conditional logic with <code>count</code>, <code>for_each</code>, data blocks, modules, and variable assignments, you can create your infrastructure deployments to meet any requirement.</p> <p>Now that you've learned how to master conditional expressions, you can make your Terraform configurations smarter and more responsive to changing requirements.<strong>Happy Terraforming!</strong></p> devops terraform infrastructureascode cloud 27 Powerful Built-in Terraform Functions to Enhance Your Workflow Panchanan Panigrahi Sat, 28 Sep 2024 13:35:52 +0000 https://dev.to/sre_panchanan/27-powerful-built-in-terraform-functions-to-enhance-your-workflow-3be0 https://dev.to/sre_panchanan/27-powerful-built-in-terraform-functions-to-enhance-your-workflow-3be0 <ul> <li>What are Terraform Functions?</li> <li>1. toset Function</li> <li>2. format Function</li> <li>3. formatlist Function</li> <li>4. join Function</li> <li>5. split Function</li> <li>6. length Function</li> <li>7. lookup Function</li> <li>8. merge Function</li> <li>9. concat Function</li> <li>10. flatten Function</li> <li>11. slice Function</li> <li>12. zipmap Function</li> <li>13. Working with key and value in Maps</li> <li>14. element Function</li> <li>15. index Function</li> <li>16. contains Function</li> <li>17. distinct Function</li> <li>18. coalesce Function</li> <li>19. coalescelist Function</li> <li>20. one Function</li> <li>21. try Function</li> <li>22. can Function</li> <li>23. file Function</li> <li>24. templatefile Function</li> <li>25. Base64 Functions: base64encode and base64decode</li> <li>26. JSON Functions: jsonencode and jsondecode</li> <li>27. YAML Functions: yamlencode and yamldecode</li> <li>Final Thoughts</li> </ul> <p>Terraform is a powerful Infrastructure as Code (IaC) tool packed with built-in functions that enhance your workflow. These functions are game-changers for managing and automating infrastructure.</p> <p>In this blog, we’ll explore <strong>27 essential built-in functions</strong> every Terraform user should know. Whether you're a beginner or looking to refine your skills, this guide will help you write efficient, maintainable, and scalable code. Let’s discover how these functions can elevate your Terraform journey!</p> <h2> What are Terraform Functions? </h2> <p>Terraform functions are versatile tools for data manipulation and transformation in your configurations. They allow for operations like string formatting, arithmetic calculations, and managing lists and maps.</p> <p>By using these functions, you can create dynamic and maintainable infrastructure code that adheres to the <strong>DRY (Don’t Repeat Yourself) principle</strong>, simplifying the provisioning and management of your resources.</p> <h2> 1. toset Function </h2> <p>The <code>toset</code> function is used to convert a list or tuple into a set. This transformation helps eliminate duplicate values, ensuring that each element in the set is unique.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">toset</span><span class="err">(</span><span class="nx">list</span><span class="err">)</span> </code></pre> </div> <h3> <strong>Example:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"my_list"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"apple"</span><span class="p">,</span> <span class="s2">"banana"</span><span class="p">,</span> <span class="s2">"apple"</span><span class="p">,</span> <span class="s2">"orange"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"unique_fruits"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">toset</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">my_list</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>In this example, the <code>toset</code> function converts the list <code>["apple", "banana", "apple", "orange"]</code> into a set, resulting in <code>{"apple", "banana", "orange"}</code> by removing the duplicate "apple." This is particularly useful when you want to ensure unique values in your configurations.</p> <h2> 2. format Function </h2> <p>The <code>format</code> function allows you to create a formatted string by embedding variable values into a predefined format string. It offers flexibility in handling various data types like strings, integers, and floats, making it a versatile tool for generating dynamic content.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">format</span><span class="err">(</span><span class="nx">format_string</span><span class="err">,</span> <span class="nx">arg1</span><span class="err">,</span> <span class="nx">arg2</span><span class="err">,</span> <span class="err">...)</span> </code></pre> </div> <ul> <li> <code>format_string</code>: The main string containing placeholders (e.g., <code>%s</code>, <code>%d</code>, <code>%.2f</code>) that specify how the variable values should be formatted.</li> <li> <code>arg1, arg2, ...</code>: Values to be substituted in the placeholders.</li> </ul> <h3> <strong>Supported Placeholders:</strong> </h3> <ul> <li> <code>%s</code> – For strings</li> <li> <code>%d</code> – For integers</li> <li> <code>%f</code> – For floating-point numbers</li> <li> <code>%t</code> – For boolean values</li> <li> <code>%v</code> – For automatic formatting (default representation of the value)</li> <li> <code>%#v</code> – For a Go-syntax representation of the value (useful for complex data structures)</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Formatting Strings</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"first_name"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"John"</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"last_name"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"Doe"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"formatted_name"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">format</span><span class="p">(</span><span class="s2">"Full Name: %s %s"</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">first_name</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">last_name</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"Full Name: John Doe"</code></p> <h4> <strong>2. Formatting Integers</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"age"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="mi">30</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"formatted_age"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">format</span><span class="p">(</span><span class="s2">"Age: %d years"</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">age</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"Age: 30 years"</code></p> <h4> <strong>3. Formatting Floats</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"price"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="mf">25.6789</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"formatted_price"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">format</span><span class="p">(</span><span class="s2">"Total Price: %.2f USD"</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">price</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"Total Price: 25.68 USD"</code></p> <ul> <li> <code>%.2f</code> specifies that the float should be formatted with 2 decimal places.</li> </ul> <h4> <strong>4. Boolean Values</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"is_active"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"status_message"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">format</span><span class="p">(</span><span class="s2">"Status: %t"</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">is_active</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"Status: true"</code></p> <h4> <strong>5. Using Automatic Formatting with <code>%v</code></strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"items"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="mi">1</span><span class="p">,</span> <span class="s2">"apple"</span><span class="p">,</span> <span class="mf">3.14</span><span class="p">,</span> <span class="kc">true</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"mixed_output"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">format</span><span class="p">(</span><span class="s2">"Values: %v"</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">items</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"Values: [1 apple 3.14 true]"</code></p> <h2> 3. formatlist Function </h2> <p>The <code>formatlist</code> function formats a list of values using a specified pattern. It’s perfect for situations where you need to apply consistent formatting to multiple elements.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">formatlist</span><span class="err">(</span><span class="nx">format_string</span><span class="err">,</span> <span class="nx">values</span><span class="err">...)</span> </code></pre> </div> <ul> <li> <code>format_string</code>: The format pattern to apply to each value in the list.</li> <li> <code>values...</code>: The list of values to format.</li> </ul> <h3> <strong>Supported Placeholders:</strong> </h3> <p>The placeholders in <code>formatlist</code> work the same way as those in the <code>format</code> function, allowing you to handle strings, integers, floats, and booleans.</p> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Formatting a List of Strings</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"cities"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"New York"</span><span class="p">,</span> <span class="s2">"Los Angeles"</span><span class="p">,</span> <span class="s2">"Chicago"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"city_greetings"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">formatlist</span><span class="p">(</span><span class="s2">"Welcome to %s!"</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">cities</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>["Welcome to New York!", "Welcome to Los Angeles!", "Welcome to Chicago!"]</code></p> <h4> <strong>2. Formatting a List of Integers</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"scores"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="mi">95</span><span class="p">,</span> <span class="mi">85</span><span class="p">,</span> <span class="mi">75</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"formatted_scores"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">formatlist</span><span class="p">(</span><span class="s2">"Score: %d"</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">scores</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>["Score: 95", "Score: 85", "Score: 75"]</code></p> <h4> <strong>3. Formatting a List of Floats</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"percentages"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="mf">0.875</span><span class="p">,</span> <span class="mf">0.923</span><span class="p">,</span> <span class="mf">0.658</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"formatted_percentages"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">formatlist</span><span class="p">(</span><span class="s2">"Percentage: %.1f%%"</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">percentages</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>["Percentage: 87.5%", "Percentage: 92.3%", "Percentage: 65.8%"]</code></p> <ul> <li>The <code>%.1f%%</code> format specifies one decimal place and includes the percentage symbol.</li> </ul> <h4> <strong>4. Using Automatic Formatting with <code>%v</code> in Lists</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"mixed_values"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="mi">42</span><span class="p">,</span> <span class="s2">"banana"</span><span class="p">,</span> <span class="kc">true</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"formatted_list"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">formatlist</span><span class="p">(</span><span class="s2">"Value: %v"</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">mixed_values</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>["Value: 42", "Value: banana", "Value: true"]</code></p> <h2> 4. join Function </h2> <p>The <code>join</code> function in Terraform is used to concatenate elements of a list into a single string, using a specified delimiter. This is especially useful when you need to combine multiple values into a single formatted string.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">join</span><span class="err">(</span><span class="nx">delimiter</span><span class="err">,</span> <span class="nx">list</span><span class="err">)</span> </code></pre> </div> <ul> <li> <code>delimiter</code>: The string that separates each element in the list when joined.</li> <li> <code>list</code>: The list of values to be concatenated into a single string.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Joining a List of Strings</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"languages"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"Go"</span><span class="p">,</span> <span class="s2">"Python"</span><span class="p">,</span> <span class="s2">"Java"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"joined_languages"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">join</span><span class="p">(</span><span class="s2">", "</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">languages</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"Go, Python, Java"</code></p> <ul> <li>The <code>join</code> function combines the list into a single string, using <code>", "</code> as the separator.</li> </ul> <h4> <strong>2. Joining with No Delimiter</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"letters"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"a"</span><span class="p">,</span> <span class="s2">"b"</span><span class="p">,</span> <span class="s2">"c"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"combined_letters"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">join</span><span class="p">(</span><span class="s2">""</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">letters</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"abc"</code></p> <ul> <li>The <code>join</code> function combines all elements with no space between them.</li> </ul> <h4> <strong>3. Joining Integers (Converted to Strings)</strong> </h4> <p>Although <code>join</code> directly works with strings, you can convert integers to strings before joining them:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"numbers"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"1"</span><span class="p">,</span> <span class="s2">"2"</span><span class="p">,</span> <span class="s2">"3"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"joined_numbers"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">join</span><span class="p">(</span><span class="s2">"-"</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">numbers</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"1-2-3"</code></p> <ul> <li>This example demonstrates that if numbers are already strings, you can join them seamlessly using <code>"-"</code> as a delimiter.</li> </ul> <h2> 5. split Function </h2> <p>The <code>split</code> function does the opposite of <code>join</code>. It splits a string into a list of substrings based on a specified delimiter, making it useful when you need to break down complex strings into individual components.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">split</span><span class="err">(</span><span class="nx">delimiter</span><span class="err">,</span> <span class="nx">string</span><span class="err">)</span> </code></pre> </div> <ul> <li> <code>delimiter</code>: The string used to split the main string.</li> <li> <code>string</code>: The original string to be split into a list.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Splitting a Comma-Separated String</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"comma_separated"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"apple,orange,banana"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"fruits_list"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">split</span><span class="p">(</span><span class="s2">","</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">comma_separated</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>["apple", "orange", "banana"]</code></p> <ul> <li>The <code>split</code> function converts the comma-separated string into a list of fruits.</li> </ul> <h4> <strong>2. Splitting a String with Spaces</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"sentence"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"Terraform makes infrastructure simple"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"words_list"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">split</span><span class="p">(</span><span class="s2">" "</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">sentence</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>["Terraform", "makes", "infrastructure", "simple"]</code></p> <ul> <li>Here, the <code>split</code> function breaks the sentence into individual words using a space as the delimiter.</li> </ul> <h4> <strong>3. Splitting with a Complex Delimiter</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"complex_string"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"one#two#three#four"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"split_result"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">split</span><span class="p">(</span><span class="s2">"#"</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">complex_string</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>["one", "two", "three", "four"]</code></p> <ul> <li>The <code>split</code> function uses <code>"#"</code> to separate the elements.</li> </ul> <h4> <strong>4. Splitting a String and Joining Again</strong> </h4> <p>You can combine <code>split</code> and <code>join</code> for more complex manipulations:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"data"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"cat,dog,bird"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"modified_animals"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">join</span><span class="p">(</span><span class="s2">" | "</span><span class="p">,</span> <span class="nx">split</span><span class="p">(</span><span class="s2">","</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">data</span><span class="p">))</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"cat | dog | bird"</code></p> <ul> <li>This example demonstrates splitting a comma-separated string into a list, then joining it back with <code>" | "</code> as the new delimiter.</li> </ul> <h2> 6. length Function </h2> <p>The <code>length</code> function is used to determine the number of elements in a collection, such as a list, map, or string. It's quite handy for validation, conditionals, or loops within your Terraform configurations.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">length</span><span class="err">(</span><span class="nx">collection</span><span class="err">)</span> </code></pre> </div> <ul> <li> <code>collection</code>: Can be a list, map, or string.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Finding the Length of a List</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"colors"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"red"</span><span class="p">,</span> <span class="s2">"green"</span><span class="p">,</span> <span class="s2">"blue"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"colors_count"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">length</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">colors</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>3</code></p> <ul> <li>The <code>length</code> function counts the number of elements in the list <code>colors</code>.</li> </ul> <h4> <strong>2. Determining the Length of a Map</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"person"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"Alice"</span> <span class="nx">age</span> <span class="p">=</span> <span class="mi">30</span> <span class="nx">gender</span> <span class="p">=</span> <span class="s2">"female"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"person_attributes"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">length</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">person</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>3</code></p> <ul> <li>The <code>length</code> function counts the number of key-value pairs in the map <code>person</code>.</li> </ul> <h4> <strong>3. Calculating the Length of a String</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"welcome_message"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"Hello, Terraform!"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"message_length"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">length</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">welcome_message</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>16</code></p> <ul> <li>The <code>length</code> function returns the total number of characters in the string, including spaces and punctuation.</li> </ul> <h2> 7. lookup Function </h2> <p>The <code>lookup</code> function is used to retrieve a value from a map based on a given key, with an optional default value if the key is not found. This function is beneficial for handling dynamic values or defaults in your configurations.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">lookup</span><span class="err">(</span><span class="nx">map</span><span class="err">,</span> <span class="nx">key</span><span class="err">,</span> <span class="nx">default</span><span class="err">)</span> </code></pre> </div> <ul> <li> <code>map</code>: The map from which to retrieve the value.</li> <li> <code>key</code>: The key to look up.</li> <li> <code>default</code>: (Optional) The value to return if the key doesn't exist.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Retrieving a Value from a Map</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"region_settings"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">us-east-1</span> <span class="p">=</span> <span class="s2">"Virginia"</span> <span class="nx">us-west-1</span> <span class="p">=</span> <span class="s2">"California"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"selected_region"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">lookup</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">region_settings</span><span class="p">,</span> <span class="s2">"us-east-1"</span><span class="p">,</span> <span class="s2">"Unknown"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"Virginia"</code></p> <ul> <li>The <code>lookup</code> function retrieves the value for the key <code>"us-east-1"</code> from the map <code>region_settings</code>.</li> </ul> <h4> <strong>2. Using a Default Value When the Key Is Missing</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"undefined_region"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">lookup</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">region_settings</span><span class="p">,</span> <span class="s2">"eu-central-1"</span><span class="p">,</span> <span class="s2">"Unknown"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"Unknown"</code></p> <ul> <li>Since <code>"eu-central-1"</code> does not exist in the map, the <code>lookup</code> function returns the default value <code>"Unknown"</code>.</li> </ul> <h4> <strong>3. Nested <code>lookup</code> Example</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"settings"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">database</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">host</span> <span class="p">=</span> <span class="s2">"db.example.com"</span> <span class="nx">port</span> <span class="p">=</span> <span class="mi">5432</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"database_host"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">lookup</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">settings</span><span class="p">[</span><span class="s2">"database"</span><span class="p">],</span> <span class="s2">"host"</span><span class="p">,</span> <span class="s2">"localhost"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"db.example.com"</code></p> <ul> <li>The <code>lookup</code> function accesses nested map values efficiently.</li> </ul> <h2> 8. merge Function </h2> <p>The <code>merge</code> function combines two or more maps into a single map. This function is useful when you need to consolidate configurations from multiple sources or override default values with specific ones.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">merge</span><span class="err">(</span><span class="nx">map1</span><span class="err">,</span> <span class="nx">map2</span><span class="err">,</span> <span class="err">...)</span> </code></pre> </div> <ul> <li> <code>map1, map2, ...</code>: Two or more maps to be merged into a single map.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Merging Two Maps</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"default_config"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">environment</span> <span class="p">=</span> <span class="s2">"dev"</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"override_config"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t3.small"</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"us-west-2"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"final_config"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">merge</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">default_config</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">override_config</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>{<br> environment = "dev"<br> instance_type = "t3.small"<br> region = "us-west-2"<br> }</code></p> <ul> <li>The <code>merge</code> function combines <code>default_config</code> and <code>override_config</code>, with <code>override_config</code> taking precedence in case of conflicting keys.</li> </ul> <h4> <strong>2. Merging Multiple Maps</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"map1"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">a</span> <span class="p">=</span> <span class="mi">1</span> <span class="nx">b</span> <span class="p">=</span> <span class="mi">2</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"map2"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">b</span> <span class="p">=</span> <span class="mi">3</span> <span class="nx">c</span> <span class="p">=</span> <span class="mi">4</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"map3"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">d</span> <span class="p">=</span> <span class="mi">5</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"combined_map"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">merge</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">map1</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">map2</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">map3</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>{<br> a = 1<br> b = 3<br> c = 4<br> d = 5<br> }</code></p> <ul> <li>The <code>merge</code> function combines all three maps, with later maps (<code>map2</code> and <code>map3</code>) taking precedence over earlier ones in case of overlapping keys.</li> </ul> <h4> <strong>3. Using <code>merge</code> with Nested Maps</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"base_settings"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">database</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">host</span> <span class="p">=</span> <span class="s2">"db.local"</span> <span class="nx">port</span> <span class="p">=</span> <span class="mi">3306</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"additional_settings"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">database</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">user</span> <span class="p">=</span> <span class="s2">"admin"</span> <span class="nx">password</span> <span class="p">=</span> <span class="s2">"secret"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"merged_settings"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">merge</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">base_settings</span><span class="p">[</span><span class="s2">"database"</span><span class="p">],</span> <span class="nx">var</span><span class="p">.</span><span class="nx">additional_settings</span><span class="p">[</span><span class="s2">"database"</span><span class="p">])</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>{<br> host = "db.local"<br> port = 3306<br> user = "admin"<br> password = "secret"<br> }</code></p> <ul> <li>The <code>merge</code> function combines the nested maps under the <code>database</code> key, creating a more complete configuration.</li> </ul> <h2> 9. concat Function </h2> <p>The <code>concat</code> function combines multiple lists into a single list. It doesn’t remove duplicates and preserves the order of elements from each list.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">concat</span><span class="err">(</span><span class="nx">list1</span><span class="err">,</span> <span class="nx">list2</span><span class="err">,</span> <span class="err">...)</span> </code></pre> </div> <ul> <li> <code>list1, list2, ...</code>: Two or more lists to be concatenated.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Concatenating Two Lists</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"list1"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"apple"</span><span class="p">,</span> <span class="s2">"banana"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"list2"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"cherry"</span><span class="p">,</span> <span class="s2">"date"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"combined_list"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">concat</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">list1</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">list2</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>["apple", "banana", "cherry", "date"]</code></p> <ul> <li>The <code>concat</code> function combines <code>list1</code> and <code>list2</code> into a single list.</li> </ul> <h4> <strong>2. Concatenating with an Empty List</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"empty_list"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[]</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"fruits"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"grape"</span><span class="p">,</span> <span class="s2">"orange"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"result_list"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">concat</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">empty_list</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">fruits</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>["grape", "orange"]</code></p> <ul> <li>Concatenating an empty list with another list results in just the non-empty list.</li> </ul> <h4> <strong>3. Concatenating Multiple Lists</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"list_a"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"one"</span><span class="p">,</span> <span class="s2">"two"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"list_b"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"three"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"list_c"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"four"</span><span class="p">,</span> <span class="s2">"five"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"combined_multiple_lists"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">concat</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">list_a</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">list_b</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">list_c</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>["one", "two", "three", "four", "five"]</code></p> <ul> <li>Multiple lists are combined into one ordered list.</li> </ul> <h2> 10. flatten Function </h2> <p>The <code>flatten</code> function is used to convert a nested list (a list of lists) into a single, flat list. It's useful for removing nested layers when you need a single-level list.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">flatten</span><span class="err">(</span><span class="nx">list</span><span class="err">)</span> </code></pre> </div> <ul> <li> <code>list</code>: The nested list you want to flatten.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Flattening a Simple Nested List</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"nested_list"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[[</span><span class="s2">"a"</span><span class="p">,</span> <span class="s2">"b"</span><span class="p">],</span> <span class="p">[</span><span class="s2">"c"</span><span class="p">,</span> <span class="s2">"d"</span><span class="p">],</span> <span class="p">[</span><span class="s2">"e"</span><span class="p">]]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"flat_list"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">flatten</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">nested_list</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>["a", "b", "c", "d", "e"]</code></p> <ul> <li>The <code>flatten</code> function removes the inner list structure, resulting in a single-level list.</li> </ul> <h4> <strong>2. Flattening Lists with Empty Lists</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"mixed_nested_list"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[[</span><span class="s2">"apple"</span><span class="p">,</span> <span class="s2">"banana"</span><span class="p">],</span> <span class="p">[],</span> <span class="p">[</span><span class="s2">"cherry"</span><span class="p">]]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"flattened_result"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">flatten</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">mixed_nested_list</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>["apple", "banana", "cherry"]</code></p> <ul> <li>Empty lists within the nested list are ignored, resulting in a flat list.</li> </ul> <h4> <strong>3. Flattening Multiple Levels of Nesting</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"deep_nested_list"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[[[</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">]],</span> <span class="p">[</span><span class="mi">3</span><span class="p">,</span> <span class="mi">4</span><span class="p">],</span> <span class="p">[</span><span class="mi">5</span><span class="p">]]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"flat_deep_list"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">flatten</span><span class="p">(</span><span class="nx">flatten</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">deep_nested_list</span><span class="p">))</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>[1, 2, 3, 4, 5]</code></p> <ul> <li>Applying <code>flatten</code> multiple times can help when there are multiple levels of nesting.</li> </ul> <h2> 11. slice Function </h2> <p>The <code>slice</code> function extracts a sublist from a given list, using start and end index values.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">slice</span><span class="err">(</span><span class="nx">list</span><span class="err">,</span> <span class="nx">start</span><span class="err">,</span> <span class="nx">end</span><span class="err">)</span> </code></pre> </div> <ul> <li> <code>list</code>: The list to slice.</li> <li> <code>start</code>: The start index (inclusive).</li> <li> <code>end</code>: The end index (exclusive).</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Slicing a List from Index 1 to 3</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"numbers"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="mi">10</span><span class="p">,</span> <span class="mi">20</span><span class="p">,</span> <span class="mi">30</span><span class="p">,</span> <span class="mi">40</span><span class="p">,</span> <span class="mi">50</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"sliced_list"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">slice</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">numbers</span><span class="p">,</span> <span class="mi">1</span><span class="p">,</span> <span class="mi">3</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>[20, 30]</code></p> <ul> <li>The <code>slice</code> function extracts elements from index <code>1</code> to <code>3</code> (excluding <code>3</code>).</li> </ul> <h4> <strong>2. Slicing to the End of a List</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"slice_to_end"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">slice</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">numbers</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="nx">length</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">numbers</span><span class="p">))</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>[30, 40, 50]</code></p> <ul> <li>Using <code>length(var.numbers)</code> as the end index slices the list up to the last element.</li> </ul> <h4> <strong>3. Handling Negative Indices</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"negative_slice"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">slice</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">numbers</span><span class="p">,</span> <span class="nx">-3</span><span class="p">,</span> <span class="nx">-1</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>[30, 40]</code></p> <ul> <li>Negative indices count from the end of the list.</li> </ul> <h2> 12. zipmap Function </h2> <p>The <code>zipmap</code> function creates a map by combining two lists: one for the keys and another for the values. It’s useful when you want to transform two related lists into a key-value structure.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">zipmap</span><span class="err">(</span><span class="nx">keys</span><span class="err">,</span> <span class="nx">values</span><span class="err">)</span> </code></pre> </div> <ul> <li> <code>keys</code>: A list of keys.</li> <li> <code>values</code>: A list of values corresponding to each key.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Creating a Simple Map</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"keys"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"name"</span><span class="p">,</span> <span class="s2">"age"</span><span class="p">,</span> <span class="s2">"city"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"values"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"Alice"</span><span class="p">,</span> <span class="mi">30</span><span class="p">,</span> <span class="s2">"New York"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"person_map"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">zipmap</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">keys</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">values</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>{<br> "name" = "Alice"<br> "age" = 30<br> "city" = "New York"<br> }</code></p> <ul> <li>The <code>zipmap</code> function combines <code>keys</code> and <code>values</code> into a map.</li> </ul> <h4> <strong>2. Handling Lists of Different Lengths</strong> </h4> <p>If the <code>keys</code> list is longer than the <code>values</code> list, <code>zipmap</code> fills the missing values with <code>null</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"keys_extra"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"one"</span><span class="p">,</span> <span class="s2">"two"</span><span class="p">,</span> <span class="s2">"three"</span><span class="p">,</span> <span class="s2">"four"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"values_short"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"mismatched_zipmap"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">zipmap</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">keys_extra</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">values_short</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>{<br> "one" = 1<br> "two" = 2<br> "three" = null<br> "four" = null<br> }</code></p> <ul> <li>The additional keys are paired with <code>null</code> values.</li> </ul> <h4> <strong>3. Using <code>zipmap</code> with Computed Values</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"countries"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"USA"</span><span class="p">,</span> <span class="s2">"Canada"</span><span class="p">,</span> <span class="s2">"Mexico"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"codes"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"US"</span><span class="p">,</span> <span class="s2">"CA"</span><span class="p">,</span> <span class="s2">"MX"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"country_code_map"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">zipmap</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">countries</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">codes</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>{<br> "USA" = "US"<br> "Canada" = "CA"<br> "Mexico" = "MX"<br> }</code></p> <ul> <li>The <code>zipmap</code> function efficiently maps country names to their respective codes.</li> </ul> <h2> 13. Working with key and value in Maps </h2> <p>In Terraform, you often need to work with keys and values from maps. Although there's no direct <code>key</code> or <code>value</code> function, you can use the <code>keys()</code> and <code>values()</code> functions to extract all keys or values from a map, respectively.</p> <h3> <strong>a. <code>keys</code> Function</strong> </h3> <p>The <code>keys</code> function retrieves all keys from a given map as a list.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">keys</span><span class="err">(</span><span class="nx">map</span><span class="err">)</span> </code></pre> </div> <ul> <li> <code>map</code>: The map from which you want to extract keys.</li> </ul> <h3> <strong>Example:</strong> </h3> <h4> <strong>Extracting Keys</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"server_config"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"us-east-1"</span> <span class="nx">availability</span> <span class="p">=</span> <span class="s2">"zone-a"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"config_keys"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">keys</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">server_config</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>["instance_type", "region", "availability"]</code></p> <ul> <li>This returns all the keys from the <code>server_config</code> map as a list.</li> </ul> <h3> <strong>b. <code>values</code> Function</strong> </h3> <p>The <code>values</code> function retrieves all values from a given map as a list.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">values</span><span class="err">(</span><span class="nx">map</span><span class="err">)</span> </code></pre> </div> <ul> <li> <code>map</code>: The map from which you want to extract values.</li> </ul> <h3> <strong>Example:</strong> </h3> <h4> <strong>Extracting Values</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"config_values"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">values</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">server_config</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>["t2.micro", "us-east-1", "zone-a"]</code></p> <ul> <li>This returns all the values from the <code>server_config</code> map as a list.</li> </ul> <h2> 14. element Function </h2> <p>The <code>element</code> function retrieves an item from a list based on its index. If the index is out of range, it wraps around using the modulo operation.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">element</span><span class="err">(</span><span class="nx">list</span><span class="err">,</span> <span class="nx">index</span><span class="err">)</span> </code></pre> </div> <ul> <li> <code>list</code>: The list from which you want to retrieve an element.</li> <li> <code>index</code>: The position of the element you want to access.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Basic Element Access</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"fruit_list"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"apple"</span><span class="p">,</span> <span class="s2">"banana"</span><span class="p">,</span> <span class="s2">"cherry"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"second_element"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">element</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">fruit_list</span><span class="p">,</span> <span class="mi">1</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"banana"</code></p> <ul> <li>The element at index <code>1</code> in the list is <code>"banana"</code>.</li> </ul> <h4> <strong>2. Accessing Out-of-Bounds Index</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"wrapped_index"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">element</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">fruit_list</span><span class="p">,</span> <span class="mi">4</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"banana"</code></p> <ul> <li>Index <code>4</code> wraps around to <code>1</code> (<code>4 % 3 = 1</code>).</li> </ul> <h2> 15. index Function </h2> <p>The <code>index</code> function returns the position of a given value within a list. If the value isn't found, it throws an error.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">index</span><span class="err">(</span><span class="nx">list</span><span class="err">,</span> <span class="nx">value</span><span class="err">)</span> </code></pre> </div> <ul> <li> <code>list</code>: The list to search.</li> <li> <code>value</code>: The value you want to find.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Finding the Index of a Value</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"colors"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"red"</span><span class="p">,</span> <span class="s2">"green"</span><span class="p">,</span> <span class="s2">"blue"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"index_of_green"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">index</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">colors</span><span class="p">,</span> <span class="s2">"green"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>1</code></p> <ul> <li> <code>"green"</code> is located at index <code>1</code>.</li> </ul> <h4> <strong>2. Value Not Found</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"index_of_yellow"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">index</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">colors</span><span class="p">,</span> <span class="s2">"yellow"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Error:</strong> The <code>index</code> function will throw an error because <code>"yellow"</code> isn't in the list.</p> <h2> 16. contains Function </h2> <p>The <code>contains</code> function checks if a list contains a specific value and returns <code>true</code> or <code>false</code>.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">contains</span><span class="err">(</span><span class="nx">list</span><span class="err">,</span> <span class="nx">value</span><span class="err">)</span> </code></pre> </div> <ul> <li> <code>list</code>: The list to search.</li> <li> <code>value</code>: The value to check.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Checking for Presence</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"animals"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"cat"</span><span class="p">,</span> <span class="s2">"dog"</span><span class="p">,</span> <span class="s2">"bird"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"contains_dog"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">contains</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">animals</span><span class="p">,</span> <span class="s2">"dog"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>true</code></p> <ul> <li> <code>"dog"</code> is in the list, so <code>contains</code> returns <code>true</code>.</li> </ul> <h4> <strong>2. Value Not Present</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"contains_fish"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">contains</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">animals</span><span class="p">,</span> <span class="s2">"fish"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>false</code></p> <ul> <li> <code>"fish"</code> isn't in the list, resulting in <code>false</code>.</li> </ul> <h2> 17. distinct Function </h2> <p>The <code>distinct</code> function removes duplicate values from a list and returns a new list with only unique elements.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">distinct</span><span class="err">(</span><span class="nx">list</span><span class="err">)</span> </code></pre> </div> <ul> <li> <code>list</code>: The list from which duplicates should be removed.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Removing Duplicates</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"numbers"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="mi">3</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">5</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"unique_numbers"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">distinct</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">numbers</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>[1, 2, 3, 4, 5]</code></p> <ul> <li>The <code>distinct</code> function removes the duplicate <code>2</code> and <code>4</code> values.</li> </ul> <h4> <strong>2. Handling Lists with All Unique Elements</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"unique_list"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"apple"</span><span class="p">,</span> <span class="s2">"banana"</span><span class="p">,</span> <span class="s2">"cherry"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"still_unique"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">distinct</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">unique_list</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>["apple", "banana", "cherry"]</code></p> <ul> <li>The list remains unchanged as all elements are already unique.</li> </ul> <p>Let's explore the <code>coalesce</code>, <code>coalescelist</code>, and <code>one</code> functions in Terraform, complete with detailed explanations, syntax, and examples.</p> <h2> 18. coalesce Function </h2> <p>The <code>coalesce</code> function returns the first non-null value from a list of arguments. This is particularly useful for setting default values or handling optional variables.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">coalesce</span><span class="err">(</span><span class="nx">value1</span><span class="err">,</span> <span class="nx">value2</span><span class="err">,</span> <span class="err">...)</span> </code></pre> </div> <ul> <li> <code>value1, value2, ...</code>: A list of values to evaluate. The function returns the first value that is not null.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Basic Coalesce Usage</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"var1"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="kc">null</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"var2"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"default_value"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"first_non_null"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">coalesce</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">var1</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">var2</span><span class="p">,</span> <span class="s2">"fallback_value"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"default_value"</code></p> <ul> <li>The function returns <code>var2</code> because it is the first non-null value.</li> </ul> <h4> <strong>2. All Values Null</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"var3"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="kc">null</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"all_null"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">coalesce</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">var1</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">var3</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>null</code></p> <ul> <li>Since all values are null, the result is null.</li> </ul> <h2> 19. coalescelist Function </h2> <p>The <code>coalescelist</code> function is similar to <code>coalesce</code>, but it works with lists. It returns the first non-empty list from a list of lists.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">coalescelist</span><span class="err">(</span><span class="nx">list1</span><span class="err">,</span> <span class="nx">list2</span><span class="err">,</span> <span class="err">...)</span> </code></pre> </div> <ul> <li> <code>list1, list2, ...</code>: A list of lists to evaluate. The function returns the first non-empty list.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Basic Coalescelist Usage</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"list1"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[]</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"list2"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"apple"</span><span class="p">,</span> <span class="s2">"banana"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"first_non_empty_list"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">coalescelist</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">list1</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">list2</span><span class="p">,</span> <span class="p">[</span><span class="s2">"fallback"</span><span class="p">])</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>["apple", "banana"]</code></p> <ul> <li>The function returns <code>list2</code> as it is the first non-empty list.</li> </ul> <h4> <strong>2. All Lists Empty</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"empty_list1"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[]</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"empty_list2"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"all_empty_lists"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">coalescelist</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">empty_list1</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">empty_list2</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>[]</code></p> <ul> <li>Since all lists are empty, the result is an empty list.</li> </ul> <h2> 20. one Function </h2> <p>The <code>one</code> function checks if exactly one of its arguments is non-null and returns that value. If none or more than one argument is non-null, it results in an error.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">one</span><span class="err">(</span><span class="nx">value1</span><span class="err">,</span> <span class="nx">value2</span><span class="err">,</span> <span class="err">...)</span> </code></pre> </div> <ul> <li> <code>value1, value2, ...</code>: A list of values to evaluate. It checks if exactly one is non-null.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Basic One Usage</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"single_value"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"only_value"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"exactly_one_non_null"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">one</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">single_value</span><span class="p">,</span> <span class="kc">null</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"only_value"</code></p> <ul> <li>The function returns <code>single_value</code> because it is the only non-null value.</li> </ul> <h4> <strong>2. More than One Non-Null</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"var4"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"value_1"</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"var5"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"value_2"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"more_than_one_non_null"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">one</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">var4</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">var5</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Error:</strong> The function will throw an error because there are two non-null values.</p> <h4> <strong>3. No Non-Null Values</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"no_non_null"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">one</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="kc">null</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Error:</strong> The function will throw an error because there are no non-null values.</p> <h2> 21. try Function </h2> <p>The <code>try</code> function is a powerful utility that attempts to evaluate a list of expressions in order. It returns the result of the first expression that does not produce an error. This is particularly useful for error handling and providing fallback values when working with resources or variables that may not always be available.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">try</span><span class="err">(</span><span class="nx">expression1</span><span class="err">,</span> <span class="nx">expression2</span><span class="err">,</span> <span class="err">...)</span> </code></pre> </div> <ul> <li> <code>expression1, expression2, ...</code>: A list of expressions to evaluate in order. The function returns the result of the first expression that succeeds without error.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Basic Try Usage</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"valid_variable"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"I am valid"</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"invalid_variable"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="kc">null</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"try_example"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">try</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">valid_variable</span><span class="p">,</span> <span class="nx">var</span><span class="p">.</span><span class="nx">invalid_variable</span><span class="p">,</span> <span class="s2">"Fallback Value"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"I am valid"</code></p> <ul> <li>In this case, <code>try</code> returns <code>var.valid_variable</code> since it successfully evaluates without error.</li> </ul> <h4> <strong>2. Handling Errors Gracefully</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"handle_errors"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">try</span><span class="p">(</span><span class="nx">length</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">invalid_variable</span><span class="p">),</span> <span class="s2">"Length calculation failed"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"Length calculation failed"</code></p> <ul> <li>Here, the <code>length</code> function fails because <code>var.invalid_variable</code> is null, so <code>try</code> returns the fallback string instead of throwing an error.</li> </ul> <h4> <strong>3. Multiple Expressions</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"input_value"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="kc">null</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"multiple_expressions"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">try</span><span class="p">(</span><span class="nx">length</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">input_value</span><span class="p">),</span> <span class="nx">var</span><span class="p">.</span><span class="nx">valid_variable</span><span class="p">,</span> <span class="s2">"Fallback Result"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"I am valid"</code></p> <ul> <li> <code>try</code> first attempts to get the length of <code>var.input_value</code>, which is null (and fails), then it evaluates <code>var.valid_variable</code>, which succeeds.</li> </ul> <h4> <strong>4. All Expressions Fail</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"all_fail"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">try</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="kc">null</span><span class="p">,</span> <span class="kc">null</span><span class="p">,</span> <span class="s2">"All expressions failed"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"All expressions failed"</code></p> <ul> <li>Since all provided expressions fail, <code>try</code> returns the final fallback string.</li> </ul> <h2> 22. can Function </h2> <p>The <code>can</code> function is a useful utility in Terraform that determines whether an expression can be evaluated without causing an error. It returns a boolean value: <code>true</code> if the expression can be evaluated without errors, and <code>false</code> otherwise. This function is particularly helpful for conditional logic and error handling.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">can</span><span class="err">(</span><span class="nx">expression</span><span class="err">)</span> </code></pre> </div> <ul> <li> <code>expression</code>: The expression you want to evaluate. If the expression can be executed without causing an error, <code>can</code> returns <code>true</code>; otherwise, it returns <code>false</code>.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Basic Can Usage</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"valid_input"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"Hello, Terraform!"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"is_valid"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">can</span><span class="p">(</span><span class="nx">length</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">valid_input</span><span class="p">))</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>true</code></p> <ul> <li>The <code>length</code> function successfully evaluates the valid string, so <code>can</code> returns <code>true</code>.</li> </ul> <h4> <strong>2. Evaluating a Null Variable</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"null_input"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="kc">null</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"is_null"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">can</span><span class="p">(</span><span class="nx">length</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">null_input</span><span class="p">))</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>false</code></p> <ul> <li>The <code>length</code> function cannot evaluate a null variable, so <code>can</code> returns <code>false</code>.</li> </ul> <h4> <strong>3. Using Can in Conditional Logic</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"optional_value"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="kc">null</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"conditional_message"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">can</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">optional_value</span><span class="p">)</span> <span class="err">?</span> <span class="s2">"Value is present"</span> <span class="err">:</span> <span class="s2">"Value is absent"</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"Value is absent"</code></p> <ul> <li>Here, <code>can</code> checks if <code>var.optional_value</code> is valid. Since it is null, the output reflects that the value is absent.</li> </ul> <h4> <strong>4. Checking Function Calls</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"check_function"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">can</span><span class="p">(</span><span class="mi">1</span> <span class="p">/</span> <span class="mi">0</span><span class="p">)</span> <span class="err">?</span> <span class="s2">"No error"</span> <span class="err">:</span> <span class="s2">"Error occurred"</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"Error occurred"</code></p> <ul> <li>Division by zero would normally cause an error, but <code>can</code> captures this and returns <code>false</code>, allowing the output to indicate an error occurred.</li> </ul> <h2> 23. file Function </h2> <p>The <code>file</code> function reads the contents of a file and returns it as a string. This function is useful for including configuration files, scripts, or other text-based resources directly into your Terraform configurations.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">file</span><span class="err">(</span><span class="nx">path</span><span class="err">)</span> </code></pre> </div> <ul> <li> <code>path</code>: The relative or absolute path to the file you want to read.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Basic File Usage</strong> </h4> <p>Assuming you have a file named <code>example.txt</code> with the content <code>Hello, Terraform!</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"file_content"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">file</span><span class="p">(</span><span class="s2">"example.txt"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"Hello, Terraform!"</code></p> <ul> <li>The <code>file</code> function reads the contents of <code>example.txt</code> and returns it as a string.</li> </ul> <h4> <strong>2. Reading a Configuration File</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"config_content"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">file</span><span class="p">(</span><span class="s2">"${path.module}/config.json"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> (Content of <code>config.json</code>)</p> <ul> <li>This example reads the contents of a JSON configuration file located in the same directory as the Terraform module.</li> </ul> <h4> <strong>3. Error Handling</strong> </h4> <p>If the specified file does not exist:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"missing_file"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">file</span><span class="p">(</span><span class="s2">"missing.txt"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Error:</strong> This will throw an error indicating that the file does not exist.</p> <h2> 24. templatefile Function </h2> <p>The <code>templatefile</code> function renders a template file using variables provided in a map. This is particularly useful for creating dynamic configurations where you need to substitute values into a template.</p> <h3> <strong>Syntax:</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">templatefile</span><span class="err">(</span><span class="nx">path</span><span class="err">,</span> <span class="nx">vars</span><span class="err">)</span> </code></pre> </div> <ul> <li> <code>path</code>: The path to the template file.</li> <li> <code>vars</code>: A map of variables to substitute in the template.</li> </ul> <h3> <strong>Examples:</strong> </h3> <h4> <strong>1. Basic Templatefile Usage</strong> </h4> <p>Assuming you have a template file named <code>greeting.tmpl</code> with the following content:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">Hello</span><span class="err">,</span> <span class="nx">$</span><span class="p">{</span><span class="nx">name</span><span class="p">}</span><span class="err">!</span> </code></pre> </div> <p>You can use <code>templatefile</code> like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"user_name"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"Terraform User"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"greeting"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">templatefile</span><span class="p">(</span><span class="s2">"greeting.tmpl"</span><span class="p">,</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">user_name</span> <span class="p">})</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong> <code>"Hello, Terraform User!"</code></p> <ul> <li>The <code>templatefile</code> function substitutes the <code>${name}</code> placeholder in the template with the value of <code>var.user_name</code>.</li> </ul> <h4> <strong>2. Using Multiple Variables</strong> </h4> <p>Assuming a template file <code>config.tmpl</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="p">{</span> <span class="s2">"region"</span><span class="err">:</span> <span class="s2">"${region}"</span><span class="p">,</span> <span class="s2">"instance_type"</span><span class="err">:</span> <span class="s2">"${instance_type}"</span> <span class="p">}</span> </code></pre> </div> <p>You can render it like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"config"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">templatefile</span><span class="p">(</span><span class="s2">"config.tmpl"</span><span class="p">,</span> <span class="p">{</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"us-east-1"</span><span class="p">,</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="p">})</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"region"</span><span class="p">:</span><span class="w"> </span><span class="s2">"us-east-1"</span><span class="p">,</span><span class="w"> </span><span class="nl">"instance_type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"t2.micro"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>This example substitutes multiple variables in a JSON configuration template.</li> </ul> <h4> <strong>3. Error Handling</strong> </h4> <p>If the specified template file does not exist:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"missing_template"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">templatefile</span><span class="p">(</span><span class="s2">"missing.tmpl"</span><span class="p">,</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"User"</span> <span class="p">})</span> <span class="p">}</span> </code></pre> </div> <p><strong>Error:</strong> This will throw an error indicating that the template file does not exist.</p> <h2> 25. Base64 Functions: base64encode and base64decode </h2> <p>Terraform provides two essential functions for handling data in base64 format: <code>base64encode</code> and <code>base64decode</code>. These functions are crucial for encoding sensitive information like passwords and decoding data for use in your configurations.</p> <h3> <strong>25a. <code>base64encode</code> Function</strong> </h3> <p>The <code>base64encode</code> function encodes a string into base64 format, making it suitable for securely handling sensitive data.</p> <h4> <strong>Syntax</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">base64encode</span><span class="err">(</span><span class="nx">string</span><span class="err">)</span> </code></pre> </div> <ul> <li> <strong>Parameters</strong>: <ul> <li> <code>string</code>: The string you want to encode in base64 format.</li> </ul> </li> </ul> <h4> <strong>Examples</strong> </h4> <h5> <strong>1. Basic Usage</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"encoded_string"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">base64encode</span><span class="p">(</span><span class="s2">"Hello, Terraform!"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>"SGVsbG8sIFRlcmFmb3JtIQ==" </code></pre> </div> <ul> <li>Encodes the string <code>Hello, Terraform!</code> into base64 format.</li> </ul> <h5> <strong>2. Encoding Sensitive Data</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"secret_password"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"my_secret_password"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"encoded_password"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">base64encode</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">secret_password</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>"bXlfc2VjcmV0X3Bhc3N3b3Jk" </code></pre> </div> <ul> <li>Encodes the sensitive password for secure storage.</li> </ul> <h5> <strong>3. Encoding JSON Data</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"json_data"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"{</span><span class="se">\"</span><span class="s2">key</span><span class="se">\"</span><span class="s2">:</span><span class="se">\"</span><span class="s2">value</span><span class="se">\"</span><span class="s2">}"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"encoded_json"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">base64encode</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">json_data</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>"eyJrZXkiOiJ2YWx1ZSJ9" </code></pre> </div> <ul> <li>Encodes a JSON string into base64 format.</li> </ul> <h3> <strong>25b. <code>base64decode</code> Function</strong> </h3> <p>The <code>base64decode</code> function decodes a base64-encoded string back to its original form, allowing you to safely retrieve sensitive data.</p> <h4> <strong>Syntax</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">base64decode</span><span class="err">(</span><span class="nx">string</span><span class="err">)</span> </code></pre> </div> <ul> <li> <strong>Parameters</strong>: <ul> <li> <code>string</code>: The base64-encoded string to decode.</li> </ul> </li> </ul> <h4> <strong>Examples</strong> </h4> <h5> <strong>1. Basic Usage</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"decoded_string"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">base64decode</span><span class="p">(</span><span class="s2">"SGVsbG8sIFRlcmFmb3JtIQ=="</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>"Hello, Terraform!" </code></pre> </div> <ul> <li>Decodes the base64 string back to the original text.</li> </ul> <h5> <strong>2. Decoding Sensitive Data</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"encoded_password"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"bXlfc2VjcmV0X3Bhc3N3b3Jk"</span> <span class="c1"># base64 for "my_secret_password"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"decoded_password"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">base64decode</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">encoded_password</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>"my_secret_password" </code></pre> </div> <ul> <li>Retrieves the original password from its encoded form.</li> </ul> <h5> <strong>3. Decoding JSON Data</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"encoded_json"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"eyJrZXkiOiJ2YWx1ZSJ9"</span> <span class="c1"># base64 for '{"key":"value"}'</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"decoded_json"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">base64decode</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">encoded_json</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>{"key":"value"} </code></pre> </div> <ul> <li>Decodes the base64-encoded JSON data back to its original format.</li> </ul> <h2> 26. JSON Functions: jsonencode and jsondecode </h2> <p>Terraform provides two powerful functions for working with JSON data: <code>jsonencode</code> and <code>jsondecode</code>. These functions simplify the process of converting Terraform data structures to JSON format and vice versa, making it easier to manage configuration data.</p> <h3> <strong>26a. <code>jsonencode</code> Function</strong> </h3> <p>The <code>jsonencode</code> function converts a Terraform data structure into its JSON representation. This is particularly useful for generating JSON-formatted outputs or passing data to APIs.</p> <h4> <strong>Syntax</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">jsonencode</span><span class="err">(</span><span class="nx">value</span><span class="err">)</span> </code></pre> </div> <ul> <li> <strong>Parameters</strong>: <ul> <li> <code>value</code>: The Terraform data structure (map, list, string, number, etc.) that you want to convert to JSON.</li> </ul> </li> </ul> <h4> <strong>Examples</strong> </h4> <h5> <strong>1. Basic Usage</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"my_map"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">key1</span> <span class="p">=</span> <span class="s2">"value1"</span> <span class="nx">key2</span> <span class="p">=</span> <span class="s2">"value2"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"json_output"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">jsonencode</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">my_map</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="nl">"key1"</span><span class="p">:</span><span class="s2">"value1"</span><span class="p">,</span><span class="nl">"key2"</span><span class="p">:</span><span class="s2">"value2"</span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>Converts the Terraform map into a JSON string.</li> </ul> <h5> <strong>2. Encoding Lists</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"my_list"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"apple"</span><span class="p">,</span> <span class="s2">"banana"</span><span class="p">,</span> <span class="s2">"cherry"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"json_list"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">jsonencode</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">my_list</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">[</span><span class="s2">"apple"</span><span class="p">,</span><span class="s2">"banana"</span><span class="p">,</span><span class="s2">"cherry"</span><span class="p">]</span><span class="w"> </span></code></pre> </div> <ul> <li>Converts a list of fruits into a JSON array.</li> </ul> <h5> <strong>3. Complex Data Structures</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"complex_data"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"John Doe"</span> <span class="nx">age</span> <span class="p">=</span> <span class="mi">30</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"developer"</span><span class="p">,</span> <span class="s2">"terraform"</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"json_complex"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">jsonencode</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">complex_data</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="nl">"name"</span><span class="p">:</span><span class="s2">"John Doe"</span><span class="p">,</span><span class="nl">"age"</span><span class="p">:</span><span class="mi">30</span><span class="p">,</span><span class="nl">"tags"</span><span class="p">:[</span><span class="s2">"developer"</span><span class="p">,</span><span class="s2">"terraform"</span><span class="p">]}</span><span class="w"> </span></code></pre> </div> <ul> <li>Encodes a complex data structure with multiple types into JSON.</li> </ul> <h3> <strong>26b. <code>jsondecode</code> Function</strong> </h3> <p>The <code>jsondecode</code> function takes a JSON-formatted string and converts it back into a Terraform data structure. This is useful for working with JSON data from external sources, like APIs or configuration files.</p> <h4> <strong>Syntax</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">jsondecode</span><span class="err">(</span><span class="nx">json</span><span class="err">)</span> </code></pre> </div> <ul> <li> <strong>Parameters</strong>: <ul> <li> <code>json</code>: The JSON string that you want to decode into a Terraform data structure.</li> </ul> </li> </ul> <h4> <strong>Examples</strong> </h4> <h5> <strong>1. Basic Usage</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"json_string"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"{</span><span class="se">\"</span><span class="s2">key</span><span class="se">\"</span><span class="s2">:</span><span class="se">\"</span><span class="s2">value</span><span class="se">\"</span><span class="s2">}"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"decoded_map"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">jsondecode</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">json_string</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="p">{</span> <span class="nx">key</span> <span class="p">=</span> <span class="s2">"value"</span> <span class="p">}</span> </code></pre> </div> <ul> <li>Decodes the JSON string into a Terraform map.</li> </ul> <h5> <strong>2. Decoding Lists</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"json_list"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"[</span><span class="se">\"</span><span class="s2">apple</span><span class="se">\"</span><span class="s2">, </span><span class="se">\"</span><span class="s2">banana</span><span class="se">\"</span><span class="s2">, </span><span class="se">\"</span><span class="s2">cherry</span><span class="se">\"</span><span class="s2">]"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"decoded_list"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">jsondecode</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">json_list</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="p">[</span><span class="s2">"apple"</span><span class="p">,</span> <span class="s2">"banana"</span><span class="p">,</span> <span class="s2">"cherry"</span><span class="p">]</span> </code></pre> </div> <ul> <li>Converts the JSON array back into a Terraform list.</li> </ul> <h5> <strong>3. Decoding Complex JSON</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"json_complex"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"{</span><span class="se">\"</span><span class="s2">name</span><span class="se">\"</span><span class="s2">:</span><span class="se">\"</span><span class="s2">John Doe</span><span class="se">\"</span><span class="s2">, </span><span class="se">\"</span><span class="s2">age</span><span class="se">\"</span><span class="s2">:30, </span><span class="se">\"</span><span class="s2">tags</span><span class="se">\"</span><span class="s2">:[</span><span class="se">\"</span><span class="s2">developer</span><span class="se">\"</span><span class="s2">, </span><span class="se">\"</span><span class="s2">terraform</span><span class="se">\"</span><span class="s2">]}"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"decoded_complex"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">jsondecode</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">json_complex</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"John Doe"</span> <span class="nx">age</span> <span class="p">=</span> <span class="mi">30</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"developer"</span><span class="p">,</span> <span class="s2">"terraform"</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <ul> <li>Converts complex JSON data back into a Terraform map.</li> </ul> <p>Here’s the combined layout for <code>yamlencode</code> and <code>yamldecode</code>, formatted similarly to the previous sections:</p> <h2> 27. YAML Functions: yamlencode and yamldecode </h2> <p>Terraform includes two handy functions for working with YAML data: <code>yamlencode</code> and <code>yamldecode</code>. These functions facilitate the conversion between Terraform data structures and YAML format, making it easier to manage configurations that require YAML representation.</p> <h3> <strong>27a. <code>yamlencode</code> Function</strong> </h3> <p>The <code>yamlencode</code> function converts a Terraform data structure into its YAML representation. This is particularly useful when you need to generate YAML outputs for configuration files or documentation.</p> <h4> <strong>Syntax</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">yamlencode</span><span class="err">(</span><span class="nx">value</span><span class="err">)</span> </code></pre> </div> <ul> <li> <strong>Parameters</strong>: <ul> <li> <code>value</code>: The Terraform data structure (map, list, string, number, etc.) that you want to convert to YAML.</li> </ul> </li> </ul> <h4> <strong>Examples</strong> </h4> <h5> <strong>1. Basic Usage</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"my_map"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">key1</span> <span class="p">=</span> <span class="s2">"value1"</span> <span class="nx">key2</span> <span class="p">=</span> <span class="s2">"value2"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"yaml_output"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">yamlencode</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">my_map</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">key1</span><span class="pi">:</span> <span class="s">value1</span> <span class="na">key2</span><span class="pi">:</span> <span class="s">value2</span> </code></pre> </div> <ul> <li>Converts the Terraform map into a YAML string.</li> </ul> <h5> <strong>2. Encoding Lists</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"my_list"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"apple"</span><span class="p">,</span> <span class="s2">"banana"</span><span class="p">,</span> <span class="s2">"cherry"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"yaml_list"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">yamlencode</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">my_list</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="pi">-</span> <span class="s">apple</span> <span class="pi">-</span> <span class="s">banana</span> <span class="pi">-</span> <span class="s">cherry</span> </code></pre> </div> <ul> <li>Converts a list of fruits into a YAML sequence.</li> </ul> <h5> <strong>3. Complex Data Structures</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"complex_data"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"John Doe"</span> <span class="nx">age</span> <span class="p">=</span> <span class="mi">30</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"developer"</span><span class="p">,</span> <span class="s2">"terraform"</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"yaml_complex"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">yamlencode</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">complex_data</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">age</span><span class="pi">:</span> <span class="m">30</span> <span class="na">name</span><span class="pi">:</span> <span class="s">John Doe</span> <span class="na">tags</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">developer</span> <span class="pi">-</span> <span class="s">terraform</span> </code></pre> </div> <ul> <li>Encodes a complex data structure with multiple types into YAML.</li> </ul> <h3> <strong>27b. <code>yamldecode</code> Function</strong> </h3> <p>The <code>yamldecode</code> function takes a YAML-formatted string and converts it back into a Terraform data structure. This is useful for working with YAML data from external sources, like configuration files or APIs.</p> <h4> <strong>Syntax</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">yamldecode</span><span class="err">(</span><span class="nx">yaml</span><span class="err">)</span> </code></pre> </div> <ul> <li> <strong>Parameters</strong>: <ul> <li> <code>yaml</code>: The YAML string that you want to decode into a Terraform data structure.</li> </ul> </li> </ul> <h4> <strong>Examples</strong> </h4> <h5> <strong>1. Basic Usage</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"yaml_string"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"key: value"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"decoded_map"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">yamldecode</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">yaml_string</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="p">{</span> <span class="nx">key</span> <span class="p">=</span> <span class="s2">"value"</span> <span class="p">}</span> </code></pre> </div> <ul> <li>Decodes the YAML string into a Terraform map.</li> </ul> <h5> <strong>2. Decoding Lists</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"yaml_list"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"- apple</span><span class="err">\</span><span class="s2">n- banana</span><span class="err">\</span><span class="s2">n- cherry"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"decoded_list"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">yamldecode</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">yaml_list</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="p">[</span><span class="s2">"apple"</span><span class="p">,</span> <span class="s2">"banana"</span><span class="p">,</span> <span class="s2">"cherry"</span><span class="p">]</span> </code></pre> </div> <ul> <li>Converts the YAML sequence back into a Terraform list.</li> </ul> <h5> <strong>3. Decoding Complex YAML</strong> </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"yaml_complex"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"name: John Doe</span><span class="err">\</span><span class="s2">nage: 30</span><span class="err">\</span><span class="s2">ntags:</span><span class="err">\</span><span class="s2">n - developer</span><span class="err">\</span><span class="s2">n - terraform"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"decoded_complex"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">yamldecode</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">yaml_complex</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Output</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"John Doe"</span> <span class="nx">age</span> <span class="p">=</span> <span class="mi">30</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"developer"</span><span class="p">,</span> <span class="s2">"terraform"</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <ul> <li>Converts complex YAML data back into a Terraform map.</li> </ul> <h2> Final Thoughts </h2> <p>In conclusion, mastering Terraform's built-in functions can greatly enhance your infrastructure management. These functions streamline your workflows, reduce complexity, and allow you to write cleaner and more efficient code. </p> <p>From data manipulation to seamless conversions between JSON and YAML, each function empowers you to automate and manage your resources effectively. Whether you're a beginner or an experienced user, leveraging these capabilities will transform your approach to infrastructure as code.</p> <p>Embrace these tools, experiment with them, and elevate your Terraform journey to new heights. Happy coding!</p> devops terraform cloud beginners Terraform String Template Panchanan Panigrahi Sat, 28 Sep 2024 01:58:17 +0000 https://dev.to/sre_panchanan/terraform-string-template-1jio https://dev.to/sre_panchanan/terraform-string-template-1jio <ul> <li> String Templates in Terraform <ul> <li>1. Interpolation</li> <li>Simple Example:</li> <li>Multiline String Example:</li> <li> 2. Directives <ul> <li>1. If String Directive</li> <li>2. For String Directive</li> <li>Syntax Overview</li> <li>Step-by-Step Example: Creating Dynamic Greetings</li> <li>The Whitespace Dilemma</li> </ul> </li> </ul> </li> <li>Final Thoughts</li> </ul> <p>When working with Terraform, building dynamic infrastructure often requires flexibility in managing strings. That’s where <strong>string templates</strong> come in. By using simple yet powerful templating techniques, you can inject variables, expressions, and even logic directly into strings. This not only reduces repetition but also enhances the readability and reusability of your configurations. </p> <p>Let’s explore String Templates</p> <h2> String Templates in Terraform </h2> <p>In Terraform, <strong>string templates</strong> enable you to embed expressions within a string using the <code>${}</code> or <code>%{}</code> syntax. These templates allow you to dynamically generate strings by inserting values or performing operations directly inside the string.</p> <p>Terraform offers two main methods for templating strings:</p> <ol> <li><strong>Interpolation</strong></li> <li><strong>Directives</strong></li> </ol> <p>Let’s explore each of these with examples:</p> <h3> 1. Interpolation </h3> <p><strong>Interpolation</strong> lets you embed variable values, resource attributes, or expressions directly into a string using the <code>${}</code> syntax.</p> <h4> Simple Example: </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"name"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"Terraform"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"welcome_message"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="s2">"Welcome to ${var.name}!"</span> <span class="p">}</span> </code></pre> </div> <p>In this example, <code>${var.name}</code> inserts the value of the <code>name</code> variable into the string, producing the following output:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Welcome to Terraform! </code></pre> </div> <h4> Multiline String Example: </h4> <p>Terraform also supports interpolation in <strong>multiline strings</strong>, which is useful when handling longer texts. This is done using the <code>&lt;&lt;EOF</code> syntax.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"environment"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"development"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"deployment_notice"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="o">&lt;&lt;</span><span class="no">EOF</span><span class="sh"> Deployment in progress... Environment: ${var.environment} Status: Successful! </span><span class="no"> EOF </span><span class="p">}</span> </code></pre> </div> <p>In this case, the multiline string will interpolate <code>${var.environment}</code>, generating the following output:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Deployment in progress... Environment: development Status: Successful! </code></pre> </div> <p>Using <strong>multiline strings</strong> with interpolation ensures you can handle more complex, readable outputs, especially when working with larger texts or configuration data.</p> <h3> 2. Directives </h3> <p>Terraform's <strong>Directives</strong> offer greater flexibility than basic interpolation by using the <code>%{}</code> syntax to embed conditional logic and loops directly into string templates. There are two main types of string directives:</p> <ol> <li> <strong>If String Directive</strong>: Used for conditional statements within strings.</li> <li> <strong>For String Directive</strong>: Allows looping over a collection.</li> </ol> <p>Let's dive into each with examples:</p> <h4> 1. If String Directive </h4> <p>The <strong>if string directive</strong> is used to conditionally modify the content of a string based on boolean expressions. It supports <code>%{if}</code>, <code>%{else}</code>, and <code>%{endif}</code>.</p> <p><strong>Syntax:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="err">%</span><span class="p">{</span><span class="nx">if</span> <span class="err">&lt;</span><span class="nx">BOOL</span><span class="err">&gt;</span><span class="p">}</span> <span class="c1">// Conditional string content</span> <span class="err">%</span><span class="p">{</span><span class="nx">else</span><span class="p">}</span> <span class="c1">// Fallback string content</span> <span class="err">%</span><span class="p">{</span><span class="nx">endif</span><span class="p">}</span> </code></pre> </div> <p><strong>Example:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"environment"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"production"</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"plan_status"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="o">&lt;&lt;-</span><span class="no">EOT</span><span class="sh"> %{ if var.environment == "production" } Warning: You are deploying to the production environment! %{ else } This is a safe deployment to a non-production environment. %{ endif } </span><span class="no"> EOT </span><span class="p">}</span> </code></pre> </div> <p>In this example, Terraform checks the value of <code>var.environment</code>. If it's <code>"production"</code>, the string will display a cautionary message; otherwise, a different message is shown:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Warning: You are deploying to the production environment! </code></pre> </div> <p>If <code>var.environment</code> was set to something else, like <code>"development"</code>, the output would be:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>This is a safe deployment to a non-production environment. </code></pre> </div> <h4> 2. For String Directive </h4> <p>The <code>for</code> string directive in Terraform provides a powerful way to iterate over collections (lists, sets, or maps) to generate repeated elements within strings, making your configurations more dynamic and efficient. This guide will cover its syntax, usage, and how to handle common pitfalls like unwanted whitespace.</p> <h5> Syntax Overview </h5> <p>The <code>for</code> string directive uses the following syntax to loop over items within a collection:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="err">%</span><span class="p">{</span><span class="nx">for</span> <span class="err">&lt;</span><span class="nx">ITEM</span><span class="err">&gt;</span> <span class="nx">in</span> <span class="err">&lt;</span><span class="nx">COLLECTION</span><span class="err">&gt;</span><span class="p">}</span> <span class="c1">// Repeated string content for each item</span> <span class="err">%</span><span class="p">{</span><span class="nx">endfor</span><span class="p">}</span> </code></pre> </div> <h5> Step-by-Step Example: Creating Dynamic Greetings </h5> <p>Let’s explore how to use this directive to create a personalized greeting for each member of a team.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"team_members"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"Alice"</span><span class="p">,</span> <span class="s2">"Bob"</span><span class="p">,</span> <span class="s2">"Charlie"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"team_greetings"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="o">&lt;&lt;-</span><span class="no">EOT</span><span class="sh"> Team members list: %{ for member in var.team_members } - Hello, ${member}! %{ endfor } </span><span class="no"> EOT </span><span class="p">}</span> </code></pre> </div> <p>In this example:</p> <ul> <li>We define a list variable <code>team_members</code> with values <code>"Alice"</code>, <code>"Bob"</code>, and <code>"Charlie"</code>.</li> <li>The <code>for</code> loop iterates over each member, appending a greeting to the output.</li> </ul> <p><strong>Output:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Team members list: - Hello, Alice! - Hello, Bob! - Hello, Charlie! </code></pre> </div> <h5> The Whitespace Dilemma </h5> <p>You might notice the unintended leading spaces before each greeting. This happens because Terraform preserves the indentation from the code block, which can make your output look less tidy.</p> <h5> The Solution: Using the <code>~</code> Character </h5> <p>Terraform provides a handy <code>~</code> modifier to strip unwanted whitespace, giving your output a cleaner appearance.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"team_greetings_stripped"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="o">&lt;&lt;-</span><span class="no">EOT</span><span class="sh"> Team members list: %{ for member in var.team_members ~} - Hello, ${member}! %{ endfor ~} </span><span class="no"> EOT </span><span class="p">}</span> </code></pre> </div> <p>By adding <code>~</code> at the end of <code>%{ for ... ~}</code> and <code>%{ endfor ~}</code>, you instruct Terraform to remove leading spaces, resulting in a polished output:</p> <p><strong>Output:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Team members list: - Hello, Alice! - Hello, Bob! - Hello, Charlie! </code></pre> </div> <h2> Final Thoughts </h2> <p>Incorporating <strong>string templates</strong> in Terraform elevates your configurations from static to dynamic, empowering you to manage complex infrastructure more efficiently. Whether you use <strong>interpolation</strong> to insert values or leverage <strong>directives</strong> for conditional logic and loops, string templates allow you to build flexible, adaptable systems. By mastering these techniques, you can write cleaner, more maintainable Terraform code that scales effortlessly with your needs.</p> devops cloud terraform beginners Terraform For Expressions Panchanan Panigrahi Sat, 28 Sep 2024 00:36:59 +0000 https://dev.to/sre_panchanan/terraform-for-expressions-5hcc https://dev.to/sre_panchanan/terraform-for-expressions-5hcc <ul> <li>What is Terraform For Expression?</li> <li> Syntax of a Terraform for Expression <ul> <li>1. Syntax: When the Output is a List</li> <li>2. Syntax: When the Output is a Map</li> </ul> </li> <li> How to Use For Expressions in Terraform <ul> <li>1. Filtration of a Collection Based on a Condition</li> <li>2. Mutation of a Collection Based on a Condition</li> <li>3. Grouping of a Collection Based on a Condition</li> <li>Variable Block</li> <li> Grouping Projects by Region <ul> <li>Explanation</li> <li>Example Output</li> </ul> </li> </ul> </li> <li>Final Thoughts</li> </ul> <p>As infrastructure as code (IaC) continues to evolve, managing complex cloud environments efficiently is more important than ever. Terraform, a widely adopted IaC tool, simplifies cloud infrastructure provisioning, and its flexibility is further enhanced through expressions like the powerful <code>for</code> loop. </p> <p>In this blog, we will explore how Terraform's <code>for</code> expression can help transform collections with ease, allowing you to streamline infrastructure configuration. By breaking down the syntax and providing real-world examples, you’ll learn how to filter, mutate, and group resources dynamically. Whether you're managing instances or organizing cloud environments, this guide will give you the tools to handle it all programmatically.</p> <h2> What is Terraform For Expression? </h2> <p>The <code>for</code> expression in Terraform is used to iterate over collections, such as lists or maps, to transform or filter elements. It helps create new lists or maps from existing ones by applying an expression to each element. This is especially useful for simplifying repetitive tasks and creating dynamic infrastructure configurations. </p> <h2> Syntax of a Terraform for Expression </h2> <p><code>for</code> expressions in Terraform provide a flexible way to transform and filter collections, whether they are lists, sets, or maps. Below are the syntaxes for both types of outputs—lists and maps—with examples.</p> <h3> 1. Syntax: When the Output is a List </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="p">[</span><span class="nx">for</span> <span class="nx">item</span> <span class="nx">in</span> <span class="nx">var</span><span class="p">.</span><span class="nx">collection</span> <span class="err">:</span> <span class="nx">transformation</span> <span class="nx">if</span> <span class="nx">condition</span><span class="p">]</span> </code></pre> </div> <ul> <li> <strong><code>var.collection</code></strong>: The list or set you are iterating over.</li> <li> <strong><code>transformation</code></strong>: The operation or logic applied to each item in the collection, such as accessing properties, applying a function, or performing calculations.</li> <li> <strong><code>if condition</code></strong>: (Optional) A filtering condition to include only the items that satisfy the condition.</li> </ul> <p><strong>Example:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="p">[</span><span class="nx">for</span> <span class="nx">instance</span> <span class="nx">in</span> <span class="nx">aws_instances</span> <span class="err">:</span> <span class="nx">upper</span><span class="p">(</span><span class="nx">instance</span><span class="p">.</span><span class="nx">name</span><span class="p">)</span> <span class="nx">if</span> <span class="nx">instance</span><span class="p">.</span><span class="nx">status</span> <span class="err">==</span> <span class="s2">"running"</span><span class="p">]</span> </code></pre> </div> <p>In this example, Terraform creates a list of instance names in uppercase, but only for instances where <code>status</code> is <code>"running"</code>.</p> <h3> 2. Syntax: When the Output is a Map </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="p">{</span><span class="nx">for</span> <span class="nx">key</span><span class="p">,</span> <span class="nx">value</span> <span class="nx">in</span> <span class="nx">var</span><span class="p">.</span><span class="nx">map</span> <span class="err">:</span> <span class="nx">key</span> <span class="p">=</span><span class="err">&gt;</span> <span class="nx">transformation</span> <span class="nx">if</span> <span class="nx">condition</span><span class="p">}</span> </code></pre> </div> <ul> <li> <strong><code>var.map</code></strong>: The map being iterated over.</li> <li> <strong><code>key =&gt; transformation</code></strong>: Defines the key-value pair for the new map. <code>key</code> remains unchanged, while <code>transformation</code> applies logic to the <code>value</code>.</li> <li> <strong><code>if condition</code></strong>: (Optional) A filtering condition to include only key-value pairs that meet the condition.</li> </ul> <p><strong>Example:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="p">{</span><span class="nx">for</span> <span class="nx">name</span><span class="p">,</span> <span class="nx">instance</span> <span class="nx">in</span> <span class="nx">aws_instances</span> <span class="err">:</span> <span class="nx">name</span> <span class="p">=</span><span class="err">&gt;</span> <span class="nx">length</span><span class="p">(</span><span class="nx">instance</span><span class="p">.</span><span class="nx">tags</span><span class="p">)</span> <span class="nx">if</span> <span class="nx">instance</span><span class="p">.</span><span class="nx">status</span> <span class="p">==</span> <span class="s2">"running"</span><span class="p">}</span> </code></pre> </div> <p>In this example, Terraform generates a new map where the <code>name</code> remains the same, but the value is the number of tags associated with each <code>instance</code>. This is only done for instances with a <code>"running"</code> status.</p> <h2> How to Use For Expressions in Terraform </h2> <p>In Terraform, <code>for</code> expressions are powerful tools used to transform collections. There are three main types of transformations that <code>for</code> expressions enable:</p> <ol> <li><strong>Filtration</strong></li> <li><strong>Mutation</strong></li> <li><strong>Grouping</strong></li> </ol> <p>Let's explore each of these with examples to understand how they work.</p> <h3> 1. Filtration of a Collection Based on a Condition </h3> <p>Filtration selectively includes only certain elements in a new collection based on a condition.</p> <p><strong>Variable Block with Defaults:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"aws_instances"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span> <span class="p">{</span> <span class="nx">id</span> <span class="p">=</span> <span class="s2">"i-001"</span><span class="p">,</span> <span class="nx">status</span> <span class="p">=</span> <span class="s2">"running"</span> <span class="p">},</span> <span class="p">{</span> <span class="nx">id</span> <span class="p">=</span> <span class="s2">"i-002"</span><span class="p">,</span> <span class="nx">status</span> <span class="p">=</span> <span class="s2">"stopped"</span> <span class="p">},</span> <span class="p">{</span> <span class="nx">id</span> <span class="p">=</span> <span class="s2">"i-003"</span><span class="p">,</span> <span class="nx">status</span> <span class="p">=</span> <span class="s2">"running"</span> <span class="p">}</span> <span class="p">]</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">object</span><span class="p">({</span> <span class="nx">id</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">status</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}))</span> <span class="p">}</span> </code></pre> </div> <p><strong>For Expression Example:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"running_instance_ids"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="p">[</span><span class="nx">for</span> <span class="nx">instance</span> <span class="nx">in</span> <span class="nx">var</span><span class="p">.</span><span class="nx">aws_instances</span> <span class="err">:</span> <span class="nx">instance</span><span class="p">.</span><span class="nx">id</span> <span class="nx">if</span> <span class="nx">instance</span><span class="p">.</span><span class="nx">status</span> <span class="err">==</span> <span class="s2">"running"</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <p><strong>Explanation:</strong><br> This filters the <code>aws_instances</code> variable, creating a list of <code>id</code>s only for instances that have the status <code>"running"</code>. In this case, the output would be <code>["i-001", "i-003"]</code>.</p> <h3> 2. Mutation of a Collection Based on a Condition </h3> <p>Mutation modifies each element in the collection, often based on a condition.</p> <p><strong>Variable Block with Defaults:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"users"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"Alice"</span><span class="p">,</span> <span class="nx">is_active</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">},</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"Bob"</span><span class="p">,</span> <span class="nx">is_active</span> <span class="p">=</span> <span class="kc">false</span> <span class="p">},</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"Charlie"</span><span class="p">,</span> <span class="nx">is_active</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">]</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">object</span><span class="p">({</span> <span class="nx">name</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">is_active</span> <span class="p">=</span> <span class="nx">bool</span> <span class="p">}))</span> <span class="p">}</span> </code></pre> </div> <p><strong>For Expression Example:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"active_user_names"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="p">[</span><span class="nx">for</span> <span class="nx">user</span> <span class="nx">in</span> <span class="nx">var</span><span class="p">.</span><span class="nx">users</span> <span class="err">:</span> <span class="nx">upper</span><span class="p">(</span><span class="nx">user</span><span class="p">.</span><span class="nx">name</span><span class="p">)</span> <span class="nx">if</span> <span class="nx">user</span><span class="p">.</span><span class="nx">is_active</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <p><strong>Explanation:</strong><br> This expression loops through the <code>users</code> collection, converts the <code>name</code> of active users (<code>is_active == true</code>) to uppercase, and returns a list of the transformed names. The result would be <code>["ALICE", "CHARLIE"]</code>.</p> <h3> 3. Grouping of a Collection Based on a Condition </h3> <p>Grouping creates a map that organizes elements based on a specific key or condition.</p> <h4> Variable Block </h4> <p>First, define the variable for <code>projects</code>, holding the project details like region and environments.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"projects"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">map</span><span class="p">(</span><span class="nx">object</span><span class="p">({</span> <span class="nx">region</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">environments</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="p">}))</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">customer_api</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"australiasoutheast"</span> <span class="nx">environments</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"dev"</span><span class="p">,</span> <span class="s2">"uat"</span><span class="p">,</span> <span class="s2">"prd"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">partner_api</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"australiasoutheast"</span> <span class="nx">environments</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"dev"</span><span class="p">,</span> <span class="s2">"prd"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">internal_api</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"australiaeast"</span> <span class="nx">environments</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"prd"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">payments_api</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"norwayeast"</span> <span class="nx">environments</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"dev"</span><span class="p">,</span> <span class="s2">"tst"</span><span class="p">,</span> <span class="s2">"uat"</span><span class="p">,</span> <span class="s2">"sit"</span><span class="p">,</span> <span class="s2">"stg"</span><span class="p">,</span> <span class="s2">"prd"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">returns_api</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"norwayeast"</span> <span class="nx">environments</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"dev"</span><span class="p">,</span> <span class="s2">"uat"</span><span class="p">,</span> <span class="s2">"prd"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">refunds_api</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"norwayeast"</span> <span class="nx">environments</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"dev"</span><span class="p">,</span> <span class="s2">"uat"</span><span class="p">,</span> <span class="s2">"prd"</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h4> Grouping Projects by Region </h4> <p>Use a <code>for</code> expression to dynamically group projects based on their region, creating a map where the key is the region, and the value is a list of project names.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"projects_grouped_by_region"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">for</span> <span class="nx">project</span><span class="p">,</span> <span class="nx">details</span> <span class="nx">in</span> <span class="nx">var</span><span class="p">.</span><span class="nx">projects</span> <span class="err">:</span> <span class="nx">details</span><span class="p">.</span><span class="nx">region</span> <span class="p">=</span><span class="err">&gt;</span> <span class="nx">concat</span><span class="p">(</span> <span class="nx">lookup</span><span class="p">({</span><span class="nx">for</span> <span class="nx">project</span><span class="p">,</span> <span class="nx">details</span> <span class="nx">in</span> <span class="nx">var</span><span class="p">.</span><span class="nx">projects</span> <span class="err">:</span> <span class="nx">details</span><span class="p">.</span><span class="nx">region</span> <span class="p">=</span><span class="err">&gt;</span> <span class="p">[]},</span> <span class="nx">details</span><span class="p">.</span><span class="nx">region</span><span class="p">,</span> <span class="p">[]),</span> <span class="p">[</span><span class="nx">project</span><span class="p">]</span> <span class="p">)</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h5> Explanation </h5> <ol> <li><p><strong>Variable Block</strong>: The <code>projects</code> variable is a <code>map</code> where the key is the project name, and the value is an object containing <code>region</code> and <code>environments</code>. This structure makes it flexible for real-world scenarios.</p></li> <li><p><strong><code>for</code> Expression in Output</strong>: The output groups the projects based on their <code>region</code>. We use <code>concat()</code> to collect all projects with the same region into a list. The expression is designed to ensure each region groups all relevant projects.</p></li> </ol> <h5> Example Output </h5> <p>This <code>output</code> will group the projects by region, showing something like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">projects_grouped_by_region</span> <span class="err">=</span> <span class="p">{</span> <span class="s2">"australiaeast"</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"internal_api"</span><span class="p">]</span> <span class="s2">"australiasoutheast"</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"customer_api"</span><span class="p">,</span> <span class="s2">"partner_api"</span><span class="p">]</span> <span class="s2">"norwayeast"</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"payments_api"</span><span class="p">,</span> <span class="s2">"returns_api"</span><span class="p">,</span> <span class="s2">"refunds_api"</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <h2> Final Thoughts </h2> <p>Terraform’s <code>for</code> expression is a game-changer for anyone looking to automate complex infrastructure transformations. With its ability to filter, mutate, and group collections dynamically, you can tackle even the most intricate use cases with elegance and simplicity. From optimizing resource management to enhancing infrastructure readability, the examples we've discussed show how <code>for</code> expressions can transform not just collections, but also how you approach infrastructure as a whole. Happy Deploying!!!</p> devops aws terraform cloud Terraform Dynamic Blocks 101 Panchanan Panigrahi Fri, 27 Sep 2024 18:30:06 +0000 https://dev.to/sre_panchanan/terraform-dynamic-blocks-101-295e https://dev.to/sre_panchanan/terraform-dynamic-blocks-101-295e <ul> <li>What Are Dynamic Blocks?</li> <li> Breaking Down the Dynamic Block <ul> <li>Why Use Dynamic Blocks?</li> </ul> </li> <li> Example 1: Simplifying AWS Security Group Rules with Terraform Dynamic Blocks <ul> <li>Without Using Dynamic Blocks</li> <li>Overview</li> <li>Refactoring with Terraform Dynamic Blocks</li> <li>Using Terraform Dynamic Blocks</li> <li>Variables for Ingress and Egress Settings</li> <li>Implementing Dynamic Blocks in Resource Block</li> <li>Explanation of the ingress Dynamic Block</li> <li>1. dynamic ingress Block</li> <li>2. for_each = var.ingress_settings</li> <li>3. The Absence of an Explicit iterator Definition</li> <li>4. content Block</li> <li>Explanation of the egress Dynamic Block</li> <li>1. dynamic egress Block</li> <li>2. for_each = var.egress_settings</li> <li>3. iterator = main_sg_egress</li> <li>4. content Block</li> </ul> </li> <li> Example 2: Using map(object) with Dynamic Blocks for Simplified Ingress and Egress Rules <ul> <li>Step 1: Define a map(object) Variable for Security Group Rules</li> <li>Step 2: Use Dynamic Blocks to Define Ingress and Egress Rules in the Security Group Resource</li> <li>Detailed Breakdown of the dynamic Blocks:</li> <li>Why This Approach Is Better</li> </ul> </li> <li> Example 3: Dynamic Blocks in Terraform for AMI Filtering <ul> <li>Variables and AMI Filtering</li> <li>Data Source for AMI Selection</li> <li>EC2 Instance Creation</li> </ul> </li> <li> Example 4: Helm Release Using Dynamic Blocks <ul> <li>Before Dynamic Block</li> <li>After Dynamic Block</li> <li>Breakdown of the Dynamic Configuration</li> <li>Why the Dynamic Block is Better</li> </ul> </li> <li> Example 5: Nested Dynamic Blocks (EC2 Instance with Dynamic EBS Volumes and Tags) <ul> <li>Variables Definition Using map(object)</li> <li>Terraform Configuration with Nested Dynamic Blocks</li> <li>Explanation:</li> </ul> </li> <li>Conclusion</li> </ul> <p>Imagine scrolling through a lengthy Terraform configuration file, filled with repetitive code that feels never-ending. It’s not only tedious but also makes the whole setup hard to understand and maintain, especially when changes are needed. This is where dynamic blocks come to the rescue!</p> <p>Dynamic blocks in Terraform are designed to simplify and clean up your code by reducing repetition, making it more efficient and easier to manage. They help you follow the <strong>"Don't Repeat Yourself" (DRY) principle</strong>, turning complex and cluttered configurations into concise, reusable, and elegant blocks.</p> <p>In this guide, we’ll break down <strong>how dynamic blocks work</strong>, why they’re game-changers, and how you can start using them to take your Terraform scripts to the next level!</p> <h2> What Are Dynamic Blocks? </h2> <p>In Terraform, dynamic blocks provide a way to dynamically generate repeated nested blocks within resource, data, provider, and provisioner blocks. They're commonly used in resource blocks to make your configurations more flexible and follow the "Don't Repeat Yourself" (DRY) principle.</p> <p>Here's the basic structure of a dynamic block in Terraform:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"resource_type"</span> <span class="s2">"resource_name"</span> <span class="p">{</span> <span class="c1"># Resource block configuration</span> <span class="nx">dynamic</span> <span class="s2">"label"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">collection_to_iterate</span> <span class="nx">iterator</span> <span class="p">=</span> <span class="nx">item</span> <span class="nx">content</span> <span class="p">{</span> <span class="c1"># Content of the dynamically generated block</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h2> Breaking Down the Dynamic Block </h2> <p>Let’s walk through the key elements that make up a dynamic block:</p> <ul> <li><p><strong><code>label</code></strong>: This represents the type of block you want to generate dynamically (e.g., <code>subnet</code>, <code>security_group_rule</code>). It essentially defines what nested block you’re constructing within the parent block.</p></li> <li><p><strong><code>for_each</code></strong>: This argument takes a list or map, representing the collection of values you want to iterate over to generate multiple blocks. It allows you to loop over a set of data and create multiple instances of the nested block.</p></li> <li><p><strong><code>iterator</code></strong> (optional): By default, this takes the name of the <code>label</code> block, but you can customize it to any name you prefer. It acts as a placeholder for each element in your collection as you iterate over it. This helps in accessing individual elements within the <code>content</code> block.</p></li> <li><p><strong><code>content</code></strong>: This is the heart of your dynamic block. It defines the actual content that gets generated for each item in the iteration. Here, you use the iterator to reference properties or values of the current item in the loop.</p></li> </ul> <h3> Why Use Dynamic Blocks? </h3> <ul> <li> <strong>Eliminate Repetition</strong>: Write once, use multiple times. Dynamic blocks reduce code duplication, making your Terraform scripts more concise.</li> <li> <strong>Increase Maintainability</strong>: Changes are easier to manage when code is less cluttered and more focused.</li> <li> <strong>Enhance Readability</strong>: With dynamic blocks, you can structure your configuration in a way that is both efficient and easier to understand.</li> </ul> <h2> Example 1: Simplifying AWS Security Group Rules with Terraform Dynamic Blocks </h2> <h3> Without Using Dynamic Blocks </h3> <p>Let's start by looking at a typical Terraform configuration without using dynamic blocks. This configuration sets up an AWS VPC, a public subnet, and an AWS Security Group.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"aws_vpc"</span> <span class="s2">"main_vpc"</span> <span class="p">{</span> <span class="nx">cidr_block</span> <span class="p">=</span> <span class="s2">"10.0.0.0/16"</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"main-vpc"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_subnet"</span> <span class="s2">"public_subnet"</span> <span class="p">{</span> <span class="nx">vpc_id</span> <span class="p">=</span> <span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">id</span> <span class="nx">cidr_block</span> <span class="p">=</span> <span class="s2">"10.0.1.0/24"</span> <span class="nx">availability_zone</span> <span class="p">=</span> <span class="s2">"us-east-1a"</span> <span class="nx">map_public_ip_on_launch</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"public-subnet"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_security_group"</span> <span class="s2">"main_sg"</span> <span class="p">{</span> <span class="nx">vpc_id</span> <span class="p">=</span> <span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">id</span> <span class="nx">ingress</span> <span class="p">{</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="mi">22</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="mi">22</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">cidr_block</span><span class="p">]</span> <span class="p">}</span> <span class="nx">ingress</span> <span class="p">{</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="mi">80</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="mi">80</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">cidr_block</span><span class="p">]</span> <span class="p">}</span> <span class="nx">ingress</span> <span class="p">{</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="mi">443</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="mi">443</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">cidr_block</span><span class="p">]</span> <span class="p">}</span> <span class="nx">egress</span> <span class="p">{</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="mi">0</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="mi">0</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"-1"</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">cidr_block</span><span class="p">]</span> <span class="p">}</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"main-sg"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> Overview </h3> <ul> <li> <strong>VPC</strong>: Defines a Virtual Private Cloud with a CIDR block <code>10.0.0.0/16</code>.</li> <li> <strong>Subnet</strong>: Creates a public subnet within the VPC.</li> <li> <strong>Security Group</strong>: The security group (<code>aws_security_group.main_sg</code>) allows inbound traffic on ports 22 (SSH), 80 (HTTP), and 443 (HTTPS) and all outbound traffic.</li> </ul> <p>However, the <code>ingress</code> and <code>egress</code> rules are repetitive, which makes the configuration lengthy and difficult to maintain, especially as the rules grow. This is a prime candidate for refactoring using Terraform dynamic blocks.</p> <h3> Refactoring with Terraform Dynamic Blocks </h3> <p>Let's make our code more efficient and adhere to the DRY principle using dynamic blocks.</p> <h3> Using Terraform Dynamic Blocks </h3> <h4> Variables for Ingress and Egress Settings </h4> <p>First, we create variables to store our ingress and egress rules, making them reusable and easy to maintain:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"ingress_settings"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">object</span><span class="p">({</span> <span class="nx">description</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">port</span> <span class="p">=</span> <span class="nx">number</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}))</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Allows SSH access"</span> <span class="nx">port</span> <span class="p">=</span> <span class="mi">22</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="p">},</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Allows HTTP traffic"</span> <span class="nx">port</span> <span class="p">=</span> <span class="mi">80</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="p">},</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Allows HTTPS traffic"</span> <span class="nx">port</span> <span class="p">=</span> <span class="mi">443</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="p">}</span> <span class="p">]</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"egress_settings"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">object</span><span class="p">({</span> <span class="nx">description</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">port</span> <span class="p">=</span> <span class="nx">number</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}))</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Allows any protocol with any port access"</span> <span class="nx">port</span> <span class="p">=</span> <span class="mi">0</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"-1"</span> <span class="p">}</span> <span class="p">]</span> <span class="p">}</span> </code></pre> </div> <ul> <li> <strong><code>ingress_settings</code></strong>: Contains a list of ingress rules with <code>description</code>, <code>port</code>, and <code>protocol</code>.</li> <li> <strong><code>egress_settings</code></strong>: Contains egress rules with similar attributes.</li> </ul> <p>By storing these rules in variables, you make them flexible and easier to modify or expand.</p> <h4> Implementing Dynamic Blocks in Resource Block </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"aws_vpc"</span> <span class="s2">"main_vpc"</span> <span class="p">{</span> <span class="nx">cidr_block</span> <span class="p">=</span> <span class="s2">"10.0.0.0/16"</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"main-vpc"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_subnet"</span> <span class="s2">"public_subnet"</span> <span class="p">{</span> <span class="nx">vpc_id</span> <span class="p">=</span> <span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">id</span> <span class="nx">cidr_block</span> <span class="p">=</span> <span class="s2">"10.0.1.0/24"</span> <span class="nx">availability_zone</span> <span class="p">=</span> <span class="s2">"us-east-1a"</span> <span class="nx">map_public_ip_on_launch</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"public-subnet"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_security_group"</span> <span class="s2">"main_sg"</span> <span class="p">{</span> <span class="nx">vpc_id</span> <span class="p">=</span> <span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">id</span> <span class="nx">dynamic</span> <span class="s2">"ingress"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">ingress_settings</span> <span class="nx">content</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="nx">ingress</span><span class="p">.</span><span class="nx">value</span><span class="p">[</span><span class="s2">"description"</span><span class="p">]</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="nx">ingress</span><span class="p">.</span><span class="nx">value</span><span class="p">[</span><span class="s2">"port"</span><span class="p">]</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="nx">ingress</span><span class="p">.</span><span class="nx">value</span><span class="p">[</span><span class="s2">"port"</span><span class="p">]</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="nx">ingress</span><span class="p">.</span><span class="nx">value</span><span class="p">[</span><span class="s2">"protocol"</span><span class="p">]</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">cidr_block</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">dynamic</span> <span class="s2">"egress"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">egress_settings</span> <span class="nx">iterator</span> <span class="p">=</span> <span class="nx">main_sg_egress</span> <span class="nx">content</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="nx">main_sg_egress</span><span class="p">.</span><span class="nx">value</span><span class="p">[</span><span class="s2">"description"</span><span class="p">]</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="nx">main_sg_egress</span><span class="p">.</span><span class="nx">value</span><span class="p">[</span><span class="s2">"port"</span><span class="p">]</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="nx">main_sg_egress</span><span class="p">.</span><span class="nx">value</span><span class="p">[</span><span class="s2">"port"</span><span class="p">]</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="nx">main_sg_egress</span><span class="p">.</span><span class="nx">value</span><span class="p">[</span><span class="s2">"protocol"</span><span class="p">]</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">cidr_block</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"main-sg"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Let us Break Down the Dynamic Block Implementation</p> <h3> Explanation of the ingress Dynamic Block </h3> <p>Here's the <code>ingress</code> block from our Terraform configuration:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">dynamic</span> <span class="s2">"ingress"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">ingress_settings</span> <span class="nx">content</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="nx">ingress</span><span class="p">.</span><span class="nx">value</span><span class="p">[</span><span class="s2">"description"</span><span class="p">]</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="nx">ingress</span><span class="p">.</span><span class="nx">value</span><span class="p">[</span><span class="s2">"port"</span><span class="p">]</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="nx">ingress</span><span class="p">.</span><span class="nx">value</span><span class="p">[</span><span class="s2">"port"</span><span class="p">]</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="nx">ingress</span><span class="p">.</span><span class="nx">value</span><span class="p">[</span><span class="s2">"protocol"</span><span class="p">]</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">cidr_block</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Let’s break down each part to understand what's happening:</p> <h4> 1. dynamic ingress Block </h4> <ul> <li>Just like with the <code>egress</code> block, the <code>dynamic</code> keyword allows us to create multiple <code>ingress</code> blocks based on the values in <code>var.ingress_settings</code>.</li> <li>This means we can generate as many ingress rules as needed without having to hard-code each one.</li> </ul> <h4> 2. for_each = var.ingress_settings </h4> <ul> <li> <code>for_each</code> tells Terraform to iterate over the list defined in the <code>ingress_settings</code> variable.</li> <li>Each item in this list represents an individual ingress rule with attributes like <code>description</code>, <code>port</code>, and <code>protocol</code>.</li> </ul> <h4> 3. The Absence of an Explicit iterator Definition </h4> <ul> <li>Unlike the <code>egress</code> block, we have not defined an <code>iterator</code> for the <code>ingress</code> block.</li> <li>When you omit the <code>iterator</code> attribute, Terraform defaults to using the block label (in this case, <code>ingress</code>) as the iteration variable.</li> <li>This means that within the <code>content</code> block, <code>ingress.value</code> refers to the current item in the <code>for_each</code> loop.</li> </ul> <blockquote> <p><strong>Why Is This Important?</strong></p> </blockquote> <ul> <li>Using <code>ingress.value</code> is the default behavior, making the code simpler and cleaner when you don't need a custom iterator name.</li> <li>This approach is ideal when you don’t have multiple nested dynamic blocks or when there is no risk of confusion.</li> </ul> <h4> 4. content Block </h4> <ul> <li>The <code>content</code> block defines the structure of each dynamically generated <code>ingress</code> rule: <ul> <li> <code>description = ingress.value["description"]</code>: Accesses the <code>description</code> field of the current rule.</li> <li> <code>from_port</code> and <code>to_port</code>: Both set to <code>ingress.value["port"]</code>, indicating the port range for this rule.</li> <li> <code>protocol = ingress.value["protocol"]</code>: Sets the communication protocol (e.g., <code>tcp</code>, <code>udp</code>).</li> <li> <code>cidr_blocks = [aws_vpc.main_vpc.cidr_block]</code>: Restricts access to the CIDR block defined by our main VPC.</li> </ul> </li> </ul> <h3> Explanation of the egress Dynamic Block </h3> <p>Here's the relevant part of the code that uses a dynamic block for the <code>egress</code> rules:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">dynamic</span> <span class="s2">"egress"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">egress_settings</span> <span class="nx">iterator</span> <span class="p">=</span> <span class="nx">main_sg_egress</span> <span class="nx">content</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="nx">main_sg_egress</span><span class="p">.</span><span class="nx">value</span><span class="p">[</span><span class="s2">"description"</span><span class="p">]</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="nx">main_sg_egress</span><span class="p">.</span><span class="nx">value</span><span class="p">[</span><span class="s2">"port"</span><span class="p">]</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="nx">main_sg_egress</span><span class="p">.</span><span class="nx">value</span><span class="p">[</span><span class="s2">"port"</span><span class="p">]</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="nx">main_sg_egress</span><span class="p">.</span><span class="nx">value</span><span class="p">[</span><span class="s2">"protocol"</span><span class="p">]</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">cidr_block</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Let's break this down thoroughly:</p> <h4> 1. dynamic egress Block </h4> <ul> <li>The <code>dynamic</code> keyword allows us to generate multiple instances of the <code>egress</code> block based on an iterable set of data (<code>var.egress_settings</code> in this case).</li> <li>This approach provides a way to avoid manually duplicating the <code>egress</code> block for each rule, making our Terraform code much more maintainable and scalable.</li> </ul> <h4> 2. for_each = var.egress_settings </h4> <ul> <li>This line tells Terraform to loop through each item in the <code>var.egress_settings</code> list and create an <code>egress</code> block for each element.</li> <li> <code>var.egress_settings</code> is a variable of type <code>list(object({ ... }))</code>, which contains all the rules we want to define for our egress traffic.</li> </ul> <h4> 3. iterator = main_sg_egress </h4> <ul> <li>By default, Terraform uses the keyword <code>egress</code> as the iteration variable to refer to the current item in the <code>for_each</code> loop. However, using the <code>iterator</code> keyword, we override this default behavior and provide our own custom name, <code>main_sg_egress</code>.</li> <li>This means that instead of accessing <code>egress.value</code> to get the current item's properties, we now access <code>main_sg_egress.value</code>.</li> </ul> <blockquote> <p><strong>Why Use <code>iterator</code>?</strong></p> </blockquote> <ul> <li>The <code>iterator</code> attribute is particularly useful when you want to enhance the readability of your code or <strong>avoid conflicts when nesting multiple dynamic blocks that might otherwise share the same default name</strong>. In this case, ideally we do not need any <em>iterator</em> but to understand this concept we are using it.</li> </ul> <h4> 4. content Block </h4> <ul> <li>The <code>content</code> block defines what the <code>egress</code> rules should look like for each item.</li> <li>We access each value of the current item using <code>main_sg_egress.value</code>. For example: <ul> <li> <code>main_sg_egress.value["description"]</code> provides the description of the current egress rule.</li> <li> <code>main_sg_egress.value["port"]</code> specifies the port number for <code>from_port</code> and <code>to_port</code>.</li> <li> <code>main_sg_egress.value["protocol"]</code> gives the protocol type (e.g., <code>tcp</code>, <code>udp</code>, or <code>-1</code> for all).</li> </ul> </li> </ul> <h2> Example 2: Using map(object) with Dynamic Blocks for Simplified Ingress and Egress Rules </h2> <p>In this example, we'll take a more efficient approach by combining ingress and egress rules into a single variable using a <code>map(object)</code> type. This design allows us to handle security group rules with greater flexibility and simplicity, reducing redundancy and making it easier to manage changes.</p> <h3> Step 1: Define a map(object) Variable for Security Group Rules </h3> <p>We start by defining a variable named <code>sg_settings</code>, which holds all our security group rules (both ingress and egress) in a single structure. This variable is a <code>map</code> containing <code>object</code> entries that define each rule's details.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"sg_settings"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">map</span><span class="p">(</span><span class="nx">object</span><span class="p">({</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">description</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">port</span> <span class="p">=</span> <span class="nx">number</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}))</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">ssh_ingress</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"ingress"</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Allows SSH access"</span> <span class="nx">port</span> <span class="p">=</span> <span class="mi">22</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="p">},</span> <span class="nx">http_ingress</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"ingress"</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Allows HTTP traffic"</span> <span class="nx">port</span> <span class="p">=</span> <span class="mi">80</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="p">},</span> <span class="nx">https_ingress</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"ingress"</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Allows HTTPS traffic"</span> <span class="nx">port</span> <span class="p">=</span> <span class="mi">443</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="p">},</span> <span class="nx">all_egress</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"egress"</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Allows all outbound traffic"</span> <span class="nx">port</span> <span class="p">=</span> <span class="mi">0</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"-1"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>Explanation:</strong></p> <ul> <li>The <code>sg_settings</code> variable is defined as a <code>map(object)</code>, meaning it's a collection of objects that you can look up by a key (like <code>ssh_ingress</code> or <code>all_egress</code>).</li> <li>Each entry (<code>ssh_ingress</code>, <code>http_ingress</code>, <code>https_ingress</code>, <code>all_egress</code>) contains: <ul> <li> <code>type</code>: Determines if the rule is <code>ingress</code> (incoming) or <code>egress</code> (outgoing).</li> <li> <code>description</code>: Provides a human-readable explanation of the rule.</li> <li> <code>port</code>: Specifies which port to allow traffic through.</li> <li> <code>protocol</code>: Indicates the protocol type (e.g., <code>tcp</code>, <code>udp</code>, or <code>-1</code> for all protocols).</li> </ul> </li> </ul> <p>By combining both ingress and egress rules into this single variable, we make the structure cleaner and avoid repetitive definitions.</p> <h3> Step 2: Use Dynamic Blocks to Define Ingress and Egress Rules in the Security Group Resource </h3> <p>Next, we create our <code>aws_security_group</code> resource, where we'll use Terraform's <code>dynamic</code> blocks to handle both ingress and egress rules based on the <code>type</code> specified in <code>sg_settings</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"aws_security_group"</span> <span class="s2">"main_sg"</span> <span class="p">{</span> <span class="nx">vpc_id</span> <span class="p">=</span> <span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">id</span> <span class="nx">dynamic</span> <span class="s2">"ingress"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">for</span> <span class="nx">key</span><span class="p">,</span> <span class="nx">rule</span> <span class="nx">in</span> <span class="nx">var</span><span class="p">.</span><span class="nx">sg_settings</span> <span class="err">:</span> <span class="nx">key</span> <span class="p">=</span><span class="err">&gt;</span> <span class="nx">rule</span> <span class="nx">if</span> <span class="nx">rule</span><span class="p">.</span><span class="nx">type</span> <span class="p">==</span> <span class="s2">"ingress"</span> <span class="p">}</span> <span class="nx">content</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="nx">ingress</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">description</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="nx">ingress</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">port</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="nx">ingress</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">port</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="nx">ingress</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">protocol</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">cidr_block</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">dynamic</span> <span class="s2">"egress"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">for</span> <span class="nx">key</span><span class="p">,</span> <span class="nx">rule</span> <span class="nx">in</span> <span class="nx">var</span><span class="p">.</span><span class="nx">sg_settings</span> <span class="err">:</span> <span class="nx">key</span> <span class="p">=</span><span class="err">&gt;</span> <span class="nx">rule</span> <span class="nx">if</span> <span class="nx">rule</span><span class="p">.</span><span class="nx">type</span> <span class="p">==</span> <span class="s2">"egress"</span> <span class="p">}</span> <span class="nx">content</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="nx">egress</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">description</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="nx">egress</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">port</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="nx">egress</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">port</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="nx">egress</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">protocol</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">cidr_block</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"main-sg"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>Explanation:</strong></p> <ul> <li> <code>resource "aws_security_group" "main_sg"</code> creates an AWS security group within the specified VPC (<code>aws_vpc.main_vpc.id</code>).</li> <li>The <code>dynamic</code> block generates multiple <code>ingress</code> or <code>egress</code> blocks based on the contents of our <code>sg_settings</code> variable.</li> </ul> <h4> Detailed Breakdown of the dynamic Blocks: </h4> <ol> <li> <p><strong>Dynamic <code>ingress</code> Block:</strong></p> <ul> <li> <code>for_each</code> iterates over each entry in <code>sg_settings</code> where <code>type</code> is <code>"ingress"</code>.</li> <li>Inside <code>content</code>, the actual security group rule is created using values from <code>sg_settings</code>.</li> <li>This dynamic block allows us to generate multiple <code>ingress</code> rules based on the entries in our variable.</li> </ul> </li> <li> <p><strong>Dynamic <code>egress</code> Block:</strong></p> <ul> <li>Similarly, <code>for_each</code> iterates over rules in <code>sg_settings</code> where <code>type</code> is <code>"egress"</code>.</li> <li>The content block sets the values for each egress rule based on the data in the variable.</li> <li>This ensures all outbound traffic rules are handled efficiently.</li> </ul> </li> </ol> <h3> Why This Approach Is Better </h3> <ul> <li> <strong>Unified Configuration</strong>: All rules are defined in a single, easy-to-manage variable (<code>sg_settings</code>), reducing complexity and improving readability.</li> <li> <strong>Reduced Redundancy</strong>: The use of dynamic blocks means we avoid manually writing multiple <code>ingress</code> and <code>egress</code> blocks, making the code cleaner.</li> <li> <strong>Flexibility</strong>: Adding or removing rules is as simple as modifying the <code>sg_settings</code> variable, without needing to change the resource definition.</li> </ul> <h2> Example 3: Dynamic Blocks in Terraform for AMI Filtering </h2> <p>In this example, we leverage Terraform's dynamic blocks to filter Amazon Machine Images (AMIs) based on specific tags, enabling streamlined resource creation. This approach enhances configuration ability and allows for efficient management of EC2 instances to specific environments.</p> <h3> Variables and AMI Filtering </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"ami_tag_filters"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"A list of tag filters to locate specific Amazon Machine Images (AMIs)"</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"tag:Purpose"</span> <span class="nx">values</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"WebServer"</span><span class="p">]</span> <span class="p">},</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"tag:Environment"</span> <span class="nx">values</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"Production"</span><span class="p">]</span> <span class="p">}</span> <span class="p">]</span> <span class="p">}</span> </code></pre> </div> <p>The <code>ami_tag_filters</code> variable is defined as a list of filters that contain key-value pairs of tags. The variable is used to dynamically search for AMIs based on tags like <code>Purpose</code> and <code>Environment</code>. Here, the AMI is tagged with <code>Purpose = WebServer</code> and <code>Environment = Production</code>.</p> <h3> Data Source for AMI Selection </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">data</span> <span class="s2">"aws_ami"</span> <span class="s2">"filtered_ami"</span> <span class="p">{</span> <span class="nx">most_recent</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">owners</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"self"</span><span class="p">]</span> <span class="nx">dynamic</span> <span class="s2">"filter"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">ami_tag_filters</span> <span class="nx">content</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="nx">filter</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">name</span> <span class="nx">values</span> <span class="p">=</span> <span class="nx">filter</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">values</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>The <code>data "aws_ami" "filtered_ami"</code> block is used to dynamically filter AMIs based on the specified tags. The <code>most_recent = true</code> parameter ensures that the most recent AMI that matches the filters is selected. The <code>owners</code> attribute is set to <code>"self"</code>, meaning only AMIs owned by the current AWS account will be considered.</p> <p>Dynamic blocks are used in this section to iterate over the <code>ami_tag_filters</code> list. The <code>for_each</code> parameter takes each filter in the list and applies it to the AMI search. Inside the <code>content</code> block, the tag name and values are applied to each filter. This flexibility allows you to add or remove filters without modifying the data block itself.</p> <h3> EC2 Instance Creation </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"web_server_instance"</span> <span class="p">{</span> <span class="nx">count</span> <span class="p">=</span> <span class="mi">2</span> <span class="nx">ami</span> <span class="p">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">aws_ami</span><span class="p">.</span><span class="nx">filtered_ami</span><span class="p">.</span><span class="nx">id</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"WebServer-${count.index}"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>The <code>aws_instance</code> resource provisions two EC2 instances using the <code>t2.micro</code> instance type. The AMI is dynamically retrieved from the filtered AMI data source. The <code>count</code> parameter creates two instances, and the instance's name tag is dynamically generated using the <code>${count.index}</code> syntax, which appends an index to the name (<code>WebServer-0</code>, <code>WebServer-1</code>).</p> <h2> Example 4: Helm Release Using Dynamic Blocks </h2> <h3> Before Dynamic Block </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"helm_release"</span> <span class="s2">"metric_server"</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"metrics-server"</span> <span class="nx">chart</span> <span class="p">=</span> <span class="s2">"metrics-server"</span> <span class="nx">repository</span> <span class="p">=</span> <span class="s2">"https://kubernetes-sigs.github.io/metrics-server/"</span> <span class="nx">version</span> <span class="p">=</span> <span class="s2">"3.12.0"</span> <span class="nx">set</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"replicas"</span> <span class="nx">value</span> <span class="p">=</span> <span class="s2">"2"</span> <span class="p">}</span> <span class="nx">set</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"metrics.enabled"</span> <span class="nx">value</span> <span class="p">=</span> <span class="s2">"true"</span> <span class="p">}</span> <span class="nx">set</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"serviceMonitor.enabled"</span> <span class="nx">value</span> <span class="p">=</span> <span class="s2">"true"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>This block of code works perfectly well, but it becomes difficult to scale as the number of settings increases. If you need to add more options or tweak existing ones, you'd have to repeat the same <code>set</code> block multiple times, which leads to redundancy and reduced maintainability. Now, let's optimize it using dynamic blocks to make it more modular, reusable, and maintainable.</p> <h3> After Dynamic Block </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># Define variables</span> <span class="nx">variable</span> <span class="s2">"metrics_server_settings"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">map</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="s2">"replicas"</span> <span class="p">=</span> <span class="s2">"2"</span> <span class="s2">"metrics.enabled"</span> <span class="p">=</span> <span class="s2">"true"</span> <span class="s2">"serviceMonitor.enabled"</span> <span class="p">=</span> <span class="s2">"true"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"helm_release"</span> <span class="s2">"metric_server"</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"metrics-server_release"</span> <span class="nx">chart</span> <span class="p">=</span> <span class="s2">"metrics-server"</span> <span class="nx">repository</span> <span class="p">=</span> <span class="s2">"https://kubernetes-sigs.github.io/metrics-server/"</span> <span class="nx">version</span> <span class="p">=</span> <span class="s2">"3.12.0"</span> <span class="nx">dynamic</span> <span class="s2">"set"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">metrics_server_settings</span> <span class="nx">content</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="nx">set</span><span class="p">.</span><span class="nx">key</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">set</span><span class="p">.</span><span class="nx">value</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> Breakdown of the Dynamic Configuration </h3> <ol> <li> <p><strong>Variable Definition</strong>:</p> <ul> <li>The <code>metrics_server_settings</code> variable is defined as a <code>map(string)</code>. This type allows us to store multiple key-value pairs for our Helm release configuration.</li> <li>The default values in this example include <code>replicas</code>, <code>metrics.enabled</code>, and <code>serviceMonitor.enabled</code>. These correspond to the settings we need for the <code>metrics-server</code> Helm chart.</li> </ul> </li> <li> <p><strong>Dynamic Block</strong>:</p> <ul> <li>The dynamic block leverages the <code>for_each</code> argument to loop over the key-value pairs in <code>var.metrics_server_settings</code>.</li> <li>For every key in the map, Terraform generates a <code>set</code> block, where the key becomes the Helm chart setting (e.g., <code>replicas</code> or <code>metrics.enabled</code>), and the value is passed to the <code>set.value</code>.</li> </ul> </li> </ol> <h3> Why the Dynamic Block is Better </h3> <p>The use of dynamic blocks transforms a static, repetitive setup into a flexible and concise solution. Instead of writing multiple <code>set</code> blocks, you can define all your settings in a <code>map</code> variable and then iterate over them, automatically generating the necessary <code>set</code> blocks. This approach not only reduces code duplication but also allows for easy updates and future scalability. </p> <p>For example, if you want to add another setting, such as configuring resource limits, you would simply modify the variable:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"metrics_server_settings"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">map</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="s2">"replicas"</span> <span class="p">=</span> <span class="s2">"2"</span> <span class="s2">"metrics.enabled"</span> <span class="p">=</span> <span class="s2">"true"</span> <span class="s2">"serviceMonitor.enabled"</span> <span class="p">=</span> <span class="s2">"true"</span> <span class="s2">"resources.limits.cpu"</span> <span class="p">=</span> <span class="s2">"100m"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>With this, the dynamic block automatically picks up the additional setting without needing any changes to the core Helm release resource code.</p> <h2> Example 5: Nested Dynamic Blocks (EC2 Instance with Dynamic EBS Volumes and Tags) </h2> <p>When dealing with cloud infrastructure, flexibility is key—especially when managing resources like EBS volumes attached to EC2 instances. In this example, we'll use <strong>nested dynamic blocks</strong> to dynamically attach multiple EBS volumes to an EC2 instance, each with its own configuration and tags.</p> <p>This scenario reflects a more realistic infrastructure setup where you may need to attach additional storage to your EC2 instance based on different workload needs, such as adding extra volumes for data storage, backup, or application-specific requirements. We'll also apply unique tags to these volumes, helping with organization, cost tracking, or environment differentiation.</p> <p>Let’s dive in to see how dynamic blocks can help make your Terraform configuration flexible and scalable.</p> <h3> Variables Definition Using map(object) </h3> <p>We’ll define the EBS volumes, their sizes, types, and specific tags using a <code>map(object)</code> variable.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"ebs_volumes"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">map</span><span class="p">(</span><span class="nx">object</span><span class="p">({</span> <span class="nx">size</span> <span class="p">=</span> <span class="nx">number</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">tags</span> <span class="p">=</span> <span class="nx">map</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="p">}))</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="s2">"data_volume"</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">size</span> <span class="p">=</span> <span class="mi">50</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"gp3"</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"Data-Volume"</span> <span class="nx">Env</span> <span class="p">=</span> <span class="s2">"Prod"</span> <span class="nx">Usage</span> <span class="p">=</span> <span class="s2">"Database"</span> <span class="p">}</span> <span class="p">},</span> <span class="s2">"backup_volume"</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">size</span> <span class="p">=</span> <span class="mi">100</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"gp3"</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"Backup-Volume"</span> <span class="nx">Env</span> <span class="p">=</span> <span class="s2">"Prod"</span> <span class="nx">Usage</span> <span class="p">=</span> <span class="s2">"Backup"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>In this example:</p> <ul> <li>The <code>ebs_volumes</code> variable is a map where: <ul> <li> <strong>Keys</strong> (<code>data_volume</code>, <code>backup_volume</code>) represent unique identifiers for the volumes.</li> <li>Each volume is defined as an object containing:</li> <li> <strong>size</strong>: The volume size in GB.</li> <li> <strong>type</strong>: The type of the EBS volume (e.g., <code>gp3</code>).</li> <li> <strong>tags</strong>: A map of key-value pairs to tag each volume, such as its purpose, environment, and other metadata.</li> </ul> </li> </ul> <h3> Terraform Configuration with Nested Dynamic Blocks </h3> <p>Using the dynamic block setup, we’ll create an EC2 instance that dynamically attaches the specified volumes and applies unique tags to each volume.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"example"</span> <span class="p">{</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0c55b159cbfafe1f0"</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t3.medium"</span> <span class="nx">dynamic</span> <span class="s2">"ebs_block_device"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">ebs_volumes</span> <span class="nx">iterator</span> <span class="p">=</span> <span class="nx">ebs_volume</span> <span class="nx">content</span> <span class="p">{</span> <span class="nx">device_name</span> <span class="p">=</span> <span class="s2">"/dev/sd${ebs_volume.key}"</span> <span class="nx">volume_size</span> <span class="p">=</span> <span class="nx">ebs_volume</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">size</span> <span class="nx">volume_type</span> <span class="p">=</span> <span class="nx">ebs_volume</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">type</span> <span class="nx">dynamic</span> <span class="s2">"tags"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">ebs_volume</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">tags</span> <span class="nx">iterator</span> <span class="p">=</span> <span class="nx">volume_tag</span> <span class="nx">content</span> <span class="p">{</span> <span class="nx">key</span> <span class="p">=</span> <span class="nx">volume_tag</span><span class="p">.</span><span class="nx">key</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">volume_tag</span><span class="p">.</span><span class="nx">value</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"App-EC2-Instance"</span> <span class="nx">Env</span> <span class="p">=</span> <span class="s2">"Prod"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> Explanation: </h3> <ol> <li> <p><strong>Dynamic Block for <code>ebs_block_device</code></strong>:</p> <ul> <li>The dynamic block uses the <code>ebs_volume</code> iterator to loop over the <code>var.ebs_volumes</code> map. Each key in this map represents an individual volume, and the block dynamically configures the <code>device_name</code>, <code>volume_size</code>, and <code>volume_type</code> based on the attributes of each <code>ebs_volume</code>.</li> <li>The <code>device_name</code> is generated dynamically using the <code>ebs_volume.key</code> to ensure each attached volume has a unique identifier. The <code>volume_size</code> and <code>volume_type</code> are set according to the values provided in the <code>ebs_volumes</code> variable.</li> </ul> </li> <li> <p><strong>Nested Dynamic Block for <code>tags</code></strong>:</p> <ul> <li>Inside each <code>ebs_volume</code> block, the nested dynamic block iterates over the volume's tags using the <code>volume_tag</code> iterator. This enables Terraform to apply a set of key-value tags to each specific volume.</li> <li>The <code>volume_tag.key</code> and <code>volume_tag.value</code> ensure that each volume receives the exact tags as defined in the <code>ebs_volumes</code> map.</li> </ul> </li> </ol> <p>By using meaningful iterators like <code>ebs_volume</code> and <code>volume_tag</code>, the structure of the Terraform configuration becomes clearer, enhancing readability and maintainability. The use of nested dynamic blocks ensures flexibility and future-proofing, allowing for efficient management of multiple EBS volumes and consistent application of tags. This approach keeps the configuration clean, scalable, and easy to adapt as infrastructure needs grow. </p> <h2> Conclusion </h2> <p>Get hooked on Terraform dynamic blocks! These powerful features streamline your infrastructure as code configurations, reducing redundancy, enhancing readability, and improving maintainability. By leveraging dynamic blocks, you can create more flexible and scalable solutions, simplifying complex setups and managing resources with ease. So, dive into the world of Terraform dynamic blocks and experience the transformation power they bring to your infrastructure management.</p> devops terraform cloud aws Terraform For_Each Meta-Argument 101 Panchanan Panigrahi Wed, 25 Sep 2024 12:19:09 +0000 https://dev.to/sre_panchanan/terraform-foreach-meta-argument-101-nlj https://dev.to/sre_panchanan/terraform-foreach-meta-argument-101-nlj <ul> <li>What is Terraform for_each?</li> <li> How to Use For Each in Terraform? <ul> <li>Basic Syntax</li> <li>How For Each Works</li> <li>Key Points to Remember</li> </ul> </li> <li> Example 1: Using For Each with a Set of Strings to Create EC2 Instances in Terraform <ul> <li>Defining Instance Names</li> <li>Creating EC2 Instances with For Each</li> <li>Accessing the Created Instances</li> </ul> </li> <li> Example 2: Using For Each with a List of Strings to Create EC2 Instances in Terraform <ul> <li>How For Each Works with a List and Why We Use toset()</li> </ul> </li> <li> Example 3: Using For Each with a Map of Strings to Create EC2 Instances in Terraform <ul> <li>How For Each Works with a Map</li> <li>Using for Expressions in Outputs</li> </ul> </li> <li> Example 4: Using For Each with a Map of Objects to Create EC2 Instances in Terraform <ul> <li>How For Each Works with a Map of Objects</li> </ul> </li> <li> Example 5: Using For Each with a Data Source to Create EC2 Instances in Terraform <ul> <li>How For Each Works with a Data Source</li> <li>Why This Approach is Effective</li> </ul> </li> <li> Example 5: Using For Each with a Module to Create EC2 Instances in Terraform <ul> <li>How For Each Works with a Module</li> <li>Advantages of Using For Each with Modules</li> </ul> </li> <li> Understanding Terraform For Each Indexing Challenges <ul> <li>The Key Based Indexing Difference</li> <li>The Impact of Modifying Keys</li> <li>Best Practices for Handling For Each Indexing</li> <li>The Takeaway: Embrace For Each with Care</li> </ul> </li> </ul> <p>In Terraform, scaling your infrastructure efficiently often means dealing with sets of resources that have unique characteristics, even if they belong to the same group. While the <code>count</code> meta-argument is useful for creating multiple similar resources, it falls short when you need more nuanced control over individual elements. </p> <p>This is where the <code>for_each</code> meta-argument shines! Unlike <code>count</code>, which relies solely on indexes, <code>for_each</code> offers the flexibility to manage resources based on keys from a map or values from a set, giving you unparalleled control over each instance, allowing you to precisely configure resources without the hassle of repetitive code.</p> <p>In this blog, we’ll explore how <code>for_each</code> can elevate your Terraform projects, making them more dynamic, adaptable, and responsive to change. Ready to unlock the next level of Terraform mastery? Let’s dive in!</p> <h2> What is Terraform for_each? </h2> <p>Terraform's <code>for_each</code> meta-argument is a flexible way to create multiple instances of a resource, data source, or module by iterating over a <strong>map or set</strong> of strings. </p> <p>Unlike <code>count</code>, which relies on numeric indexing, <code>for_each</code> allows you to define unique configurations for each instance using the <code>each</code> object (<code>each.key</code> and <code>each.value</code>). </p> <p>This makes it ideal for managing resources that share similarities but need individual customization, such as setting different CIDR ranges for subnets, all within a single resource block.</p> <h2> How to Use For Each in Terraform? </h2> <p>The <code>for_each</code> meta-argument in Terraform allows you to create multiple instances of a resource, data source, or module with great flexibility. Let's break down the general syntax and understand how to use it effectively.</p> <h3> Basic Syntax </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"&lt;resource_type&gt;"</span> <span class="s2">"&lt;resource_name&gt;"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instances</span> <span class="c1">// Other resource attributes</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="nx">each</span><span class="p">.</span><span class="err">&lt;</span><span class="nx">value</span><span class="p">/</span><span class="nx">key</span><span class="err">&gt;</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <ul> <li> <strong><code>&lt;resource_type&gt;</code></strong>: This specifies the type of Terraform resource, such as <code>aws_vpc</code>, <code>aws_instance</code>, etc.</li> <li> <strong><code>&lt;resource_name&gt;</code></strong>: A user-defined name used to reference this resource within your Terraform configuration.</li> <li> <strong><code>for_each</code></strong>: This is assigned a variable (e.g., <code>var.instances</code>), which can be a list, set, or map that dictates how many instances to create.</li> </ul> <h3> How For Each Works </h3> <ol> <li> <strong>Variable Source</strong>: The <code>for_each</code> meta-argument is assigned to a variable like <code>var.instances</code>. This variable can be a set of strings, list, or map.</li> </ol> <ul> <li>If it’s a <strong>set of strings</strong>, you’ll use <code>each.value</code>.</li> <li>If it’s a <strong>map</strong>, you can access both <code>each.key</code> and <code>each.value</code>.</li> </ul> <ol> <li> <strong>The <code>each</code> Object</strong>: Within the resource block, Terraform automatically provides the <code>each</code> object, enabling you to reference the data for each instance created: <ul> <li> <strong><code>each.value</code></strong>: Represents the value of the current element in the iteration.</li> <li> <strong><code>each.key</code></strong>: Represents the key if the <code>for_each</code> variable is a map.</li> </ul> </li> </ol> <h4> Key Points to Remember </h4> <ul> <li> <code>each.value</code> and <code>each.key</code> both are same for <strong>Sets</strong>, but generally use <code>each.value</code> as industry standard.</li> <li> <strong>Maps</strong> give you access to both <code>each.key</code> and <code>each.value</code>.</li> </ul> <p><strong>Note:</strong><br> When you run the <code>terraform plan</code> command, it will show the resources Terraform plans to create based on the <code>for_each</code> logic. Feel free to apply these changes using <code>terraform apply</code> to see the <code>for_each</code> magic in action!</p> <h2> Example 1: Using For Each with a Set of Strings to Create EC2 Instances in Terraform </h2> <p>In this section, we'll explore how to create multiple AWS EC2 instances using Terraform's <code>for_each</code> meta-argument with a set of strings. This approach allows us to manage multiple resources efficiently and dynamically.</p> <h3> Defining Instance Names </h3> <p>We start by defining a variable <code>instance_names</code>, which contains a set of strings representing the names for each EC2 instance:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_names"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Set of names for each EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">set</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"ubuntu_server_1"</span><span class="p">,</span> <span class="s2">"ubuntu_server_2"</span><span class="p">,</span> <span class="s2">"ubuntu_server_3"</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <p>The <code>default</code> value specifies that we want to create three instances with the names <code>ubuntu_server_1</code>, <code>ubuntu_server_2</code>, and <code>ubuntu_server_3</code>.</p> <h3> Creating EC2 Instances with For Each </h3> <p>The <code>for_each</code> meta-argument is used in the <code>aws_instance</code> resource to iterate over each item in the <code>instance_names</code> set, creating a separate EC2 instance for each name:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"ubuntu_instance"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0a0e5d9c7acc336f1"</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="nx">each</span><span class="p">.</span><span class="nx">value</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <ul> <li> <strong><code>for_each = var.instance_names</code></strong>: Instructs Terraform to loop through each item in <code>instance_names</code>.</li> <li> <strong><code>each.value</code></strong>: Represents the current name from the set during each iteration, ensuring each instance gets a unique <code>Name</code> tag based on the set item.</li> </ul> <p>This configuration results in three EC2 instances, each tagged with its respective name: <code>ubuntu_server_1</code>, <code>ubuntu_server_2</code>, and <code>ubuntu_server_3</code>.</p> <h3> Accessing the Created Instances </h3> <p>To retrieve the IDs of these instances, we can use Terraform's output values. Here’s how you can access the ID of a specific instance and all instance IDs:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"ubuntu_server_1_id"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">ubuntu_instance</span><span class="p">[</span><span class="s2">"ubuntu_server_1"</span><span class="p">].</span><span class="nx">id</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"all_ubuntu_servers_ids"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">ubuntu_instance</span><span class="p">[*].</span><span class="nx">id</span> <span class="p">}</span> </code></pre> </div> <ul> <li> <strong><code>aws_instance.ubuntu_instance["ubuntu_server_1"].id</code></strong>: Fetches the ID of the <code>ubuntu_server_1</code> instance.</li> <li> <strong><code>aws_instance.ubuntu_instance[*].id</code></strong>: Collects the IDs of all created instances in a set.</li> </ul> <p>This setup provides a clear, scalable way to manage and access multiple resources, ensuring efficient and organized infrastructure provisioning with Terraform.</p> <h2> Example 2: Using For Each with a List of Strings to Create EC2 Instances in Terraform </h2> <p>In this example, we’ll see how to use <code>for_each</code> with a list of strings to create multiple EC2 instances, focusing on how <code>for_each</code> works with lists and why we use the <code>toset()</code> function.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_names"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"List of names for each EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"ubuntu_server_1"</span><span class="p">,</span> <span class="s2">"ubuntu_server_2"</span><span class="p">,</span> <span class="s2">"ubuntu_server_3"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"ubuntu_instance"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">toset</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span><span class="p">)</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0a0e5d9c7acc336f1"</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="nx">each</span><span class="p">.</span><span class="nx">value</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"ubuntu_server_1_id"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">ubuntu_instance</span><span class="p">[</span><span class="s2">"ubuntu_server_1"</span><span class="p">].</span><span class="nx">id</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"all_ubuntu_servers_ids"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">ubuntu_instance</span><span class="p">[*].</span><span class="nx">id</span> <span class="p">}</span> </code></pre> </div> <h3> How For Each Works with a List and Why We Use toset() </h3> <p>The <code>for_each</code> argument expects a set-like collection of unique values to iterate over. However, lists in Terraform may contain duplicate values, which <code>for_each</code> does not support directly. Therefore, we convert the list to a set using <code>toset()</code> to ensure that each item is unique and treated correctly.</p> <p>By using <code>for_each = toset(var.instance_names)</code>, Terraform iterates over each unique name in <code>instance_names</code>, creating an EC2 instance for each item. <code>each.value</code> represents the current item in the iteration, allowing us to assign it as the <code>Name</code> tag for each instance.</p> <h2> Example 3: Using For Each with a Map of Strings to Create EC2 Instances in Terraform </h2> <p>In this example, we’ll show how to use <code>for_each</code> with a map of strings to create multiple EC2 instances. We will also dive deep into how the <code>for_each</code> statement works with a map and explain the <code>for</code> expression used in the output values.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_ami"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Map of AMI for each EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">map</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="s2">"ubuntu_server"</span> <span class="p">=</span> <span class="s2">"ubuntu_ami_id"</span><span class="p">,</span> <span class="s2">"redhat_server"</span> <span class="p">=</span> <span class="s2">"redhat_ami_id"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"linux_server"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_ami</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">ami</span> <span class="p">=</span> <span class="nx">each</span><span class="p">.</span><span class="nx">value</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="nx">each</span><span class="p">.</span><span class="nx">key</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"ubuntu_server_id"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="p">[</span><span class="nx">for</span> <span class="nx">instance_key</span><span class="p">,</span> <span class="nx">instance</span> <span class="nx">in</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">linux_server</span> <span class="err">:</span> <span class="nx">instance</span><span class="p">.</span><span class="nx">id</span> <span class="nx">if</span> <span class="nx">instance_key</span> <span class="err">==</span> <span class="s2">"ubuntu_server"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"all_linux_servers_ids"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="p">[</span><span class="nx">for</span> <span class="nx">instance</span> <span class="nx">in</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">linux_server</span> <span class="err">:</span> <span class="nx">instance</span><span class="p">.</span><span class="nx">id</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <h3> How For Each Works with a Map </h3> <p>When we use <code>for_each</code> with a map, Terraform treats each key-value pair as an individual item to process:</p> <ul> <li> <strong><code>for_each = var.instance_ami</code></strong>: This allows Terraform to iterate over each key-value pair in the <code>instance_ami</code> map.</li> <li> <strong><code>each.key</code></strong>: Represents the current key in the map (e.g., <code>ubuntu_server</code> or <code>redhat_server</code>).</li> <li> <strong><code>each.value</code></strong>: Corresponds to the AMI ID associated with that key.</li> </ul> <p>By setting <code>for_each</code> to this map, Terraform creates an instance for each key-value pair in the map, with the <code>Name</code> tag being set to the key and the <code>ami</code> attribute to the corresponding AMI ID.</p> <h3> Using for Expressions in Outputs </h3> <p>The <code>for</code> expression is a powerful way to build dynamic values based on existing data. Let’s break down how it works in our outputs:</p> <ol> <li> <strong>First Output (Ubuntu Server ID)</strong> </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">output</span> <span class="s2">"ubuntu_server_id"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="p">[</span><span class="nx">for</span> <span class="nx">instance_key</span><span class="p">,</span> <span class="nx">instance</span> <span class="nx">in</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">linux_server</span> <span class="err">:</span> <span class="nx">instance</span><span class="p">.</span><span class="nx">id</span> <span class="nx">if</span> <span class="nx">instance_key</span> <span class="err">==</span> <span class="s2">"ubuntu_server"</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <ul> <li> <strong><code>for instance_key, instance in aws_instance.linux_server</code></strong>: Iterates over the <code>linux_server</code> instances, extracting both the key (<code>instance_key</code>) and the instance object (<code>instance</code>).</li> <li> <strong><code>: instance.id</code></strong>: This specifies that we want the <code>id</code> of the instance as the output value.</li> <li> <strong><code>if instance_key == "ubuntu_server"</code></strong>: The <code>if</code> clause filters the instances, so only the ID of <code>ubuntu_server</code> is selected. Since the result is still a list (even with one item), this maintains the consistent format.</li> </ul> <ol> <li> <strong>Second Output (All Linux Server IDs)</strong> </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">output</span> <span class="s2">"all_linux_servers_ids"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="p">[</span><span class="nx">for</span> <span class="nx">instance</span> <span class="nx">in</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">linux_server</span> <span class="err">:</span> <span class="nx">instance</span><span class="p">.</span><span class="nx">id</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <ul> <li>This <code>for</code> expression iterates over all instances created by <code>for_each</code>, collecting each instance's ID into a list.</li> </ul> <p>The use of <code>for</code> expressions here makes our output more flexible, adaptable, and concise. This way, we can extract exactly what we need based on certain conditions or patterns, making it a powerful tool in Terraform configurations.</p> <h2> Example 4: Using For Each with a Map of Objects to Create EC2 Instances in Terraform </h2> <p>In this example, we will use <code>for_each</code> with a map of objects to create multiple EC2 instances. We'll focus on how <code>for_each</code> works with a map of objects and how to access each object's properties within the resource configuration.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_details"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Map of objects containing details for each EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">map</span><span class="p">(</span><span class="nx">object</span><span class="p">({</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">ami</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}))</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="s2">"ubuntu_server"</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0a0e5d9c7acc336f1"</span> <span class="p">}</span> <span class="s2">"redhat_server"</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.medium"</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0b69ea66ff7391e80"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"linux_server"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_details</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="nx">each</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">instance_type</span> <span class="nx">ami</span> <span class="p">=</span> <span class="nx">each</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">ami</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="nx">each</span><span class="p">.</span><span class="nx">key</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"ubuntu_server_id"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="p">[</span><span class="nx">for</span> <span class="nx">instance_key</span><span class="p">,</span> <span class="nx">instance</span> <span class="nx">in</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">linux_server</span> <span class="err">:</span> <span class="nx">instance</span><span class="p">.</span><span class="nx">id</span> <span class="nx">if</span> <span class="nx">instance_key</span> <span class="err">==</span> <span class="s2">"ubuntu_server"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"all_linux_servers_ids"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="p">[</span><span class="nx">for</span> <span class="nx">instance</span> <span class="nx">in</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">linux_server</span> <span class="err">:</span> <span class="nx">instance</span><span class="p">.</span><span class="nx">id</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <h3> How For Each Works with a Map of Objects </h3> <p>When using <code>for_each</code> with a map of objects, Terraform iterates over each key-value pair in the map. In this case:</p> <ul> <li> <strong><code>for_each = var.instance_details</code></strong>: Sets up the iteration over the <code>instance_details</code> variable, where each item is a key-value pair from the map.</li> <li> <strong><code>each.key</code></strong>: Represents the current key in the iteration (e.g., <code>ubuntu_server</code> or <code>redhat_server</code>).</li> <li> <strong><code>each.value</code></strong>: Contains the object associated with the current key, which in this case includes <code>instance_type</code> and <code>ami</code>.</li> </ul> <p>For each iteration, Terraform creates a new <code>aws_instance</code> resource, setting the <code>instance_type</code> and <code>ami</code> properties using <code>each.value.instance_type</code> and <code>each.value.ami</code>, respectively. The <code>tags</code> block uses <code>each.key</code> to assign the instance name.</p> <p>This approach provides a flexible way to manage more complex configurations by combining multiple attributes into a single map of objects, allowing you to handle more detailed setups for each resource without duplicating code.</p> <h2> Example 5: Using For Each with a Data Source to Create EC2 Instances in Terraform </h2> <p>In this example, we'll use a variable to define the AMI filters, making the configuration more flexible and easier to manage. We'll focus on explaining how <code>for_each</code> works with a data source and why this approach is highly effective for dynamic resource creation.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"ami_filters"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Map of AMI filters for different Linux distributions"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">map</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="s2">"ubuntu_server"</span> <span class="p">=</span> <span class="s2">"ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*"</span> <span class="s2">"redhat_server"</span> <span class="p">=</span> <span class="s2">"amzn2-ami-hvm-*-x86_64-gp2"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">data</span> <span class="s2">"aws_ami"</span> <span class="s2">"latest_linux_amis"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">ami_filters</span> <span class="nx">most_recent</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">owners</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"099720109477"</span><span class="p">,</span> <span class="s2">"137112412989"</span><span class="p">]</span> <span class="c1"># Owner IDs for Canonical and Amazon Linux</span> <span class="nx">filter</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"name"</span> <span class="nx">values</span> <span class="p">=</span> <span class="p">[</span><span class="nx">each</span><span class="p">.</span><span class="nx">value</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"linux_server"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">aws_ami</span><span class="p">.</span><span class="nx">latest_linux_amis</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">ami</span> <span class="p">=</span> <span class="nx">each</span><span class="p">.</span><span class="nx">value</span><span class="p">.</span><span class="nx">id</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="nx">each</span><span class="p">.</span><span class="nx">key</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"ubuntu_server_id"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="p">[</span><span class="nx">for</span> <span class="nx">instance_key</span><span class="p">,</span> <span class="nx">instance</span> <span class="nx">in</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">linux_server</span> <span class="err">:</span> <span class="nx">instance</span><span class="p">.</span><span class="nx">id</span> <span class="nx">if</span> <span class="nx">instance_key</span> <span class="err">==</span> <span class="s2">"ubuntu_server"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"all_linux_servers_ids"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="p">[</span><span class="nx">for</span> <span class="nx">instance</span> <span class="nx">in</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">linux_server</span> <span class="err">:</span> <span class="nx">instance</span><span class="p">.</span><span class="nx">id</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <h3> How For Each Works with a Data Source </h3> <p>The <code>for_each</code> meta-argument is incredibly powerful when working with data sources, as it allows us to loop through each item in a collection and create resources dynamically based on the data retrieved. Let’s break this down step-by-step in an easy-to-understand way:</p> <ol> <li> <strong>Using <code>for_each</code> in the Data Source:</strong> <ul> <li>In the <code>data "aws_ami" "latest_linux_amis"</code> block, we use <code>for_each = var.ami_filters</code>. This line tells Terraform to loop through the <code>ami_filters</code> variable, which is a map containing two entries: <code>ubuntu_server</code> and <code>redhat_server</code>.</li> <li>For each entry in the map, Terraform will execute the data source block independently. This means it will search for the latest AMI based on the filter values provided (<code>each.value</code>).</li> </ul> </li> </ol> <p><strong>Example:</strong></p> <ul> <li>In the first iteration, <code>each.key</code> is <code>"ubuntu_server"</code> and <code>each.value</code> is <code>"ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*"</code>.</li> <li>In the second iteration, <code>each.key</code> is <code>"redhat_server"</code> and <code>each.value</code> is <code>"amzn2-ami-hvm-*-x86_64-gp2"</code>.</li> </ul> <p>This process ensures that we retrieve the most up-to-date AMI IDs for both the Ubuntu and RedHat servers.</p> <ol> <li> <strong>Using <code>for_each</code> in the Resource Block:</strong> <ul> <li>In the <code>resource "aws_instance" "linux_server"</code> block, <code>for_each = data.aws_ami.latest_linux_amis</code> means Terraform will create one EC2 instance for each entry found by the data source.</li> <li> <code>each.key</code> represents the unique name of the server (<code>"ubuntu_server"</code> or <code>"redhat_server"</code>), while <code>each.value.id</code> fetches the actual AMI ID for that specific server.</li> </ul> </li> </ol> <p>This results in two distinct EC2 instances, each tagged appropriately:</p> <ul> <li>The <code>ubuntu_server</code> instance with the AMI ID found for Ubuntu</li> <li>The <code>redhat_server</code> instance with the AMI ID found for RedHat</li> </ul> <h3> Why This Approach is Effective </h3> <ul> <li> <strong>Dynamic Resource Creation:</strong> You don't have to manually define each resource. Instead, Terraform dynamically creates resources based on the data retrieved.</li> <li> <strong>Flexibility:</strong> By using variables and data sources, you can easily adapt the configuration to changes without modifying your core resource blocks.</li> </ul> <h2> Example 5: Using For Each with a Module to Create EC2 Instances in Terraform </h2> <p>In this example, we'll demonstrate how to use <code>for_each</code> with a module to create multiple EC2 instances dynamically based on the data passed to the module. This setup is both flexible and powerful, making it easy to scale your infrastructure. We'll focus on explaining how <code>for_each</code> works with a module, using a variable for better reusability and readability.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># ── main.tf ──────────────────────────────────────────────────────────────────────</span> <span class="c1"># Define a variable for instance information</span> <span class="nx">variable</span> <span class="s2">"instance_info"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Map of instance names and their respective AMI filter names"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">map</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="s2">"ubuntu_server"</span> <span class="p">=</span> <span class="s2">"ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*"</span> <span class="s2">"redhat_server"</span> <span class="p">=</span> <span class="s2">"amzn2-ami-hvm-*-x86_64-gp2"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">module</span> <span class="s2">"linux_servers"</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"./modules/aws_instance"</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_info</span> <span class="nx">ami_filter_name</span> <span class="p">=</span> <span class="nx">each</span><span class="p">.</span><span class="nx">value</span> <span class="nx">instance_name</span> <span class="p">=</span> <span class="nx">each</span><span class="p">.</span><span class="nx">key</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">ami_owner</span> <span class="p">=</span> <span class="nx">each</span><span class="p">.</span><span class="nx">key</span> <span class="p">==</span> <span class="s2">"ubuntu_server"</span> <span class="err">?</span> <span class="s2">"099720109477"</span> <span class="err">:</span> <span class="s2">"137112412989"</span> <span class="c1"># Canonical &amp; Amazon owner IDs</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"ubuntu_server_id"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="p">[</span><span class="nx">for</span> <span class="nx">instance_key</span><span class="p">,</span> <span class="nx">instance</span> <span class="nx">in</span> <span class="nx">module</span><span class="p">.</span><span class="nx">linux_servers</span> <span class="err">:</span> <span class="nx">instance</span><span class="p">.</span><span class="nx">instance_id</span> <span class="nx">if</span> <span class="nx">instance_key</span> <span class="err">==</span> <span class="s2">"ubuntu_server"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"all_linux_servers_ids"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="p">[</span><span class="nx">for</span> <span class="nx">instance</span> <span class="nx">in</span> <span class="nx">module</span><span class="p">.</span><span class="nx">linux_servers</span> <span class="err">:</span> <span class="nx">instance</span><span class="p">.</span><span class="nx">instance_id</span><span class="p">]</span> <span class="p">}</span> <span class="c1"># ── modules/aws_instance/main.tf ─────────────────────────────────────────────────</span> <span class="nx">variable</span> <span class="s2">"ami_filter_name"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"AMI filter name for the instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"instance_name"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Name tag for the EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"instance_type"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Type of EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"ami_owner"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Owner ID for the AMI"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">data</span> <span class="s2">"aws_ami"</span> <span class="s2">"latest_linux_ami"</span> <span class="p">{</span> <span class="nx">most_recent</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">owners</span> <span class="p">=</span> <span class="p">[</span><span class="nx">var</span><span class="p">.</span><span class="nx">ami_owner</span><span class="p">]</span> <span class="nx">filter</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"name"</span> <span class="nx">values</span> <span class="p">=</span> <span class="p">[</span><span class="nx">var</span><span class="p">.</span><span class="nx">ami_filter_name</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"linux_instance"</span> <span class="p">{</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_type</span> <span class="nx">ami</span> <span class="p">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">aws_ami</span><span class="p">.</span><span class="nx">latest_linux_ami</span><span class="p">.</span><span class="nx">id</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_name</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"instance_id"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">linux_instance</span><span class="p">.</span><span class="nx">id</span> <span class="p">}</span> </code></pre> </div> <h3> How For Each Works with a Module </h3> <p>When using <code>for_each</code> with a module, you gain the ability to create multiple instances of that module with different configurations based on a given set of inputs. Let's break down how this process works in an easy-to-understand manner:</p> <ol> <li> <strong>Defining <code>for_each</code> in the Module Block:</strong> <ul> <li>In the <code>main.tf</code> file, the <code>for_each</code> argument in the <code>module "linux_servers"</code> block takes the <code>instance_info</code> variable as input.</li> <li>This variable is a map where each key represents a unique server name (<code>"ubuntu_server"</code> and <code>"redhat_server"</code>), and each value specifies the AMI filter pattern for that server.</li> </ul> </li> </ol> <p>As a result, <code>for_each</code> instructs Terraform to create separate instances of the module for each entry in the <code>instance_info</code> map.</p> <ol> <li> <p><strong>Passing Data to the Module Using <code>for_each</code>:</strong></p> <ul> <li>For each key-value pair in <code>instance_info</code>, the <code>each.key</code> and <code>each.value</code> references pass the necessary data to the module variables (<code>ami_filter_name</code>, <code>instance_name</code>, <code>instance_type</code>, and <code>ami_owner</code>).</li> <li>For example: <ul> <li>For the first iteration: <code>each.key = "ubuntu_server"</code> and <code>each.value = "ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*"</code>.</li> <li>The module will then create an instance using this information, specifically an Ubuntu server.</li> </ul> </li> </ul> </li> <li> <p><strong>Handling Outputs with <code>for_each</code> Using <code>for</code> Expressions:</strong></p> <ul> <li>The output block <code>ubuntu_server_id</code> uses a <code>for</code> expression to filter out and retrieve the ID of the instance created for the <code>"ubuntu_server"</code> key.</li> <li>The <code>all_linux_servers_ids</code> output collects all instance IDs generated by the module using another <code>for</code> expression, ensuring you have a complete list of all instances.</li> </ul> </li> </ol> <h3> Advantages of Using For Each with Modules </h3> <ul> <li> <strong>Scalability:</strong> The <code>for_each</code> approach lets you create as many instances as needed by simply modifying the input variable, without duplicating any module code.</li> <li> <strong>Flexibility:</strong> By using <code>for_each</code> with a map, you can create uniquely configured instances in one go, making your Terraform configurations both efficient and adaptable.</li> </ul> <p>By leveraging <code>for_each</code> with modules, you achieve a powerful combination of modularity and dynamic resource creation. This approach allows you to maintain clean, reusable Terraform code, even when managing complex infrastructure setups.</p> <h2> Understanding Terraform For Each Indexing Challenges </h2> <p>Terraform's <code>for_each</code> meta-argument is a powerful tool for dynamically managing infrastructure, enabling us to iterate over a map or set of values effortlessly. This flexibility allows us to efficiently manage complex configurations with minimal duplication. However, there are some nuances and potential pitfalls, particularly with indexing, that we should be aware of.</p> <h3> The Key Based Indexing Difference </h3> <p>Unlike the traditional <code>count</code> meta-argument, where resources are indexed numerically (e.g., <code>resource.example[0]</code>, <code>resource.example[1]</code>), <code>for_each</code> relies on unique keys from the map or set you provide. This key-based indexing introduces challenges in scenarios where sequential operations or precise ordering are necessary, as resources are now referenced by keys rather than predictable numerical indices.</p> <p>For example, instead of referencing <code>my_resource[0]</code>, you would access <code>my_resource["key_name"]</code>. While this approach is flexible, it can make certain tasks more complex, particularly when dealing with resources that depend on a specific order or sequence.</p> <h3> The Impact of Modifying Keys </h3> <p>Another consideration with <code>for_each</code> is how changes to the map or set can trigger unintended resource modifications. When you add, remove, or change keys in the map used by <code>for_each</code>, Terraform may perceive these changes as entirely new resources, resulting in resource destruction and re-creation. This behavior can be surprising, especially in a production environment, potentially causing downtime or unintended disruptions.</p> <h3> Best Practices for Handling For Each Indexing </h3> <ul> <li> <strong>Use Stable and Predictable Keys:</strong> Choose keys that are unlikely to change over time, ensuring that your resources remain consistent and avoiding unnecessary re-creations.</li> <li> <strong>Be Cautious with Ordering Requirements:</strong> If the sequence of resource creation or updates is crucial, consider whether <code>for_each</code> is the right choice, as it doesn’t guarantee any specific ordering.</li> <li> <strong>Plan for Changes:</strong> Always run <code>terraform plan</code> before applying changes to understand the potential impact, particularly when modifying the map or set used with <code>for_each</code>.</li> </ul> <h3> The Takeaway: Embrace For Each with Care </h3> <p>While <code>for_each</code> brings tremendous flexibility and scalability to Terraform configurations, it's crucial to be mindful of its unique indexing behavior. By understanding these nuances, you can design more robust and resilient infrastructure code that leverages the power of <code>for_each</code> while avoiding common pitfalls.</p> devops terraform cloud aws Terraform Count Meta-Argument 101 Panchanan Panigrahi Tue, 24 Sep 2024 10:43:46 +0000 https://dev.to/sre_panchanan/terraform-count-meta-argument-101-5fpj https://dev.to/sre_panchanan/terraform-count-meta-argument-101-5fpj <ul> <li>What is the count meta-argument?</li> <li>Common Use Cases for count:</li> <li>Example 1: Provisioning Multiple Resources of the Same Type</li> <li> Example 2: Using a List Variable for Dynamic Tagging <ul> <li>Referring to the Instance IDs</li> <li>Accessing a Single Instance</li> <li>Accessing All Instances</li> <li>How This Works</li> <li>Why This Approach Is Effective</li> </ul> </li> <li>Example 3: Using the count Meta Argument with Conditional Expressions</li> <li> Example 4: Using the count Meta Argument in Data Blocks <ul> <li>How count Works in Data Blocks</li> <li>Which Instances Will Be Retrieved?</li> <li>Accessing Retrieved Instances</li> </ul> </li> <li> Example 5: Using the count Meta Argument in the Root Module with a Child Module <ul> <li>Child Module: modules/ec2_instance/main.tf</li> <li>Root Module: main.tf</li> <li>Explanation of the Example</li> <li>1. <strong>Child Module: Definition and Purpose</strong> </li> <li>2. <strong>Root Module: Configuration and Logic</strong> </li> <li>3. <strong>Output Block: Retrieving Instance IDs</strong> </li> <li>How It Works</li> <li>Limitations of the count Meta Argument in Terraform</li> <li>1. Lack of Flexibility with Dynamic Blocks</li> <li>2. Unintended Changes Due to Ordering</li> <li>Example:</li> <li>The Risks of Using count</li> <li>A Better Alternative: Using for_each</li> </ul> </li> <li>Final Thoughts</li> </ul> <p>In Terraform, managing infrastructure typically starts with defining resource blocks, each representing a single infrastructure component, such as an EC2 instance or a load balancer. But what happens when you need to create multiple similar resources, like a fleet of virtual machines or a group of users? Do you need to write out multiple, repetitive resource blocks? </p> <p>Thankfully, there's a more efficient way! Enter the Terraform "count" meta-argument, a powerful feature that allows you to deploy multiple, nearly identical resources without duplicating code. In this blog, we'll explore how the count meta-argument simplifies scaling your infrastructure and how the <code>count.index</code> attribute provides precise control over individual instances. Let’s dive in!</p> <h2> What is the count meta-argument? </h2> <p>The <code>count</code> meta-argument in Terraform is a powerful feature that allows you to create multiple instances of a resource or module efficiently, without the need to duplicate code. By specifying the <code>count</code> argument within a resource, module, or data block, you provide a whole number that indicates how many instances you want to create or fetch. This helps in scaling infrastructure effortlessly, whether you need multiple EC2 instances or want to retrieve multiple data objects. It's a simple yet effective way to manage repetitive infrastructure tasks with just a single line of configuration.</p> <h2> Common Use Cases for count: </h2> <p>There are two cases where we generally use count:</p> <ol> <li>provisioning of multiple resources of the same kind.</li> <li>Conditional Resource Provisioning.</li> </ol> <p>Lets understand them with examples.</p> <h2> Example 1: Provisioning Multiple Resources of the Same Type </h2> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"ubuntu_instance"</span> <span class="p">{</span> <span class="nx">count</span> <span class="p">=</span> <span class="mi">3</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0a0e5d9c7acc336f1"</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"ubuntu_server"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>In this example, the <code>count</code> meta-argument is set to <code>3</code>, which means Terraform will create three identical AWS EC2 instances using the specified <code>ami</code> and <code>instance_type</code>. However, all instances will share the same tag <code>Name = "ubuntu_server"</code>, making it difficult to distinguish between them. This could become even more challenging if you decide to scale up to 10 or more instances in the future. To handle such scenarios efficiently, you can use dynamic values with the <code>count.index</code> attribute to ensure each instance has a unique identifier, making management much easier.</p> <h2> Example 2: Using a List Variable for Dynamic Tagging </h2> <p>To efficiently provide unique tags for each instance, we can use a list variable containing distinct names. This approach offers greater flexibility, making it much easier to manage and distinguish multiple instances, especially as you scale your infrastructure.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">variable</span> <span class="s2">"instance_names"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"List of names for each EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"ubuntu_server_1"</span><span class="p">,</span> <span class="s2">"ubuntu_server_2"</span><span class="p">,</span> <span class="s2">"ubuntu_server_3"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"ubuntu_instance"</span> <span class="p">{</span> <span class="nx">count</span> <span class="p">=</span> <span class="nx">length</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span><span class="p">)</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0a0e5d9c7acc336f1"</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span><span class="p">[</span><span class="nx">count</span><span class="p">.</span><span class="nx">index</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>In this example, the <code>count</code> meta-argument is set to the length of <code>var.instance_names</code>, ensuring that the number of instances matches the number of names in the list. The <code>count.index</code> attribute (which is a zero-based index) retrieves the corresponding name from <code>var.instance_names</code> for each instance. This means:</p> <ul> <li>During the first iteration (<code>count.index = 0</code>), the instance gets the tag <code>Name = "ubuntu_server_1"</code>.</li> <li>In the second iteration (<code>count.index = 1</code>), the tag is <code>Name = "ubuntu_server_2"</code>.</li> <li>In the third iteration (<code>count.index = 2</code>), the tag is <code>Name = "ubuntu_server_3"</code>.</li> </ul> <h3> Referring to the Instance IDs </h3> <p>In Terraform, when using the <code>count</code> meta-argument, multiple instances of a resource are created and stored in a list-like structure. This means each instance can be accessed using an index, just as you would with elements in a list or array. Let’s break down how to refer to individual instances and all instances collectively:</p> <h4> Accessing a Single Instance </h4> <p>Each instance created by Terraform is assigned an index starting from <code>0</code>. To refer to the first instance, use the syntax <code>aws_instance.ubuntu_instance[0]</code>. This allows you to access the properties of that specific instance, such as its <code>id</code>.</p> <p>For example, the following output block retrieves the ID of the first instance:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># Output the ID of the first ubuntu_instance</span> <span class="nx">output</span> <span class="s2">"ubuntu_server_1_id"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">ubuntu_instance</span><span class="p">[</span><span class="mi">0</span><span class="p">].</span><span class="nx">id</span> <span class="p">}</span> </code></pre> </div> <p>Here, <code>aws_instance.ubuntu_instance[0].id</code> refers to the <code>id</code> attribute of the first instance in the list.</p> <h4> Accessing All Instances </h4> <p>When you want to access all instances as a whole, you can use the <code>[*]</code> operator, which represents all elements in the list. This method extracts the <code>id</code> attribute from every instance and returns them as a list of IDs.</p> <p>For example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># Output the IDs of all ubuntu_instances</span> <span class="nx">output</span> <span class="s2">"all_ubuntu_servers_ids"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">ubuntu_instance</span><span class="p">[*].</span><span class="nx">id</span> <span class="p">}</span> </code></pre> </div> <p>In this case, <code>aws_instance.ubuntu_instance[*].id</code> gathers the <code>id</code> of every instance created and stores them in a list. If you have three instances, the output will be something like: <code>["i-0abcd1234", "i-0abcd5678", "i-0abcd91011"]</code>.</p> <h4> How This Works </h4> <ul> <li>When Terraform creates resources using <code>count</code>, it automatically manages them in an ordered list, with <code>count.index</code> determining their position.</li> <li>You can then use index-based referencing (<code>[0]</code>, <code>[1]</code>, etc.) to target individual instances or the <code>[*]</code> Splat Expressions to refer to all instances collectively.</li> </ul> <h3> Why This Approach Is Effective </h3> <p>This method solves the problem of identical tags and makes it easy to modify or expand your infrastructure. If you need more instances in the future, simply update the <code>instance_names</code> variable with additional names, and Terraform will handle the rest, ensuring each instance is uniquely tagged. This approach maintains clarity, efficiency, and flexibility, allowing for easy scaling and management of your infrastructure.</p> <h2> Example 3: Using the count Meta Argument with Conditional Expressions </h2> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_names"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"List of names for each EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"ubuntu_server_1"</span><span class="p">,</span> <span class="s2">"ubuntu_server_2"</span><span class="p">,</span> <span class="s2">"ubuntu_server_3"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"instance_type"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"The type of EC2 instance to create"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"ubuntu_instance"</span> <span class="p">{</span> <span class="nx">count</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_type</span> <span class="p">==</span> <span class="s2">"t2.micro"</span> <span class="err">?</span> <span class="nx">length</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span><span class="p">)</span> <span class="err">:</span> <span class="mi">1</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_type</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0a0e5d9c7acc336f1"</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span><span class="p">[</span><span class="nx">count</span><span class="p">.</span><span class="nx">index</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>In this example, the <code>count</code> meta-argument is controlled by a conditional expression:</p> <ul> <li><code>count = var.instance_type == "t2.micro" ? length(var.instance_names) : 1</code></li> </ul> <p>This line means:</p> <ul> <li>If the <code>instance_type</code> variable is <code>"t2.micro"</code>, the <code>count</code> value will be set to <code>length(var.instance_names)</code>, which in this case is <code>3</code>. This results in creating three EC2 instances, each with a unique name from the <code>instance_names</code> list.</li> <li>If <code>instance_type</code> is any other value, the <code>count</code> becomes <code>1</code>, meaning only one instance will be created.</li> </ul> <h2> Example 4: Using the count Meta Argument in Data Blocks </h2> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_names"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"List of names for each EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"ubuntu_server_1"</span><span class="p">,</span> <span class="s2">"ubuntu_server_2"</span><span class="p">,</span> <span class="s2">"ubuntu_server_3"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">data</span> <span class="s2">"aws_instances"</span> <span class="s2">"ubuntu_instance"</span> <span class="p">{</span> <span class="nx">count</span> <span class="p">=</span> <span class="mi">2</span> <span class="nx">filter</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"tag:Name"</span> <span class="nx">values</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span> <span class="p">}</span> <span class="nx">filter</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"instance-state-name"</span> <span class="nx">values</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"running"</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>In this example, the <code>count</code> meta-argument is utilized within a data block to dynamically control how many instances of data are retrieved from AWS.</p> <h3> How count Works in Data Blocks </h3> <ul> <li><p><strong>Dynamic Retrieval</strong>: By setting <code>count = 2</code>, Terraform retrieves data for two instances that match the specified filters.</p></li> <li> <p><strong>Filter Criteria</strong>:</p> <ul> <li> <strong>Tag Filter</strong>: The first filter looks for instances whose names match the values in <code>var.instance_names</code>.</li> <li> <strong>State Filter</strong>: The second filter ensures that only instances with the state "running" are considered.</li> </ul> </li> </ul> <h3> Which Instances Will Be Retrieved? </h3> <p>Assuming you have the following instances in AWS:</p> <ul> <li> <strong>ubuntu_server_1</strong> (running)</li> <li> <strong>ubuntu_server_2</strong> (stopped)</li> <li> <strong>ubuntu_server_3</strong> (running)</li> </ul> <p>With the filters applied, the retrieval results will be:</p> <ul> <li> <strong>ubuntu_server_1</strong>: Retrieved (running)</li> <li> <strong>ubuntu_server_3</strong>: Retrieved (running)</li> <li> <strong>ubuntu_server_2</strong>: Not retrieved (stopped)</li> </ul> <h3> Accessing Retrieved Instances </h3> <p>You can access the retrieved instances using the following syntax:</p> <ul> <li> <code>data.aws_instances.ubuntu_instance[0]</code> for <strong>ubuntu_server_1</strong>.</li> <li> <code>data.aws_instances.ubuntu_instance[1]</code> for <strong>ubuntu_server_3</strong>.</li> </ul> <p>This structure allows you to effectively manage and interact with the relevant instance data directly within your Terraform configuration, providing a clear and organized way to handle infrastructure resources.</p> <h2> Example 5: Using the count Meta Argument in the Root Module with a Child Module </h2> <h3> Child Module: modules/ec2_instance/main.tf </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_name"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Name of the EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"ubuntu_instance"</span> <span class="p">{</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0a0e5d9c7acc336f1"</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_name</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> Root Module: main.tf </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_count"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Number of EC2 instances to create"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">number</span> <span class="nx">default</span> <span class="p">=</span> <span class="mi">3</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"instance_names"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"List of names for each EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"ubuntu_server_1"</span><span class="p">,</span> <span class="s2">"ubuntu_server_2"</span><span class="p">,</span> <span class="s2">"ubuntu_server_3"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">module</span> <span class="s2">"ec2_instances"</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"./modules/ec2_instance"</span> <span class="nx">count</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_count</span> <span class="nx">instance_name</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span><span class="p">[</span><span class="nx">count</span><span class="p">.</span><span class="nx">index</span><span class="p">]</span> <span class="p">}</span> <span class="nx">output</span> <span class="s2">"instance_ids"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"IDs of the created EC2 instances"</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">module</span><span class="p">.</span><span class="nx">ec2_instances</span><span class="p">[*].</span><span class="nx">id</span> <span class="p">}</span> </code></pre> </div> <h3> Explanation of the Example </h3> <p>In this example, we explore how to effectively utilize the <code>count</code> meta-argument in a root module to provision multiple EC2 instances through a dedicated child module. This approach enhances modularity and reusability in Terraform configurations.</p> <h4> 1. <strong>Child Module: Definition and Purpose</strong> </h4> <p>The child module, located in <code>modules/ec2_instance/main.tf</code>, encapsulates the logic for creating a single EC2 instance. Key components include:</p> <ul> <li> <p><strong>Variable Declaration</strong>:</p> <ul> <li>The <code>instance_name</code> variable allows users to specify the name for each EC2 instance. This promotes flexibility, enabling different names to be assigned easily.</li> </ul> </li> <li> <p><strong>Resource Block</strong>:</p> <ul> <li>The <code>aws_instance</code> resource defines the properties of the EC2 instance, including its AMI and instance type. The instance is tagged with the name provided through the <code>instance_name</code> variable, ensuring that each instance can be uniquely identified in the AWS Management Console.</li> </ul> </li> </ul> <h4> 2. <strong>Root Module: Configuration and Logic</strong> </h4> <p>The root module, defined in <code>main.tf</code>, orchestrates the creation of multiple EC2 instances using the child module. Here’s how it works:</p> <ul> <li> <p><strong>Variable Definitions</strong>:</p> <ul> <li> <code>instance_count</code>: This variable dictates how many EC2 instances will be created, defaulting to <code>3</code>. It provides the ability to scale the number of instances up or down based on needs.</li> <li> <code>instance_names</code>: This list variable contains predefined names for each EC2 instance. This ensures that when instances are created, they can be easily distinguished by their assigned names.</li> </ul> </li> <li> <p><strong>Module Invocation</strong>:</p> <ul> <li>The <code>module</code> block calls the <code>ec2_instances</code> module.</li> <li>The <code>count</code> meta-argument is set to <code>var.instance_count</code>, allowing Terraform to create the specified number of instances.</li> <li>The <code>instance_name</code> for each instance is assigned dynamically using <code>var.instance_names[count.index]</code>. This indexing allows for seamless mapping of names to instances.</li> </ul> </li> </ul> <h4> 3. <strong>Output Block: Retrieving Instance IDs</strong> </h4> <p>At the end of the configuration, the output block provides a way to retrieve the IDs of all created EC2 instances. By referencing <code>module.ec2_instances[*].id</code>, you can access the IDs in a straightforward manner, which is particularly useful for subsequent operations or outputs.</p> <h3> How It Works </h3> <p>When this configuration is applied, Terraform will:</p> <ol> <li>Create the number of EC2 instances specified by <code>instance_count</code>.</li> <li>Assign each instance a unique name from the <code>instance_names</code> list based on its index in the creation process.</li> <li>Return the IDs of the created instances, making it easy to reference them in future configurations or for monitoring purposes.</li> </ol> <p>Here's a comprehensive completion that covers the limitations of the <code>count</code> meta-argument with well-explained details and examples:</p> <h3> Limitations of the count Meta Argument in Terraform </h3> <p>The <code>count</code> meta-argument in Terraform is a versatile feature that enables you to create multiple instances of a resource or module based on a specified count value. While it’s a powerful tool for scaling, it also comes with some important limitations and caveats that can lead to challenges if not carefully managed. Let’s explore these limitations and understand when it might be better to consider alternative approaches, such as <code>for_each</code>.</p> <h3> 1. Lack of Flexibility with Dynamic Blocks </h3> <p>The <code>count</code> meta-argument doesn’t work well with dynamic blocks. This limitation arises because the <code>count</code> argument controls the creation of entire resource instances rather than individual blocks within those resources. Therefore, you can't use <code>count</code> to create multiple dynamic blocks within a single resource configuration.</p> <h3> 2. Unintended Changes Due to Ordering </h3> <p>One of the most significant limitations of using <code>count</code> is its reliance on the order of the list used to generate resource instances. Changes in the order of this list can lead to potentially destructive changes in your infrastructure, as Terraform may interpret these changes as the need to delete and recreate resources—even if the actual data hasn’t changed.</p> <h4> Example: </h4> <p>Let's consider an example with AWS EC2 instances where the <code>count</code> meta-argument is based on a list variable.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_names"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"List of names for each EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"linux_server_1"</span><span class="p">,</span> <span class="s2">"linux_server_2"</span><span class="p">,</span> <span class="s2">"linux_server_3"</span><span class="p">,</span> <span class="s2">"linux_server_4"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"linux_instance"</span> <span class="p">{</span> <span class="nx">count</span> <span class="p">=</span> <span class="nx">length</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span><span class="p">)</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-12345678"</span> <span class="c1"># Example AMI ID</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span><span class="p">[</span><span class="nx">count</span><span class="p">.</span><span class="nx">index</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>With this configuration, Terraform creates instances based on the <code>instance_names</code> list as follows:</p> <ul> <li> <code>aws_instance.linux_instance[0]</code> is assigned to <strong>linux_server_1</strong> </li> <li> <code>aws_instance.linux_instance[1]</code> is assigned to <strong>linux_server_2</strong> </li> <li> <code>aws_instance.linux_instance[2]</code> is assigned to <strong>linux_server_3</strong> </li> <li> <code>aws_instance.linux_instance[3]</code> is assigned to <strong>linux_server_4</strong> </li> </ul> <p>However, if we change the <code>instance_names</code> variable to:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_names"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"List of names for each EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"linux_server_1"</span><span class="p">,</span> <span class="s2">"linux_server_3"</span><span class="p">,</span> <span class="s2">"linux_server_4"</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <p>Terraform would now interpret the instances as:</p> <ul> <li> <code>aws_instance.linux_instance[0]</code> for <strong>linux_server_1</strong> </li> <li> <code>aws_instance.linux_instance[1]</code> for <strong>linux_server_3</strong> </li> <li> <code>aws_instance.linux_instance[2]</code> for <strong>linux_server_4</strong> </li> </ul> <p>Notice that <code>linux_server_2</code> has been removed, and the remaining instances have shifted their positions. As a result, Terraform will plan to destroy <code>linux_server_2</code> and recreate <code>linux_server_3</code> and <code>linux_server_4</code> because their index positions have changed. This can cause unexpected downtime or disruptions, especially in a production environment with a large number of instances.</p> <h4> The Risks of Using count </h4> <p>This issue becomes even more critical with stateful resources such as databases (e.g., RDS instances) where data loss can occur if resources are unintentionally recreated. Relying on <code>count</code> in such scenarios can be risky and might lead to downtime or data loss if not handled carefully.</p> <h3> A Better Alternative: Using for_each </h3> <p>For use cases where you need more control and flexibility, the <code>for_each</code> meta-argument offers a safer and more reliable option. Unlike <code>count</code>, <code>for_each</code> allows you to create resources based on a map or set of strings, and the resource instances are uniquely identified by their keys rather than their index. This makes it much more robust against changes in ordering.</p> <p>For example, using <code>for_each</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_names"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"List of names for each EC2 instance"</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"linux_server_1"</span><span class="p">,</span> <span class="s2">"linux_server_2"</span><span class="p">,</span> <span class="s2">"linux_server_3"</span><span class="p">,</span> <span class="s2">"linux_server_4"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"linux_instance"</span> <span class="p">{</span> <span class="nx">for_each</span> <span class="p">=</span> <span class="nx">toset</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">instance_names</span><span class="p">)</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-12345678"</span> <span class="c1"># Example AMI ID</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="nx">each</span><span class="p">.</span><span class="nx">key</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>With this approach, each instance is created with a unique key, meaning changes in the list won’t lead to the destruction and recreation of resources. This makes <code>for_each</code> a much safer choice for dynamic configurations.</p> <h2> Final Thoughts </h2> <p>While the <code>count</code> meta-argument is a convenient tool for scaling resources, its limitations, particularly with dynamic blocks and ordering sensitivity, can make it unsuitable for more complex configurations. It's crucial to be aware of these limitations to avoid unintended disruptions in your infrastructure. When you need greater control, flexibility, and reliability, consider using <code>for_each</code> as a more robust alternative in your Terraform configurations. This ensures that your infrastructure remains resilient and adaptable to changes without the risk of unnecessary downtime or data loss.</p> terraform aws cloud devops Introduction to Terraform Variables(Input) and Values Panchanan Panigrahi Sun, 22 Sep 2024 14:25:35 +0000 https://dev.to/sre_panchanan/introduction-to-terraform-variablesinput-and-values-1l1k https://dev.to/sre_panchanan/introduction-to-terraform-variablesinput-and-values-1l1k <ul> <li>Introduction</li> <li> What is a Terraform Module? <ul> <li>Simple Example of Terraform Modules</li> <li>NOTE:</li> <li>Directory Structure</li> <li>Root Module (<code>main.tf</code>)</li> <li>Child Module (<code>child.tf</code>, <code>variables.tf</code>, <code>outputs.tf</code>)</li> <li><code>child.tf</code></li> <li><code>variables.tf</code></li> <li><code>outputs.tf</code></li> <li>Summary</li> </ul> </li> <li>Module Analogy: Functions in Programming</li> <li> Input Variables: <ul> <li>Declaring an Input Variable</li> <li>Arguments for Input Variables:</li> <li>Types of Input Variables</li> <li>String Type:</li> <li>Number Type:</li> <li>Boolean Type:</li> <li>List Type:</li> <li>Set Type:</li> <li>Tuple Type:</li> <li>Object Type:</li> <li>Map Type:</li> </ul> </li> <li> Local Values: <ul> <li>Local Values vs Input Variables</li> <li>How to Use Local Values:</li> </ul> </li> <li> Output Values: <ul> <li>How to Use Output Values</li> <li><strong>Syntax for Declaring Output Values</strong></li> <li><strong>Examples of Output Values</strong></li> <li><strong>1. Output from a Resource</strong></li> <li><strong>2. Output from a Data Source</strong></li> <li><strong>3. Output from Local Values</strong></li> <li> <strong>4. Output from Child Module to Root Module</strong> <ul> <li>In the Child Module:</li> <li>In the Root Module:</li> </ul> </li> </ul> </li> <li> Deploying Nginx on an Ubuntu EC2 Instance Using Terraform Modules <ul> <li>Project Directory Structure:</li> <li>Specify the Terraform Version:</li> <li>Define Networking for EC2 Instance:</li> <li>Create AWS kay_pair for EC2:</li> <li>Create EC2 Instance:</li> <li>Create the <code>nginx-script.sh</code>:</li> <li>Create the variables:</li> <li>Create output values:</li> <li>Define <code>main.tf</code> in root module:</li> <li>output value for ubuntu public_ip:</li> </ul> </li> <li> Initialize our infrastructure: <ul> <li>Plan our infrastructure:</li> <li>Apply our infrastructure:</li> <li>Check through AWS UI:</li> <li>Access Through Port 80 in Your Browser:</li> <li>Destroy the Infrastructure:</li> </ul> </li> <li>Conclusion</li> </ul> <h2> Introduction </h2> <p>Variables are fundamental building blocks in programming, acting as placeholders for dynamic data. They allow us to store and manipulate temporary values, enabling flexibility and adaptability in program logic—from simple to complex applications.</p> <p>In this post, we'll explore the basics of Terraform values and Input variables. This is the foundation for working with Terraform, and in future posts, we’ll dive deeper into each type of Terraform value and Input variable.</p> <p>At the end of each section, I’ll provide a hyperlink to a more detailed blog post on that specific topic, so you can easily explore it further. This approach allows us to gradually build our knowledge of Terraform concepts without being overwhelmed by their complexity.</p> <p>Let’s get started!</p> <h2> What is a Terraform Module? </h2> <p>In Terraform, <strong>modules</strong> are essential building blocks that group multiple resources together for reuse and organization. Every Terraform configuration is part of a module, even if it's just a single <code>.tf</code> file. Modules help manage complexity by allowing you to break down large infrastructure into smaller, manageable components.</p> <p>Since values and input variables are often used inside modules, it’s important to understand the basics of modules to get the full picture of how Terraform values and variables work.</p> <h3> Simple Example of Terraform Modules </h3> <p>Let’s look at a very basic example of a Terraform setup with a <strong>root</strong> module (the main configuration) and a <strong>child</strong> module (a reusable component).</p> <h4> NOTE: </h4> <ul> <li>The <strong>root module</strong> is your main entry point where you define and call other modules.</li> <li>The <strong>child module</strong> contains reusable infrastructure code.</li> </ul> <blockquote> <p>Don't worry about below file structures and codes, we will deep dive into modules in an upcoming blog.</p> </blockquote> <h3> Directory Structure </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>project/ ├── main.tf ├── modules/ │ └── child_module/ │ ├── variables.tf │ ├── outputs.tf │ └── child.tf </code></pre> </div> <h3> Root Module (<code>main.tf</code>) </h3> <p>This is the root module, where you call other modules. In this case, we are using a simple child module:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># main.tf in the root module</span> <span class="nx">module</span> <span class="s2">"example"</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"./modules/child_module"</span> <span class="c1"># Pointing to the child module</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"my-instance"</span> <span class="c1"># Passing input variable to the child module</span> <span class="p">}</span> </code></pre> </div> <h3> Child Module (<code>child.tf</code>, <code>variables.tf</code>, <code>outputs.tf</code>) </h3> <blockquote> <p>Don’t worry about the code for now;, By the end of this post, you’ll be able to understand them with ease. Stay patient!</p> </blockquote> <p>The child module contains the actual infrastructure resources, input variables, and outputs. It’s like a reusable block of code.</p> <h4> <code>child.tf</code> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># child.tf in the child module</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"example"</span> <span class="p">{</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-123456"</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">name</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h4> <code>variables.tf</code> </h4> <p>Here, we define the input variables the child module expects:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># variables.tf in the child module</span> <span class="nx">variable</span> <span class="s2">"name"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Name tag for the instance"</span> <span class="p">}</span> </code></pre> </div> <h4> <code>outputs.tf</code> </h4> <p>And finally, we can define outputs to pass back information from the child module to the root module:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># outputs.tf in the child module</span> <span class="nx">output</span> <span class="s2">"instance_id"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">example</span><span class="p">.</span><span class="nx">id</span> <span class="p">}</span> </code></pre> </div> <h3> Summary </h3> <ul> <li>The <strong>root module</strong> is your main entry point where you define and call other modules.</li> <li>The <strong>child module</strong> contains reusable infrastructure code and can accept <strong>input variables</strong> and return <strong>outputs</strong>.</li> </ul> <p>By organizing your code into modules, you can create reusable, modular infrastructure, which becomes crucial when dealing with Terraform values and input variables.</p> <h2> Module Analogy: Functions in Programming </h2> <p>If you’re familiar with traditional programming languages, you can think of Terraform modules as being similar to functions:</p> <ul> <li> <strong>Input variables</strong> are like function arguments — they allow you to pass data into the module.</li> <li> <strong>Output values</strong> are like function return values — they allow the module to return data back to the calling module.</li> <li> <strong>Local values</strong> are like a function’s temporary local variables — used within the module for intermediate calculations or storage.</li> </ul> <p>Let’s break these down and understand each of them in turn.</p> <h2> Input Variables: </h2> <p>Input variables let you customize aspects of Terraform modules without altering the module's own source code. This functionality allows you to share modules across different Terraform configurations, making your module composable and reusable.</p> <p>When you declare variables in the root module of your configuration, you can set their values using CLI options and environment variables. When you declare them in child modules, the calling module should pass values in the module block.</p> <p><strong>Feel free to deep dive into this blog for more understanding:</strong> <a href="https://spacelift.io/blog/how-to-use-terraform-variables" rel="noopener noreferrer">How to Use Terraform Variables: Examples &amp; Best Practices</a></p> <blockquote> <p><strong>Note:</strong> For brevity, input variables are often referred to as just "variables" or "Terraform variables" when it is clear from context what sort of variable is being discussed. Other kinds of variables in Terraform include environment variables (set by the shell where Terraform runs) and expression variables (used to indirectly represent a value in an expression).</p> </blockquote> <h3> Declaring an Input Variable </h3> <p>Each input variable accepted by a module must be declared using a <code>variable</code> block.</p> <p>here are some examples of input variables:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">variable</span> <span class="s2">"instance_type"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Type of EC2 instance to be used"</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"region"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"us-east-1"</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"AWS region to deploy resources in"</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"db_password"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Password for the database"</span> <span class="nx">sensitive</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"availability_zone"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"The availability zone for the EC2 instance"</span> <span class="nx">nullable</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"ami_id"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"The AMI ID for the EC2 instance"</span> <span class="nx">validation</span> <span class="p">{</span> <span class="nx">condition</span> <span class="p">=</span> <span class="nx">length</span><span class="p">(</span><span class="nx">var</span><span class="p">.</span><span class="nx">ami_id</span><span class="p">)</span> <span class="err">&gt;</span> <span class="mi">0</span> <span class="nx">error_message</span> <span class="p">=</span> <span class="s2">"The AMI ID must not be empty"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> Arguments for Input Variables: </h3> <ul> <li> <code>default</code> - A default value which then makes the variable optional.</li> <li> <code>type</code> - This argument specifies what value types are accepted for the variable.</li> <li> <code>description</code> - This specifies the input variable's documentation.</li> <li> <code>validation</code> - A block to define validation rules, usually in addition to type constraints.</li> <li> <code>sensitive</code> - Limits Terraform UI output when the variable is used in configuration.</li> <li> <code>nullable</code> - Specify if the variable can be null within the module.</li> </ul> <h3> Types of Input Variables </h3> <p>Terraform input variables are categorized into two main types: <strong>simple</strong> and <strong>complex</strong>.</p> <ul> <li> <strong>Simple data types</strong>: String, Number, Bool</li> <li> <strong>Complex data types</strong>: List, Map, Tuple, Object, Set</li> </ul> <p>The following snippets provide examples for each type:</p> <h4> String Type: </h4> <ul> <li>Used to represent text values. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_name"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"my-instance"</span> <span class="p">}</span> </code></pre> </div> <h4> Number Type: </h4> <ul> <li>Represents numeric values, useful for counts or sizes. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_count"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">number</span> <span class="nx">default</span> <span class="p">=</span> <span class="mi">2</span> <span class="p">}</span> </code></pre> </div> <h4> Boolean Type: </h4> <ul> <li>Represents true or false values, ideal for feature flags. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"enable_monitoring"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">bool</span> <span class="nx">default</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> </code></pre> </div> <h4> List Type: </h4> <ul> <li>An ordered collection of values of the same type. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"allowed_ips"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">list</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"192.168.1.1"</span><span class="p">,</span> <span class="s2">"192.168.1.2"</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <h4> Set Type: </h4> <ul> <li>A unique, unordered collection of values. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"availability_zones"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">lt</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"us-east-1a"</span><span class="p">,</span> <span class="s2">"us-east-1b"</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <h4> Tuple Type: </h4> <ul> <li>A fixed-length collection of values with different types. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"example_tuple"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">tuple</span><span class="p">([</span><span class="nx">string</span><span class="p">,</span> <span class="nx">number</span><span class="p">,</span> <span class="nx">bool</span><span class="p">])</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"ami-123456"</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="kc">true</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <h4> Object Type: </h4> <ul> <li>A collection of named attributes, each with a specific type. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"instance_config"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">object</span><span class="p">({</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">disk_size</span> <span class="p">=</span> <span class="nx">number</span> <span class="p">})</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">disk_size</span> <span class="p">=</span> <span class="mi">30</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h4> Map Type: </h4> <ul> <li>A collection of key-value pairs, where all keys are the same type. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"tags"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">map</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"my-instance"</span> <span class="nx">Project</span> <span class="p">=</span> <span class="s2">"Terraform"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <blockquote> <p><strong>Note:</strong> At the later part of this post, we will learn how to pass values to input variables at run time through a real-world project.</p> </blockquote> <p>Now move to local values.</p> <h2> Local Values: </h2> <p>Terraform Locals are named values which can be assigned and used in your code. It mainly serves the purpose of reducing duplication within the Terraform code. When you use Locals in the code, since you are reducing duplication of the same value, you also increase the readability of the code.</p> <p><strong>Feel free to deep dive into this blog for more understanding:</strong> <a href="https://spacelift.io/blog/terraform-locals" rel="noopener noreferrer">Terraform Locals: What Are They, How to Use Them</a></p> <h3> Local Values vs Input Variables </h3> <ul> <li><p><strong>Input Variables</strong>: These are used to pass dynamic values into a Terraform module from outside, allowing you to customize your configuration without hardcoding values. Input variables are like function arguments, enabling flexibility and reuse of your modules across different environments.</p></li> <li><p><strong>Local Values</strong>: These are used within a module to define temporary, reusable values that simplify complex expressions or calculations. Unlike input variables, local values cannot be overridden from outside the module—they are only available within the module where they are defined.</p></li> </ul> <h3> How to Use Local Values: </h3> <p>When you use a Terraform local in the code, there are two parts to it: </p> <ul> <li>First, declare the local along and assign a value</li> <li>Then, use the local name anywhere in the code where that value is needed</li> </ul> <p>Local values in Terraform can be categorized into several types based on their data structures: <strong>simple</strong> (like strings, numbers, and booleans) and <strong>complex</strong> (such as lists, maps, tuples, and objects), allowing for flexibility and organization within your configuration.</p> <p>here is an example of local block:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">locals</span> <span class="p">{</span> <span class="c1"># String: Type of EC2 instance</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="c1"># Number: Number of EC2 instances to launch</span> <span class="nx">instance_count</span> <span class="p">=</span> <span class="mi">3</span> <span class="c1"># List: Allowed IP addresses</span> <span class="nx">allowed_ips</span> <span class="p">=</span> <span class="p">[</span> <span class="s2">"192.168.1.1"</span><span class="p">,</span> <span class="s2">"192.168.1.2"</span> <span class="p">]</span> <span class="c1"># Map: Key-value pairs for tagging resources</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"my-instance"</span> <span class="nx">Project</span> <span class="p">=</span> <span class="s2">"Terraform"</span> <span class="p">}</span> <span class="c1"># Object: Configurations for the EC2 instance</span> <span class="nx">instance_config</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="nx">local</span><span class="p">.</span><span class="nx">instance_type</span> <span class="nx">disk_size</span> <span class="p">=</span> <span class="mi">30</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <blockquote> <p><strong>Note:</strong> At the later part of this post, we will learn how to use Local Values inside a module through a real-world project.</p> </blockquote> <h2> Output Values: </h2> <p>Terraform outputs serve two main purposes:</p> <ol> <li> <strong>Printing details</strong>: They display information about a resource, data source, local value, or variable after deployment.</li> <li> <strong>Exporting details</strong>: When using modules, they allow you to export specific details about resources, data sources, locals, or variables for use outside the module.</li> </ol> <p><strong>Feel free to deep dive into this blog for more understanding:</strong> <a href="https://spacelift.io/blog/terraform-output" rel="noopener noreferrer">Terraform Output Values : Complete Guide &amp; Examples</a></p> <h3> How to Use Output Values </h3> <p>In Terraform, the <code>output</code> block is used to define output values. These values let you display important details from your configuration or share them with other modules.</p> <h4> <strong>Syntax for Declaring Output Values</strong> </h4> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"output_name"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">value_expression</span> <span class="c1"># The value you want to output, like a resource attribute</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Description of the output value"</span> <span class="c1"># Optional, but helps understand what the output represents</span> <span class="nx">sensitive</span> <span class="p">=</span> <span class="kc">true</span><span class="p">/</span><span class="kc">false</span> <span class="c1"># Optional; hides the output if set to true (useful for sensitive data like passwords)</span> <span class="p">}</span> </code></pre> </div> <p>Let’s look at examples to understand how to use output values in different scenarios.</p> <h3> <strong>Examples of Output Values</strong> </h3> <h4> <strong>1. Output from a Resource</strong> </h4> <p>When working with resources, you might want to extract specific details. For example, after creating an AWS EC2 instance, you might want to get its public IP to connect to it.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># Defining an AWS EC2 instance resource</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"example"</span> <span class="p">{</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0c55b159cbfafe1f0"</span> <span class="c1"># Amazon Machine Image ID</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="c1"># Instance type</span> <span class="p">}</span> <span class="c1"># Output block to fetch the public IP of the created instance</span> <span class="nx">output</span> <span class="s2">"instance_public_ip"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">example</span><span class="p">.</span><span class="nx">public_ip</span> <span class="c1"># Fetching the public IP from the resource</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"The public IP address of the EC2 instance"</span> <span class="p">}</span> </code></pre> </div> <p>In this example, <code>aws_instance.example.public_ip</code> retrieves the public IP address from the created instance, and the <code>output</code> block makes this value available for you to see when you run <code>terraform apply</code>.</p> <h4> <strong>2. Output from a Data Source</strong> </h4> <p>Data sources fetch information from existing resources, and you can use outputs to display that data. For instance, you might want to know which AWS region your configuration is using.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># Defining a data source to get the current AWS region</span> <span class="nx">data</span> <span class="s2">"aws_region"</span> <span class="s2">"current"</span> <span class="p">{}</span> <span class="c1"># Output block to display the AWS region</span> <span class="nx">output</span> <span class="s2">"aws_current_region"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">aws_region</span><span class="p">.</span><span class="nx">current</span><span class="p">.</span><span class="nx">name</span> <span class="c1"># Getting the region name from the data source</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"The current AWS region being used"</span> <span class="p">}</span> </code></pre> </div> <p>Here, <code>data.aws_region.current.name</code> fetches the region name from the data source, and the output block makes this value visible.</p> <h4> <strong>3. Output from Local Values</strong> </h4> <p>Local values help define reusable expressions, and you can output them if needed. For example, let’s say you generated a unique S3 bucket name and want to display it.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># Defining local values</span> <span class="nx">locals</span> <span class="p">{</span> <span class="nx">bucket_name</span> <span class="p">=</span> <span class="s2">"my-app-bucket-${random_id.bucket.hex}"</span> <span class="c1"># Creating a unique bucket name</span> <span class="p">}</span> <span class="c1"># Output block to display the local bucket name</span> <span class="nx">output</span> <span class="s2">"local_bucket_name"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">local</span><span class="p">.</span><span class="nx">bucket_name</span> <span class="c1"># Using the local value as the output</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"The dynamically generated S3 bucket name"</span> <span class="p">}</span> </code></pre> </div> <p>In this case, <code>local.bucket_name</code> is a local value, and the output block allows you to see the generated bucket name when you run Terraform commands.</p> <h4> <strong>4. Output from Child Module to Root Module</strong> </h4> <p>If you're using modules, you might want to pass information from a child module back to the root module. This allows the parent configuration to access values from the child.</p> <h5> In the Child Module: </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># Output block in the child module to expose the VPC ID</span> <span class="nx">output</span> <span class="s2">"vpc_id"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main</span><span class="p">.</span><span class="nx">id</span> <span class="c1"># The VPC ID from the resource in the child module</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"The VPC ID from the child module"</span> <span class="p">}</span> </code></pre> </div> <h5> In the Root Module: </h5> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># Defining the module in the root configuration</span> <span class="nx">module</span> <span class="s2">"network"</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"./modules/network"</span> <span class="c1"># Path to the child module</span> <span class="p">}</span> <span class="c1"># Output block to use the child module's output</span> <span class="nx">output</span> <span class="s2">"child_vpc_id"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">module</span><span class="p">.</span><span class="nx">network</span><span class="p">.</span><span class="nx">vpc_id</span> <span class="c1"># Accessing the output from the child module</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"The VPC ID obtained from the child module"</span> <span class="p">}</span> </code></pre> </div> <p>Here, the child module exposes its <code>vpc_id</code> using an output block, and the root module accesses this value through <code>module.network.vpc_id</code>.</p> <p><strong>Congratulation!!!</strong>, you have learned fundamental concepts of the Terraform module, Input Variable, local values, and output values. Now time to use these concepts, in a hands-on project.</p> <h2> Deploying Nginx on an Ubuntu EC2 Instance Using Terraform Modules </h2> <p>The purpose of this guide is to demonstrate how to create an EC2 instance and deploy Nginx on it using Terraform modules. Through this process, we will explore the use of Terraform input variables and values.</p> <p>If you get stuck at any point, you can refer to the code examples and configurations in my GitHub repo for this blog: <a href="https://github.com/panchanandevops/Infrastructure-Nginx" rel="noopener noreferrer">Infrastructure-Nginx</a></p> <h3> Project Directory Structure: </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Infrastructure-Nginx/ ├── README.md ├── main.tf ├── outputs.tf └── nginx-module/ ├── ec2.tf ├── key-pair.tf ├── networking.tf ├── outputs.tf ├── scripts/ │ └── nginx-script.sh ├── variables.tf └── version.tf </code></pre> </div> <p>The <code>Infrastructure-Nginx</code> directory serves as the root module, where we will invoke the child module named <code>nginx-module</code>. </p> <p>So, Let's first set up our <code>nginx-module</code>.</p> <h3> Specify the Terraform Version: </h3> <p>Paste the following code snippet inside <code>nginx-module/version.tf</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">terraform</span> <span class="p">{</span> <span class="nx">required_version</span> <span class="p">=</span> <span class="s2">"&gt;= 1.0"</span> <span class="nx">required_providers</span> <span class="p">{</span> <span class="nx">aws</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"hashicorp/aws"</span> <span class="nx">version</span> <span class="p">=</span> <span class="s2">"~&gt; 5.56"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>This configuration specifies that Terraform should use the AWS provider and ensures compatibility with Terraform version 1.0 or higher. The provider version is locked to ensure stability and prevent unexpected updates.</p> <h3> Define Networking for EC2 Instance: </h3> <p>In the <code>nginx-module/networking.tf</code> file, add the following code:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># Create VPC</span> <span class="nx">resource</span> <span class="s2">"aws_vpc"</span> <span class="s2">"main_vpc"</span> <span class="p">{</span> <span class="nx">cidr_block</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">vpc</span><span class="p">[</span><span class="s2">"cidr_block"</span><span class="p">]</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"main-vpc"</span> <span class="p">}</span> <span class="p">}</span> <span class="c1"># Create Internet Gateway</span> <span class="nx">resource</span> <span class="s2">"aws_internet_gateway"</span> <span class="s2">"igw"</span> <span class="p">{</span> <span class="nx">vpc_id</span> <span class="p">=</span> <span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">id</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"main-igw"</span> <span class="p">}</span> <span class="p">}</span> <span class="c1"># Create a Public Subnet</span> <span class="nx">resource</span> <span class="s2">"aws_subnet"</span> <span class="s2">"public_subnet"</span> <span class="p">{</span> <span class="nx">vpc_id</span> <span class="p">=</span> <span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">id</span> <span class="nx">cidr_block</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">subnet</span><span class="p">.</span><span class="nx">cidr_block</span> <span class="nx">availability_zone</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">subnet</span><span class="p">.</span><span class="nx">availability_zone</span> <span class="nx">map_public_ip_on_launch</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">subnet</span><span class="p">.</span><span class="nx">map_public_ip_on_launch</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"public-subnet"</span> <span class="p">}</span> <span class="p">}</span> <span class="c1"># Create Route Table</span> <span class="nx">resource</span> <span class="s2">"aws_route_table"</span> <span class="s2">"public_rt"</span> <span class="p">{</span> <span class="nx">vpc_id</span> <span class="p">=</span> <span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">id</span> <span class="nx">route</span> <span class="p">{</span> <span class="nx">cidr_block</span> <span class="p">=</span> <span class="s2">"0.0.0.0/0"</span> <span class="nx">gateway_id</span> <span class="p">=</span> <span class="nx">aws_internet_gateway</span><span class="p">.</span><span class="nx">igw</span><span class="p">.</span><span class="nx">id</span> <span class="p">}</span> <span class="p">}</span> <span class="c1"># Associate Route Table with Subnet</span> <span class="nx">resource</span> <span class="s2">"aws_route_table_association"</span> <span class="s2">"public_rt_association"</span> <span class="p">{</span> <span class="nx">subnet_id</span> <span class="p">=</span> <span class="nx">aws_subnet</span><span class="p">.</span><span class="nx">public_subnet</span><span class="p">.</span><span class="nx">id</span> <span class="nx">route_table_id</span> <span class="p">=</span> <span class="nx">aws_route_table</span><span class="p">.</span><span class="nx">public_rt</span><span class="p">.</span><span class="nx">id</span> <span class="p">}</span> <span class="c1"># Create Security Group</span> <span class="nx">resource</span> <span class="s2">"aws_security_group"</span> <span class="s2">"allow_ssh_http_https"</span> <span class="p">{</span> <span class="nx">vpc_id</span> <span class="p">=</span> <span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">id</span> <span class="nx">ingress</span> <span class="p">{</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">ingress</span><span class="p">[</span><span class="s2">"ssh_port"</span><span class="p">]</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">ingress</span><span class="p">[</span><span class="s2">"ssh_port"</span><span class="p">]</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">ingress</span> <span class="p">{</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">ingress</span><span class="p">[</span><span class="s2">"http_port"</span><span class="p">]</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">ingress</span><span class="p">[</span><span class="s2">"http_port"</span><span class="p">]</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">ingress</span> <span class="p">{</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">ingress</span><span class="p">[</span><span class="s2">"https_port"</span><span class="p">]</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">ingress</span><span class="p">[</span><span class="s2">"https_port"</span><span class="p">]</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">egress</span> <span class="p">{</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">egress_port</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">egress_port</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"-1"</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"allow-ssh-http-https"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>This code creates a VPC with an internet gateway, a public subnet with a specified CIDR block and availability zone, and sets up a route table. It also defines a security group that allows only specific ingress and egress traffic.</p> <h3> Create AWS kay_pair for EC2: </h3> <p>Add the following code in <code>key-pair.tf</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"tls_private_key"</span> <span class="s2">"ssh_key"</span> <span class="p">{</span> <span class="nx">algorithm</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">tls_keys</span><span class="p">.</span><span class="nx">algorithm</span> <span class="nx">rsa_bits</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">tls_keys</span><span class="p">.</span><span class="nx">rsa_bits</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"local_file"</span> <span class="s2">"private_key"</span> <span class="p">{</span> <span class="nx">content</span> <span class="p">=</span> <span class="nx">tls_private_key</span><span class="p">.</span><span class="nx">ssh_key</span><span class="p">.</span><span class="nx">private_key_pem</span> <span class="nx">filename</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">tls_keys</span><span class="p">.</span><span class="nx">private_key_filename</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"local_file"</span> <span class="s2">"public_key"</span> <span class="p">{</span> <span class="nx">content</span> <span class="p">=</span> <span class="nx">tls_private_key</span><span class="p">.</span><span class="nx">ssh_key</span><span class="p">.</span><span class="nx">public_key_openssh</span> <span class="nx">filename</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">tls_keys</span><span class="p">.</span><span class="nx">public_key_filename</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_key_pair"</span> <span class="s2">"deployer"</span> <span class="p">{</span> <span class="nx">key_name</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">aws_key_pair_name</span> <span class="nx">public_key</span> <span class="p">=</span> <span class="nx">tls_private_key</span><span class="p">.</span><span class="nx">ssh_key</span><span class="p">.</span><span class="nx">public_key_openssh</span> <span class="p">}</span> </code></pre> </div> <p>This configuration generates TLS keys and stores them in specified locations. The public key is used to create the AWS key pair.</p> <h3> Create EC2 Instance: </h3> <p>In <code>ec2.tf</code>, add the following code:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># Create Ubuntu EC2 Instance</span> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"ubuntu_instance"</span> <span class="p">{</span> <span class="nx">ami</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">ec2_instance</span><span class="p">.</span><span class="nx">ami</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">ec2_instance</span><span class="p">.</span><span class="nx">instance_type</span> <span class="nx">associate_public_ip_address</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">ec2_instance</span><span class="p">.</span><span class="nx">associate_public_ip_address</span> <span class="nx">subnet_id</span> <span class="p">=</span> <span class="nx">aws_subnet</span><span class="p">.</span><span class="nx">public_subnet</span><span class="p">.</span><span class="nx">id</span> <span class="nx">vpc_security_group_ids</span> <span class="p">=</span> <span class="p">[</span><span class="nx">aws_security_group</span><span class="p">.</span><span class="nx">allow_ssh_http_https</span><span class="p">.</span><span class="nx">id</span><span class="p">]</span> <span class="nx">key_name</span> <span class="p">=</span> <span class="nx">aws_key_pair</span><span class="p">.</span><span class="nx">deployer</span><span class="p">.</span><span class="nx">key_name</span> <span class="nx">depends_on</span> <span class="p">=</span> <span class="p">[</span> <span class="nx">aws_security_group</span><span class="p">.</span><span class="nx">allow_ssh_http_https</span><span class="p">,</span> <span class="nx">aws_internet_gateway</span><span class="p">.</span><span class="nx">igw</span> <span class="p">]</span> <span class="nx">user_data</span> <span class="p">=</span> <span class="nx">file</span><span class="p">(</span><span class="s2">"${path.module}/scripts/nginx-script.sh"</span><span class="p">)</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"ubuntu-instance"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>this will create an ubuntu instance and then use the <code>nginx-script.sh</code> as <code>user_data</code> to install and run nginx onto it.</p> <h3> Create the <code>nginx-script.sh</code>: </h3> <p>In the <code>scripts</code> folder, create a file named <code>nginx-script.sh</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1">#!/bin/bash</span> <span class="nx">sudo</span> <span class="nx">apt</span> <span class="nx">update</span> <span class="nx">-y</span> <span class="nx">sudo</span> <span class="nx">apt</span> <span class="nx">install</span> <span class="nx">-y</span> <span class="nx">nginx</span> <span class="c1"># Create index.html with H1 tag in the default NGINX web directory</span> <span class="nx">echo</span> <span class="s2">"&lt;h1&gt;Hello From Ubuntu EC2 Instance!!!&lt;/h1&gt;"</span> <span class="err">|</span> <span class="nx">sudo</span> <span class="nx">tee</span> <span class="err">/</span><span class="nx">var</span><span class="err">/</span><span class="nx">www</span><span class="err">/</span><span class="nx">html</span><span class="err">/</span><span class="nx">index</span><span class="err">.</span><span class="nx">html</span> <span class="c1"># Restart NGINX to apply the changes</span> <span class="nx">sudo</span> <span class="nx">systemctl</span> <span class="nx">restart</span> <span class="nx">nginx</span> </code></pre> </div> <p>this will greet <code>Hello From Ubuntu EC2 Instance!!!</code> on port 80.</p> <h3> Create the variables: </h3> <p>In <code>variables.tf</code>, add:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"tls_keys"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"TLS key configuration: includes the algorithm used, RSA bit size, and filenames for the private and public keys."</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">object</span><span class="p">({</span> <span class="nx">algorithm</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">rsa_bits</span> <span class="p">=</span> <span class="nx">number</span> <span class="nx">private_key_filename</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">public_key_filename</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">})</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">algorithm</span> <span class="p">=</span> <span class="s2">"your_algorithm"</span> <span class="nx">rsa_bits</span> <span class="p">=</span> <span class="mi">2048</span> <span class="nx">private_key_filename</span> <span class="p">=</span> <span class="s2">"your_private_key_path"</span> <span class="nx">public_key_filename</span> <span class="p">=</span> <span class="s2">"your_public_key_path"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"aws_key_pair_name"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"The name of the AWS key pair to be used for SSH access."</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">default</span> <span class="p">=</span> <span class="s2">"your_key_pair_name"</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"vpc"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"VPC configuration with CIDR block for defining the network range."</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">map</span><span class="p">(</span><span class="nx">string</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">cidr_block</span> <span class="p">=</span> <span class="s2">"your_cidr_block"</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"subnet"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Subnet configuration: includes CIDR block, availability zone, and whether to assign public IPs."</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">object</span><span class="p">({</span> <span class="nx">cidr_block</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">availability_zone</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">map_public_ip_on_launch</span> <span class="p">=</span> <span class="nx">bool</span> <span class="p">})</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">cidr_block</span> <span class="p">=</span> <span class="s2">"your_subnet_cidr_block"</span> <span class="nx">availability_zone</span> <span class="p">=</span> <span class="s2">"your_availability_zone"</span> <span class="nx">map_public_ip_on_launch</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"ingress"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Ingress rules for allowed inbound traffic: HTTP, HTTPS, and SSH port numbers."</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">map</span><span class="p">(</span><span class="nx">number</span><span class="p">)</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">http_port</span> <span class="p">=</span> <span class="mi">80</span> <span class="nx">https_port</span> <span class="p">=</span> <span class="mi">443</span> <span class="nx">ssh_port</span> <span class="p">=</span> <span class="mi">22</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"egress_port"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Egress port configuration, representing the allowed outbound port range."</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">number</span> <span class="nx">default</span> <span class="p">=</span> <span class="mi">0</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"ec2_instance"</span> <span class="p">{</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"EC2 instance configuration: includes AMI ID, instance type, and whether to associate a public IP address."</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">object</span><span class="p">({</span> <span class="nx">ami</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="nx">string</span> <span class="nx">associate_public_ip_address</span> <span class="p">=</span> <span class="nx">bool</span> <span class="p">})</span> <span class="nx">default</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"your_ami_id"</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"your_instance_type"</span> <span class="nx">associate_public_ip_address</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Define all required variables with descriptions.</p> <h3> Create output values: </h3> <p>In <code>outputs.tf</code>, add:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="c1"># Output the Public IPs</span> <span class="nx">output</span> <span class="s2">"ubuntu_instance_public_ip"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">ubuntu_instance</span><span class="p">.</span><span class="nx">public_ip</span> <span class="p">}</span> </code></pre> </div> <p>This output displays the public IP of the EC2 instance.</p> <p>looks good, now time to use this module in the root module.</p> <h3> Define <code>main.tf</code> in root module: </h3> <p>here we will define <code>provider block</code> and give source to our <code>nginx-module</code> then pass the values to our <code>nginx-module input variables</code>. we will local values to pass the values to module.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">locals</span> <span class="p">{</span> <span class="nx">tls_keys</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">algorithm</span> <span class="p">=</span> <span class="s2">"RSA"</span> <span class="nx">rsa_bits</span> <span class="p">=</span> <span class="mi">4096</span> <span class="nx">private_key_filename</span> <span class="p">=</span> <span class="s2">"./.ssh/terraform_rsa"</span> <span class="nx">public_key_filename</span> <span class="p">=</span> <span class="s2">"./.ssh/terraform_rsa.pub"</span> <span class="p">}</span> <span class="nx">aws_key_pair_name</span> <span class="p">=</span> <span class="s2">"ubuntu_ssh_key"</span> <span class="nx">vpc</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">cidr_block</span> <span class="p">=</span> <span class="s2">"10.0.0.0/16"</span> <span class="p">}</span> <span class="nx">subnet</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">cidr_block</span> <span class="p">=</span> <span class="s2">"10.0.1.0/24"</span> <span class="nx">availability_zone</span> <span class="p">=</span> <span class="s2">"us-east-1a"</span> <span class="nx">map_public_ip_on_launch</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="nx">ingress</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">http_port</span> <span class="p">=</span> <span class="mi">80</span> <span class="nx">https_port</span> <span class="p">=</span> <span class="mi">443</span> <span class="nx">ssh_port</span> <span class="p">=</span> <span class="mi">22</span> <span class="p">}</span> <span class="nx">egress_port</span> <span class="p">=</span> <span class="mi">0</span> <span class="nx">ec2_instance</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0a0e5d9c7acc336f1"</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">associate_public_ip_address</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">provider</span> <span class="s2">"aws"</span> <span class="p">{</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"us-east-1"</span> <span class="p">}</span> <span class="nx">module</span> <span class="s2">"nginx-module"</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"./nginx-module"</span> <span class="nx">tls_keys</span> <span class="p">=</span> <span class="nx">local</span><span class="p">.</span><span class="nx">tls_keys</span> <span class="nx">aws_key_pair_name</span> <span class="p">=</span> <span class="nx">local</span><span class="p">.</span><span class="nx">aws_key_pair_name</span> <span class="nx">vpc</span> <span class="p">=</span> <span class="nx">local</span><span class="p">.</span><span class="nx">vpc</span> <span class="nx">subnet</span> <span class="p">=</span> <span class="nx">local</span><span class="p">.</span><span class="nx">subnet</span> <span class="nx">ingress</span> <span class="p">=</span> <span class="nx">local</span><span class="p">.</span><span class="nx">ingress</span> <span class="nx">egress_port</span> <span class="p">=</span> <span class="nx">local</span><span class="p">.</span><span class="nx">egress_port</span> <span class="nx">ec2_instance</span> <span class="p">=</span> <span class="nx">local</span><span class="p">.</span><span class="nx">ec2_instance</span> <span class="p">}</span> </code></pre> </div> <h4> output value for ubuntu public_ip: </h4> <p>create one output value to access the Ubuntu ip provided by the module.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">output</span> <span class="s2">"ubuntu_instance_public_ip"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">module</span><span class="p">.</span><span class="nx">nginx-module</span><span class="p">.</span><span class="nx">ubuntu_instance_public_ip</span> <span class="p">}</span> </code></pre> </div> <p>Congratulations you just created the infrastructure for nginx on Ubuntu.</p> <p>let's apply the infrastructure.</p> <h2> Initialize our infrastructure: </h2> <p>move to <code>Infrastructure-Nginx/main.tf</code> and run the below command:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>terraform init </code></pre> </div> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fxujyxqyupjz4q9hbcrcq.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fxujyxqyupjz4q9hbcrcq.png" alt="terraform init" width="" height=""></a></p> <h3> Plan our infrastructure: </h3> <p>now run the below command to plan our infrastructure, so that we will know what will be deployed:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>terraform plan </code></pre> </div> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ff9uzpkzfuptwvk107s0g.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ff9uzpkzfuptwvk107s0g.png" alt="terraform init" width="" height=""></a></p> <h3> Apply our infrastructure: </h3> <p>run <code>terraform apply</code> </p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fb88pb7iaibt3meplfow5.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fb88pb7iaibt3meplfow5.png" alt="terraform init" width="" height=""></a></p> <p>Confirm the changes by typing “yes”.</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fimkoali78up2ualdg63z.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fimkoali78up2ualdg63z.png" alt="terraform init" width="" height=""></a></p> <p>Awesome! You just created your Ubuntu EC2 instance via Terraform.</p> <h3> Check through AWS UI: </h3> <p>Navigate to the AWS Management Console to verify your instance and other resources. You can now view the public IP address and other details directly in the console.</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj9o4e8yz4ak4524l5die.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj9o4e8yz4ak4524l5die.png" alt="terraform init" width="" height=""></a></p> <h3> Access Through Port 80 in Your Browser: </h3> <p>Open your web browser and enter <a href="http://your-public-ip:80" rel="noopener noreferrer">http://your-public-ip:80</a> in the address bar, replacing your-public-ip with the EC2 instance's public IP. You should see your "Hello From Ubuntu EC2 Instance!!!" message.</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Firce3wa12ugzvdsnwfeh.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Firce3wa12ugzvdsnwfeh.png" alt="terraform init" width="" height=""></a></p> <h3> Destroy the Infrastructure: </h3> <p>If you want to tear down the infrastructure you created, use the terraform destroy command</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F2cji61j3ly6lplhxhc65.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F2cji61j3ly6lplhxhc65.png" alt="terraform init" width="" height=""></a></p> <p>Confirm the changes by typing “yes”.</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F2wm6vzn5p2nxd1tsm052.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F2wm6vzn5p2nxd1tsm052.png" alt="terraform init" width="" height=""></a></p> <p>Delete all the resources defined in your configuration, ensuring a clean removal of everything Terraform created.</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fk6r7s57v1n0r9eojro25.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fk6r7s57v1n0r9eojro25.png" alt="terraform init" width="" height=""></a></p> <h2> Conclusion </h2> <p>Terraform Modules offer a powerful way to organize and reuse infrastructure code, while input variables provide flexibility in customizing deployments. By leveraging these features, you can efficiently build and manage complex cloud infrastructures like deploying Nginx on an EC2 instance. So, grab your Terraform Lego set and start building your digital empire!</p> terraform cloud aws devops How To Use Terraform Data Source Panchanan Panigrahi Sat, 21 Sep 2024 09:44:53 +0000 https://dev.to/sre_panchanan/how-to-use-terraform-data-source-5of https://dev.to/sre_panchanan/how-to-use-terraform-data-source-5of <ul> <li>What is a Data Source in Terraform?</li> <li>How Data Sources Work</li> <li> What we will cover in this project: <ul> <li>Create Terraform configuration files:</li> <li>Configure Terraform AWS provider block:</li> <li>Create Data Block for Default VPC:</li> <li> Create Data Block for Default Subnet: <ul> <li>Explanation:</li> </ul> </li> <li> Create a security group resource inside Default VPC: <ul> <li>Explanation:</li> </ul> </li> <li>Create and store SSH key pair using terraform:</li> <li>Creating AWS key pair using our SSH public key:</li> <li> Create an EC2 Instance(Ubuntu) and Install Nginx inside Default VPC: <ul> <li>Explanation:</li> </ul> </li> <li> Create Output Variables: <ul> <li>Key Points:</li> </ul> </li> <li>Initialize your Terraform Configuration:</li> <li>Plan the Infrastructure Changes:</li> <li>Apply the Configuration:</li> <li>Check through AWS UI:</li> <li>Access Through Port 80 in Your Browser:</li> <li>Destroy the Infrastructure:</li> </ul> </li> <li>Conclusion</li> </ul> <p>Terraform, developed by HashiCorp, is a powerful Infrastructure as Code (IaC) tool that allows users to <strong>define, provision, and manage</strong> cloud infrastructure across multiple providers such as AWS, Azure, and Google Cloud. By using <strong>declarative configuration</strong> files, Terraform enables the automation of infrastructure, making it easily version-controlled and shared across teams. This ensures consistency, scalability, and reliability across different environments.</p> <p>A key concept in Terraform is <strong>data sources</strong>, which play a vital role in enhancing the <strong>accuracy and flexibility</strong> of your infrastructure management. In this post, we'll explore what data sources are, how they work, and why they are important for building adaptive, maintainable, and efficient infrastructure.</p> <h2> What is a Data Source in Terraform? </h2> <p>A <code>data source</code> in Terraform is a way to query and retrieve information about <strong>existing</strong> resources that have already been created, either by Terraform itself or by other means, such as cloud providers. <strong>Instead of creating new resources</strong>, data sources allow you to reference and incorporate external data into your Terraform configuration.</p> <p>Data sources provide a powerful mechanism to:</p> <ul> <li> <strong>Integrate existing infrastructure:</strong> Leverage resources managed outside Terraform (e.g., manually provisioned databases or networks) without recreating them.</li> <li> <strong>Enhance modularity:</strong> Data sources enable Terraform modules to dynamically adapt to different environments by fetching relevant information, such as an existing Virtual Private Cloud (VPC) ID or security group rules.</li> <li> <strong>Increase efficiency:</strong> Rather than hardcoding values like resource IDs or manually looking up resource properties, data sources allow Terraform to dynamically retrieve and use the most up-to-date data.</li> </ul> <h2> How Data Sources Work </h2> <p>In Terraform, a data source is defined using the <code>data</code> block. When executed, Terraform queries the specified provider for the requested data, retrieves it, and makes it available within the configuration.</p> <p><strong>Syntax of data block:</strong></p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">data</span> <span class="s2">"&lt;PROVIDER&gt;_&lt;RESOURCE_TYPE&gt;"</span> <span class="s2">"&lt;NAME&gt;"</span> <span class="p">{</span> <span class="c1"># Configuration arguments</span> <span class="p">}</span> </code></pre> </div> <p><strong>Syntax for reference to this data block resource attribute:</strong></p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">data</span><span class="err">.&lt;</span><span class="nx">provider</span><span class="err">&gt;</span><span class="nx">_</span><span class="err">&lt;</span><span class="nx">resource_type</span><span class="err">&gt;.&lt;</span><span class="nx">name</span><span class="err">&gt;.&lt;</span><span class="nx">attribute</span><span class="err">&gt;</span> </code></pre> </div> <p>These things may look overwhelming to you, so let's understand data source through a <strong>hands-on</strong> example project.</p> <h2> What we will cover in this project: </h2> <p>In this project, we’ll explore how to leverage Terraform Data Sources to retrieve and use existing AWS resources, specifically the <strong>default VPC and its associated subnets</strong>. We will create an <strong>Ubuntu EC2 instance, install Nginx</strong>, and associate the instance with the default VPC and a specific subnet using Terraform’s data sources. By doing this, you’ll gain a clear understanding of how data sources work and how they can make your Terraform configurations more dynamic and flexible.</p> <p>AWS provides a default VPC and subnets in each region, which are ready to use. These resources are often sufficient for basic projects. If you don’t already have a default VPC in your AWS environment, follow these steps to create one:</p> <ol> <li>Navigate to the <strong>VPC</strong> section of the AWS Console.</li> <li>On the left-hand menu, click <strong>Your VPCs</strong>.</li> <li>Click on the <strong>Actions</strong> dropdown menu.</li> <li>Select <strong>Create Default VPC</strong>.</li> </ol> <p>This will automatically create the default VPC and associated subnets, which you can then use in your Terraform configuration.</p> <p>If you get stuck at any point, you can refer to the code examples and configurations in my GitHub repo for this blog: <a href="https://github.com/panchanandevops/Terraform_Data_Source/tree/main" rel="noopener noreferrer">Terraform_Data_source</a>.</p> <p>Now create any directory and a file called <code>main.tf</code> inside that. Add the following code snippet to this main.tf file.</p> <h3> Create Terraform configuration files: </h3> <p>In the first step, we have to tell terraform that we will be deploying infrastructure on AWS. We can do this by configuring the AWS cloud provider plugin.</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">terraform</span> <span class="p">{</span> <span class="nx">required_version</span> <span class="p">=</span> <span class="s2">"&gt;= 1.0"</span> <span class="nx">required_providers</span> <span class="p">{</span> <span class="nx">aws</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"hashicorp/aws"</span> <span class="nx">version</span> <span class="p">=</span> <span class="s2">"~&gt; 5.56"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>This configuration tells Terraform to use the AWS provider and ensures compatibility with <strong>Terraform version 1.0 or higher</strong>. The provider version is locked to maintain stability and prevent unexpected updates.</p> <h3> Configure Terraform AWS provider block: </h3> <p>The next step is to configure the AWS provider block, which accepts various config parameters. We will start by specifying the region to deploy the infra in, <code>us-east-1</code>.</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">provider</span> <span class="s2">"aws"</span> <span class="p">{</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"us-east-1"</span> <span class="p">}</span> </code></pre> </div> <h3> Create Data Block for Default VPC: </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">data</span> <span class="s2">"aws_vpc"</span> <span class="s2">"default"</span> <span class="p">{</span> <span class="nx">default</span> <span class="p">=</span> <span class="kc">true</span> <span class="p">}</span> </code></pre> </div> <p>By setting <code>default = true</code>, Terraform automatically fetches the default VPC in the current region, making it easier to launch resources without manually specifying VPC details. This ensures flexibility and reduces the chance of errors when managing infrastructure across different environments.</p> <h3> Create Data Block for Default Subnet: </h3> <p>The following Terraform code retrieves details of an existing subnet in AWS:</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">data</span> <span class="s2">"aws_subnet"</span> <span class="s2">"default"</span> <span class="p">{</span> <span class="nx">vpc_id</span> <span class="p">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">default</span><span class="p">.</span><span class="nx">id</span> <span class="nx">filter</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"availability-zone"</span> <span class="nx">values</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"us-east-1a"</span><span class="p">]</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h4> Explanation: </h4> <ol> <li> <strong>Data Source</strong>: The code uses the <code>aws_subnet</code> data source to fetch details about an existing subnet in AWS.</li> <li> <strong>VPC Association</strong>: The <code>vpc_id</code> attribute ties the subnet to a specific VPC using <code>data.aws_vpc.default.id</code> This ensures that the retrieved subnet is part of the correct VPC, maintaining necessary network isolation and connectivity for your resources.</li> <li> <strong>Availability Zone Filter</strong>: Filters to retrieve subnets specifically in the <code>us-east-1a</code> availability zone, optimizing resource placement.</li> </ol> <h3> Create a security group resource inside Default VPC: </h3> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">resource</span> <span class="s2">"aws_security_group"</span> <span class="s2">"allow_ssh_http_https"</span> <span class="p">{</span> <span class="nx">vpc_id</span> <span class="p">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">default</span><span class="p">.</span><span class="nx">id</span> <span class="nx">ingress</span> <span class="p">{</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="mi">22</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="mi">22</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">ingress</span> <span class="p">{</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="mi">80</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="mi">80</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">egress</span> <span class="p">{</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="mi">0</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="mi">0</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"-1"</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"allow-ssh-http"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h4> Explanation: </h4> <ol> <li><p><strong>Security Group Creation</strong>: The code defines an AWS security group named <code>allow_ssh_http_https</code>, linked to a default VPC using <code>vpc_id = data.aws_vpc.default.id</code>, ensuring it operates within the intended network.</p></li> <li><p><strong>Ingress Rules</strong>: It includes two ingress rules: one allowing SSH on port 22 and another for HTTP on port 80, both accessible from all IP addresses (<code>0.0.0.0/0</code>), enabling secure connections and web traffic.</p></li> <li><p><strong>Egress Rule</strong>: The egress rule allows all outbound traffic with the protocol set to <code>-1</code> and <code>0.0.0.0/0</code> as the CIDR block, permitting resources to communicate freely with external networks.</p></li> </ol> <h3> Create and store SSH key pair using terraform: </h3> <p>To enable secure access to our AWS resources, we'll generate an SSH key pair. This key pair will be used for accessing instances securely:</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">resource</span> <span class="s2">"tls_private_key"</span> <span class="s2">"ssh_key"</span> <span class="p">{</span> <span class="nx">algorithm</span> <span class="p">=</span> <span class="s2">"RSA"</span> <span class="nx">rsa_bits</span> <span class="p">=</span> <span class="mi">4096</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"local_file"</span> <span class="s2">"private_key"</span> <span class="p">{</span> <span class="nx">content</span> <span class="p">=</span> <span class="nx">tls_private_key</span><span class="p">.</span><span class="nx">ssh_key</span><span class="p">.</span><span class="nx">private_key_pem</span> <span class="nx">filename</span> <span class="p">=</span> <span class="s2">"./.ssh/terraform_rsa"</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"local_file"</span> <span class="s2">"public_key"</span> <span class="p">{</span> <span class="nx">content</span> <span class="p">=</span> <span class="nx">tls_private_key</span><span class="p">.</span><span class="nx">ssh_key</span><span class="p">.</span><span class="nx">public_key_openssh</span> <span class="nx">filename</span> <span class="p">=</span> <span class="s2">"./.ssh/terraform_rsa.pub"</span> <span class="p">}</span> </code></pre> </div> <p>This configuration generates an RSA key pair with a 4096-bit key length. The private and public keys are then saved to files in the .ssh directory, ready for use in connecting to our AWS instances.</p> <h3> Creating AWS key pair using our SSH public key: </h3> <p>Next, we'll create an AWS key pair using the public SSH key we generated:</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">resource</span> <span class="s2">"aws_key_pair"</span> <span class="s2">"deployer"</span> <span class="p">{</span> <span class="nx">key_name</span> <span class="p">=</span> <span class="s2">"ubuntu_ssh_key"</span> <span class="nx">public_key</span> <span class="p">=</span> <span class="nx">tls_private_key</span><span class="p">.</span><span class="nx">ssh_key</span><span class="p">.</span><span class="nx">public_key_openssh</span> <span class="p">}</span> </code></pre> </div> <p>This resource uploads the public key to AWS, allowing you to securely access your EC2 instances using the corresponding private key.</p> <h3> Create an EC2 Instance(Ubuntu) and Install Nginx inside Default VPC: </h3> <p>To provision an EC2 instance with the required configuration, we can define the following resource in Terraform:</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"ubuntu_instance"</span> <span class="p">{</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0a0e5d9c7acc336f1"</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">subnet_id</span> <span class="p">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">aws_subnet</span><span class="p">.</span><span class="nx">default</span><span class="p">.</span><span class="nx">id</span> <span class="nx">vpc_security_group_ids</span> <span class="p">=</span> <span class="p">[</span><span class="nx">aws_security_group</span><span class="p">.</span><span class="nx">allow_ssh_http_https</span><span class="p">.</span><span class="nx">id</span><span class="p">]</span> <span class="nx">key_name</span> <span class="p">=</span> <span class="nx">aws_key_pair</span><span class="p">.</span><span class="nx">deployer</span><span class="p">.</span><span class="nx">key_name</span> <span class="nx">associate_public_ip_address</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">user_data</span> <span class="p">=</span> <span class="o">&lt;&lt;-</span><span class="no">EOF</span><span class="sh"> #!/bin/bash sudo apt update -y sudo apt install -y nginx echo "&lt;h1&gt;Hello From Ubuntu EC2 Instance!!!&lt;/h1&gt;" | sudo tee /var/www/html/index.html sudo systemctl restart nginx </span><span class="no"> EOF </span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"ubuntu-instance"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h4> Explanation: </h4> <ol> <li> <p><strong>Instance Configuration</strong>:</p> <ul> <li> <strong>AMI and Type</strong>: The instance uses a specified Amazon Machine Image (AMI) for Ubuntu (<code>ami-0a0e5d9c7acc336f1</code>) and is of type <code>t2.micro</code>, making it suitable for low-cost and lightweight applications.</li> </ul> </li> <li> <p><strong>Networking Setup</strong>:</p> <ul> <li> <strong>Subnet and Security Group</strong>: The instance is launched in a subnet identified by <code>data.aws_subnet.default.id</code>, and it’s associated with the previously defined security group (<code>aws_security_group.allow_ssh_http_https.id</code>), ensuring proper network access.</li> </ul> </li> <li> <p><strong>Key Pair and Public IP</strong>:</p> <ul> <li> <strong>SSH Access</strong>: It uses a specified key pair (<code>aws_key_pair.deployer.key_name</code>) for SSH access and is configured to have a public IP address, allowing external connections.</li> </ul> </li> <li> <p><strong>User Data Script</strong>:</p> <ul> <li> <strong>Initial Setup</strong>: The <code>user_data</code> block contains a Bash script that runs on instance startup. It updates the package manager, installs NGINX, creates a simple HTML file in the web server directory, and restarts NGINX to display a greeting message.</li> </ul> </li> <li> <p><strong>Resource Tagging</strong>:</p> <ul> <li> <strong>Instance Naming</strong>: The instance is tagged with the name <code>ubuntu-instance</code>, which helps in identifying the resource in the AWS management console.</li> </ul> </li> </ol> <h3> Create Output Variables: </h3> <p>The following Terraform code defines outputs to display important information after provisioning resources:</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="c1"># Output the Public IPs</span> <span class="nx">output</span> <span class="s2">"ubuntu_instance_public_ip"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">ubuntu_instance</span><span class="p">.</span><span class="nx">public_ip</span> <span class="p">}</span> <span class="c1"># Output VPC CIDR Block</span> <span class="nx">output</span> <span class="s2">"vpc_cidr_block"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">default</span><span class="p">.</span><span class="nx">cidr_block</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"The CIDR block of the default VPC"</span> <span class="p">}</span> <span class="c1"># Output Subnet CIDR Block</span> <span class="nx">output</span> <span class="s2">"subnet_cidr_block"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">aws_subnet</span><span class="p">.</span><span class="nx">default</span><span class="p">.</span><span class="nx">cidr_block</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"The CIDR block of the default subnet"</span> <span class="p">}</span> </code></pre> </div> <h4> Key Points: </h4> <ol> <li> <p><strong>Public IP of the EC2 Instance</strong>:</p> <ul> <li>The first output block, <code>ubuntu_instance_public_ip</code>, captures the public IP address of the newly created EC2 instance. This information is crucial for accessing the instance over the internet.</li> </ul> </li> <li> <p><strong>VPC CIDR Block</strong>:</p> <ul> <li>The second output, <code>vpc_cidr_block</code>, retrieves and displays the CIDR block of the default VPC. This block helps in understanding the IP address range used by the VPC, facilitating network management.</li> </ul> </li> <li> <p><strong>Subnet CIDR Block</strong>:</p> <ul> <li>The third output, <code>subnet_cidr_block</code>, provides the CIDR block of the default subnet. Knowing this information is important for managing subnets and ensuring that resources are correctly addressed within the network.</li> </ul> </li> </ol> <h3> Initialize your Terraform Configuration: </h3> <p>Once you have your <strong>main.tf</strong>, the next step is to initialize your Terraform environment. Run the following command in your project directory:</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> terraform init </code></pre> </div> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ft1zjr1en1g4gjlymxprc.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ft1zjr1en1g4gjlymxprc.png" alt="terraform init"></a></p> <p>This command initializes the working directory containing your Terraform configuration files. It downloads the necessary <strong>provider plugins</strong>, sets up the <strong>backend</strong>, and prepares the environment for future Terraform operations.</p> <h3> Plan the Infrastructure Changes: </h3> <p>To preview the actions Terraform will take without actually applying any changes, run:</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> terraform plan </code></pre> </div> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4w1l973ix34z4kngbdoz.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4w1l973ix34z4kngbdoz.png" alt="terraform plan"></a></p> <p>This command generates an execution plan, which shows you what resources will be <strong>created, modified, or destroyed</strong>. It helps you ensure that everything is configured correctly before applying any changes.</p> <h3> Apply the Configuration: </h3> <p>Once we verify the planned changes. We will deploy the changes to AWS via the <code>terraform apply</code> command.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flcd6mo035w04ynpwde2w.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flcd6mo035w04ynpwde2w.png" alt="terraform apply"></a></p> <p>Confirm the changes by typing <strong>“yes”</strong>.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fa0nufpc1zxt1bd7hsgkf.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fa0nufpc1zxt1bd7hsgkf.png" alt="terraform apply"></a></p> <p><strong>Awesome!</strong> You just created your Ubuntu EC2 instance via Terraform.</p> <h3> Check through AWS UI: </h3> <p>Navigate to the AWS Management Console to verify your instance and other resources. You can now view the <strong>public IP address</strong> and other details directly in the console.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fggh8brrwpuwolz0ny68q.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fggh8brrwpuwolz0ny68q.png" alt="AWS UI"></a></p> <h3> Access Through Port 80 in Your Browser: </h3> <p>Open your web browser and enter <strong><a href="http://your-public-ip:80" rel="noopener noreferrer">http://your-public-ip:80</a></strong> in the address bar, replacing <strong>your-public-ip</strong> with the EC2 <strong>instance's public IP</strong>. You should see your "Hello From Ubuntu EC2 Instance!!!" message.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftmaqjckyd9wqa3ofn8d8.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftmaqjckyd9wqa3ofn8d8.png" alt="AWS UI"></a></p> <h3> Destroy the Infrastructure: </h3> <p>If you want to tear down the infrastructure you created, use the <code>terraform destroy</code> command</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fta48xj0skb2fq85vk1qj.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fta48xj0skb2fq85vk1qj.png" alt="terraform destroy"></a></p> <p>Confirm the changes by typing <strong>“yes”</strong>.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhvcapx0dopubh4npwdtv.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhvcapx0dopubh4npwdtv.png" alt="terraform destroy"></a></p> <p>Delete all the resources defined in your configuration, ensuring a clean removal of everything Terraform created.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Falf78ju8c18r6c8aidko.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Falf78ju8c18r6c8aidko.png" alt="terraform destroy"></a></p> <h2> Conclusion </h2> <p>In this project, we used Terraform to provision an Ubuntu EC2 instance in <strong>AWS’s default VPC</strong>, demonstrating the value of <strong>data sources</strong>. By retrieving existing resources, we created a flexible infrastructure setup. We configured the instance, installed Nginx, and learned to output important resource information. This exercise underscores Terraform's efficiency in automating cloud infrastructure management.</p> <p>Stay tuned for our upcoming blogs where we’ll dive deeper into <strong>advanced Terraform concepts, including modules, remote backends, state management, and more</strong>. We’ll explore how these features can further enhance your infrastructure management and automation practices.</p> terraform devops beginners aws Terraform in Action: Deploying an Ubuntu EC2 Instance with Nginx on AWS Panchanan Panigrahi Tue, 17 Sep 2024 14:32:35 +0000 https://dev.to/sre_panchanan/terraform-in-actiondeploying-an-ubuntu-ec2-instance-with-nginx-on-aws-2fdp https://dev.to/sre_panchanan/terraform-in-actiondeploying-an-ubuntu-ec2-instance-with-nginx-on-aws-2fdp <ul> <li> Deploying AWS resources using Terraform: <ul> <li>Prerequisites:</li> <li>Create Terraform configuration files:</li> <li>Configure Terraform AWS provider block:</li> <li>Create a vpc resource in AWS:</li> <li>Create an Internet gateway resource in AWS:</li> <li>Create a public subnet resource in AWS:</li> <li>Create a route table resource in AWS:</li> <li>Create and store SSH key pair using terraform:</li> <li>Creating AWS key pair using our SSH public key:</li> <li>Create a security group resource in AWS:</li> <li>Create an EC2 Instance(Ubuntu) and Install Nginx in AWS:</li> <li>Explanation:</li> <li>Create Output Variable for Ubuntu IP Address:</li> <li>Initialize your Terraform Configuration:</li> <li>Plan the Infrastructure Changes:</li> <li>Apply the Configuration:</li> <li>Check through AWS UI:</li> <li>Access Through Port 8080 in Your Browser:</li> <li>Destroy the Infrastructure:</li> </ul> </li> <li>Conclusion</li> </ul> <p>Terraform is an <strong>Infrastructure as Code (IaC)</strong> tool developed by HashiCorp. It enables users to define, provision, and manage infrastructure across multiple cloud platforms like AWS, Azure, and Google Cloud using <strong>declarative configuration</strong> files. With Terraform, infrastructure can be automated, version-controlled, and shared, ensuring consistency and scalability across environments.</p> <p>As organizations increasingly adopt cloud services, managing infrastructure becomes more <strong>complex</strong>. Terraform simplifies this process by allowing users to define the <strong>desired infrastructure state in code</strong> and letting the tool handle the underlying provisioning. Its multi-cloud support, robust state management, and reusable modules make Terraform a go-to solution for modern cloud infrastructure management.</p> <h3> Terraform Simple Commands: </h3> <ul> <li> <code>terraform init</code> – Initializes the working directory and downloads necessary provider plugins.</li> <li> <code>terraform plan</code> – Previews the actions Terraform will take without applying changes.</li> <li> <code>terraform apply</code> – Executes the changes required to reach the desired state of the configuration.</li> <li> <code>terraform destroy</code> – Destroys the managed infrastructure and removes all resources defined in the configuration.</li> </ul> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F53wjg05ck5yla0jchawd.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F53wjg05ck5yla0jchawd.png" alt="Terraform"></a></p> <h4> Why Use Terraform on AWS? </h4> <p>Terraform offers several key benefits when managing AWS infrastructure, making it a powerful tool for developers and operations teams:</p> <ul> <li> <strong>Multi-cloud compatibility</strong>: Terraform works across many cloud platforms, including AWS, Azure, and Google Cloud, making it easier to manage multi-cloud environments from a single tool.</li> <li> <strong>Readable configurations</strong>: You can define your infrastructure using human-readable, declarative <code>.tf</code> files, which simplifies how you describe and manage your cloud resources.</li> <li> <strong>Declarative infrastructure management</strong>: By defining the desired state of your AWS infrastructure, Terraform figures out the necessary actions to achieve that state, eliminating manual processes.</li> <li> <strong>State management</strong>: Terraform keeps track of your current infrastructure in a state file, ensuring consistent and reliable updates and preventing infrastructure drift.</li> <li> <strong>Change previews</strong>: With the <code>terraform plan</code> command, you can preview any changes before applying them, helping to catch potential issues and verify that everything works as expected.</li> <li> <strong>Automation-friendly</strong>: Terraform integrates well with CI/CD pipelines, allowing teams to automate provisioning and infrastructure management as part of their development workflows.</li> <li> <strong>Modular and reusable</strong>: You can break down your infrastructure into reusable modules, making it easier to standardize and manage across different environments or teams.</li> <li> <strong>Orchestrates complex setups</strong>: Terraform handles dependencies between resources, ensuring they are created, updated, or destroyed in the right order for seamless deployments.</li> <li> <strong>Efficient resource management</strong>: By building a dependency graph, Terraform optimizes the creation and management of resources, ensuring operations are safe, predictable, and efficient.</li> </ul> <h2> Deploying AWS resources using Terraform: </h2> <p>Using Terraform to deploy AWS resources exemplifies the power of Infrastructure as Code (IaC), making cloud infrastructure management more efficient, repeatable, and scalable. In this guide, we’ll walk you through the process of using Terraform to set up, configure, and manage AWS services in a streamlined manner.</p> <p>The goal of this post is to demonstrate how to create <strong>an EC2 instance and deploy Nginx on it</strong>, turning the instance into a functional web server. By the end, you’ll have a fully automated setup where your web server is ready to serve content—illustrating the simplicity and power of IaC using Terraform.</p> <p>If you get stuck at any point, you can refer to the code examples and configurations in my <strong>GitHub repo</strong> for this blog: <a href="https://github.com/panchanandevops/Nginx_on_Ubuntu_EC2_Instance" rel="noopener noreferrer">Nginx_on_Ubuntu_EC2_Instance.</a></p> <h3> Prerequisites: </h3> <ul> <li> <strong>Install Terraform:</strong> This blog may help you to install terraform. <a href="https://spacelift.io/blog/how-to-install-terraform" rel="noopener noreferrer">Download &amp; Install Terraform on Windows, MacOS, Linux</a> </li> <li> <strong>AWS CLI Configured:</strong> This blog may help you to install and configure aws cli. <a href="https://k21academy.com/amazon-web-services/aws-solutions-architect/aws-cli/" rel="noopener noreferrer">How to Configure &amp; Install AWS CLI?</a> </li> </ul> <h3> Create Terraform configuration files: </h3> <p>In the first step we have to tell terraform that we will be deploying infrastructure on AWS. We can do this by configuring the <strong>AWS cloud provider plugin</strong>.</p> <p>Create a file <code>main.tf</code>, and add the below given code block.</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">terraform</span> <span class="p">{</span> <span class="nx">required_version</span> <span class="p">=</span> <span class="s2">"&gt;= 1.0"</span> <span class="nx">required_providers</span> <span class="p">{</span> <span class="nx">aws</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"hashicorp/aws"</span> <span class="nx">version</span> <span class="p">=</span> <span class="s2">"~&gt; 5.56"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>This configuration tells Terraform to use the AWS provider and ensures compatibility with <strong>Terraform version 1.0 or higher</strong>. The provider version is locked to maintain stability and prevent unexpected updates.</p> <h3> Configure Terraform AWS provider block: </h3> <p>The next step is to configure the <strong>AWS provider block</strong>, which accepts various config parameters. We will start by specifying the region to deploy the infra in, <code>us-east-1</code>.</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">provider</span> <span class="s2">"aws"</span> <span class="p">{</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"us-east-1"</span> <span class="p">}</span> </code></pre> </div> <h3> Create a vpc resource in AWS: </h3> <p>Next, let's create a Virtual Private Cloud (VPC) to serve as the foundation for our AWS infrastructure:</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">resource</span> <span class="s2">"aws_vpc"</span> <span class="s2">"main_vpc"</span> <span class="p">{</span> <span class="nx">cidr_block</span> <span class="p">=</span> <span class="s2">"10.0.0.0/16"</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"main-vpc"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>This will provision a VPC with the specified <strong>CIDR block</strong>, providing isolated networking for our resources.</p> <h3> Create an Internet gateway resource in AWS: </h3> <p>To allow internet access, we need to create an Internet Gateway and attach it to our VPC:</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">resource</span> <span class="s2">"aws_internet_gateway"</span> <span class="s2">"igw"</span> <span class="p">{</span> <span class="nx">vpc_id</span> <span class="p">=</span> <span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">id</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"main-igw"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>This setup creates an Internet Gateway and associates it with our VPC, <strong>enabling</strong> communication between the <strong>VPC and the internet</strong>.</p> <h3> Create a public subnet resource in AWS: </h3> <p>To ensure that our VPC has public access, we'll create a public subnet within it:</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">resource</span> <span class="s2">"aws_subnet"</span> <span class="s2">"public_subnet"</span> <span class="p">{</span> <span class="nx">vpc_id</span> <span class="p">=</span> <span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">id</span> <span class="nx">cidr_block</span> <span class="p">=</span> <span class="s2">"10.0.1.0/24"</span> <span class="nx">availability_zone</span> <span class="p">=</span> <span class="s2">"us-east-1a"</span> <span class="nx">map_public_ip_on_launch</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"public-subnet"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>This configuration sets up a subnet that will automatically assign <strong>public IP addresses to instances</strong> launched in it, enabling them to <strong>communicate with the internet</strong>.</p> <h3> Create a route table resource in AWS: </h3> <p>To ensure that our public subnet can route traffic to the internet, we'll create a route table and associate it with our subnet:</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">resource</span> <span class="s2">"aws_route_table"</span> <span class="s2">"public_rt"</span> <span class="p">{</span> <span class="nx">vpc_id</span> <span class="p">=</span> <span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">id</span> <span class="nx">route</span> <span class="p">{</span> <span class="nx">cidr_block</span> <span class="p">=</span> <span class="s2">"0.0.0.0/0"</span> <span class="nx">gateway_id</span> <span class="p">=</span> <span class="nx">aws_internet_gateway</span><span class="p">.</span><span class="nx">igw</span><span class="p">.</span><span class="nx">id</span> <span class="p">}</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"aws_route_table_association"</span> <span class="s2">"public_rt_association"</span> <span class="p">{</span> <span class="nx">subnet_id</span> <span class="p">=</span> <span class="nx">aws_subnet</span><span class="p">.</span><span class="nx">public_subnet</span><span class="p">.</span><span class="nx">id</span> <span class="nx">route_table_id</span> <span class="p">=</span> <span class="nx">aws_route_table</span><span class="p">.</span><span class="nx">public_rt</span><span class="p">.</span><span class="nx">id</span> <span class="p">}</span> </code></pre> </div> <p>This configuration sets up a route table with a route to the internet through the Internet Gateway and associates it with our public subnet, enabling <strong>outgoing traffic</strong> to reach the internet.</p> <h3> Create and store SSH key pair using terraform: </h3> <p>To enable secure access to our AWS resources, we'll generate an SSH key pair. This key pair will be used for accessing instances securely:</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">resource</span> <span class="s2">"tls_private_key"</span> <span class="s2">"ssh_key"</span> <span class="p">{</span> <span class="nx">algorithm</span> <span class="p">=</span> <span class="s2">"RSA"</span> <span class="nx">rsa_bits</span> <span class="p">=</span> <span class="mi">4096</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"local_file"</span> <span class="s2">"private_key"</span> <span class="p">{</span> <span class="nx">content</span> <span class="p">=</span> <span class="nx">tls_private_key</span><span class="p">.</span><span class="nx">ssh_key</span><span class="p">.</span><span class="nx">private_key_pem</span> <span class="nx">filename</span> <span class="p">=</span> <span class="s2">"./.ssh/terraform_rsa"</span> <span class="p">}</span> <span class="nx">resource</span> <span class="s2">"local_file"</span> <span class="s2">"public_key"</span> <span class="p">{</span> <span class="nx">content</span> <span class="p">=</span> <span class="nx">tls_private_key</span><span class="p">.</span><span class="nx">ssh_key</span><span class="p">.</span><span class="nx">public_key_openssh</span> <span class="nx">filename</span> <span class="p">=</span> <span class="s2">"./.ssh/terraform_rsa.pub"</span> <span class="p">}</span> </code></pre> </div> <p>This configuration generates an <strong>RSA</strong> key pair with a <strong>4096-bit</strong> key length. The private and public keys are then saved to files in the <code>.ssh</code> directory, ready for use in connecting to our AWS instances.</p> <h3> Creating AWS key pair using our SSH public key: </h3> <p>Next, we'll create an AWS key pair using the public SSH key we generated:</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">resource</span> <span class="s2">"aws_key_pair"</span> <span class="s2">"deployer"</span> <span class="p">{</span> <span class="nx">key_name</span> <span class="p">=</span> <span class="s2">"ubuntu_ssh_key"</span> <span class="nx">public_key</span> <span class="p">=</span> <span class="nx">tls_private_key</span><span class="p">.</span><span class="nx">ssh_key</span><span class="p">.</span><span class="nx">public_key_openssh</span> <span class="p">}</span> </code></pre> </div> <p>This resource uploads the <strong>public key</strong> to AWS, allowing you to securely access your EC2 instances using the corresponding private key.</p> <h3> Create a security group resource in AWS: </h3> <p>To control access to our AWS resources, we need to configure a security group that <strong>allows inbound traffic for SSH, HTTP, and HTTPS:</strong></p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">resource</span> <span class="s2">"aws_security_group"</span> <span class="s2">"allow_ssh_http_https"</span> <span class="p">{</span> <span class="nx">vpc_id</span> <span class="p">=</span> <span class="nx">aws_vpc</span><span class="p">.</span><span class="nx">main_vpc</span><span class="p">.</span><span class="nx">id</span> <span class="nx">ingress</span> <span class="p">{</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="mi">22</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="mi">22</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">ingress</span> <span class="p">{</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="mi">8080</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="mi">8080</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">ingress</span> <span class="p">{</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="mi">443</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="mi">443</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"tcp"</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">egress</span> <span class="p">{</span> <span class="nx">from_port</span> <span class="p">=</span> <span class="mi">0</span> <span class="nx">to_port</span> <span class="p">=</span> <span class="mi">0</span> <span class="nx">protocol</span> <span class="p">=</span> <span class="s2">"-1"</span> <span class="nx">cidr_blocks</span> <span class="p">=</span> <span class="p">[</span><span class="s2">"0.0.0.0/0"</span><span class="p">]</span> <span class="p">}</span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"allow-ssh-https-8080"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>This security group allows SSH (port 22), HTTP (port 8080), and HTTPS (port 443) traffic, while permitting <strong>all outbound traffic</strong>. This setup ensures that your instances can be accessed and managed securely.</p> <h3> Create an EC2 Instance(Ubuntu) and Install Nginx in AWS: </h3> <p>To provision an EC2 instance with the required configuration, we can define the following resource in Terraform:</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">resource</span> <span class="s2">"aws_instance"</span> <span class="s2">"ubuntu_instance"</span> <span class="p">{</span> <span class="nx">ami</span> <span class="p">=</span> <span class="s2">"ami-0a0e5d9c7acc336f1"</span> <span class="nx">instance_type</span> <span class="p">=</span> <span class="s2">"t2.micro"</span> <span class="nx">subnet_id</span> <span class="p">=</span> <span class="nx">aws_subnet</span><span class="p">.</span><span class="nx">public_subnet</span><span class="p">.</span><span class="nx">id</span> <span class="nx">vpc_security_group_ids</span> <span class="p">=</span> <span class="p">[</span><span class="nx">aws_security_group</span><span class="p">.</span><span class="nx">allow_ssh_http_https</span><span class="p">.</span><span class="nx">id</span><span class="p">]</span> <span class="nx">key_name</span> <span class="p">=</span> <span class="nx">aws_key_pair</span><span class="p">.</span><span class="nx">deployer</span><span class="p">.</span><span class="nx">key_name</span> <span class="nx">associate_public_ip_address</span> <span class="p">=</span> <span class="kc">true</span> <span class="nx">depends_on</span> <span class="p">=</span> <span class="p">[</span> <span class="nx">aws_security_group</span><span class="p">.</span><span class="nx">allow_ssh_http_https</span><span class="p">,</span> <span class="nx">aws_internet_gateway</span><span class="p">.</span><span class="nx">igw</span> <span class="p">]</span> <span class="nx">user_data</span> <span class="p">=</span> <span class="o">&lt;&lt;-</span><span class="no">EOF</span><span class="sh"> #!/bin/bash sudo apt update -y sudo apt install -y nginx # Create index.html with H1 tag in the default NGINX web directory echo "&lt;h1&gt;Hello From Ubuntu EC2 Instance!!!&lt;/h1&gt;" | sudo tee /var/www/html/index.html # Update NGINX to listen on port 8080 sudo sed -i 's/listen 80 default_server;/listen 8080 default_server;/g' /etc/nginx/sites-available/default # Restart NGINX to apply the changes sudo systemctl restart nginx </span><span class="no"> EOF </span> <span class="nx">tags</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">Name</span> <span class="p">=</span> <span class="s2">"ubuntu-instance"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h4> Explanation: </h4> <ol> <li> <strong>AMI and Instance Type</strong>: <ul> <li>The <code>ami</code> attribute specifies the <strong>Amazon Machine Image (AMI) ID</strong> to use for the instance. This particular AMI is a standard Ubuntu image.</li> <li>The <code>instance_type</code> attribute specifies the type of instance to launch, in this case, a <code>t2.micro</code>, which is a low-cost, general-purpose instance.</li> </ul> </li> </ol> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzer1r2jma4iy8qq9bbtd.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzer1r2jma4iy8qq9bbtd.png" alt="ami"></a></p> <ol> <li> <p><strong>Subnet and Security Group</strong>:</p> <ul> <li> <code>subnet_id</code> assigns the instance to the public subnet we created earlier, ensuring it has network access.</li> <li> <code>vpc_security_group_ids</code> associates the instance with the security group, allowing access on ports 22 (SSH), 8080 (HTTP), and 443 (HTTPS).</li> </ul> </li> <li> <p><strong>Key Pair</strong>:</p> <ul> <li> <code>key_name</code> specifies the SSH key pair used for secure access to the instance. This key pair was created earlier and allows you to log in to the instance.</li> </ul> </li> <li> <p><strong>Public IP</strong>:</p> <ul> <li> <code>associate_public_ip_address = true</code> ensures that the instance is assigned a public IP address, enabling external access.</li> </ul> </li> <li> <p><strong>Dependency Management</strong>:</p> <ul> <li>The <code>depends_on</code> attribute ensures that the instance creation waits until the security group and internet gateway are properly set up, ensuring the instance can properly communicate with the internet.</li> </ul> </li> <li> <p><strong>User Data Script</strong>:</p> <ul> <li>The <code>user_data</code> attribute contains a shell script that runs when the instance launches. It performs the following actions: <ul> <li>Updates the package lists with <code>sudo apt update -y</code>.</li> <li>Installs NGINX with <code>sudo apt install -y nginx</code>.</li> <li>Creates an <code>index.html</code> file in the NGINX web directory with a greeting message.</li> <li>Configures NGINX to listen on port 8080 instead of the default port 80.</li> <li>Restarts the NGINX service to apply the new configuration.</li> </ul> </li> </ul> </li> <li> <p><strong>Tags</strong>:</p> <ul> <li>The <code>tags</code> attribute assigns a name to the instance, making it easier to identify and manage within the AWS Management Console.</li> </ul> </li> </ol> <p>This setup ensures that your instance is correctly configured to serve web traffic on <strong>port 8080</strong> and is accessible with the necessary security configurations in place.</p> <h3> Create Output Variable for Ubuntu IP Address: </h3> <p>To display the <strong>public IP address</strong> of the newly created EC2 instance, use the following output configuration in Terraform:</p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code> <span class="nx">output</span> <span class="s2">"ubuntu_instance_public_ip"</span> <span class="p">{</span> <span class="nx">value</span> <span class="p">=</span> <span class="nx">aws_instance</span><span class="p">.</span><span class="nx">ubuntu_instance</span><span class="p">.</span><span class="nx">public_ip</span> <span class="p">}</span> </code></pre> </div> <p>This configuration will provide the public IP of your instance, allowing you to easily access it and verify that everything is set up correctly.</p> <h3> Initialize your Terraform Configuration: </h3> <p>Once you have your <code>main.tf</code> and other necessary files in place, the next step is to initialize your Terraform environment. Run the following command in your project directory:</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> terraform init </code></pre> </div> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj8q9p6381g7kxly9bswv.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj8q9p6381g7kxly9bswv.png" alt="terraform init"></a></p> <p>This command initializes the working directory containing your Terraform configuration files. It downloads the necessary provider plugins, sets up the backend, and prepares the environment for future Terraform operations.</p> <h3> Plan the Infrastructure Changes: </h3> <p>To preview the actions Terraform will take without actually applying any changes, run:</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> terraform plan </code></pre> </div> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4gqyvngwht7ue04hpbdh.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4gqyvngwht7ue04hpbdh.png" alt="terraform plan"></a></p> <p>This command generates an execution plan, which shows you what resources will be created, modified, or destroyed. It helps you ensure that everything is configured correctly before applying any changes.</p> <h3> Apply the Configuration: </h3> <p>Once we verify the planned changes. We will deploy the changes to AWS via the <code>terraform apply</code> command.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvvedjjlr28jdang1km41.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvvedjjlr28jdang1km41.png" alt="yes"></a></p> <p>Confirm the changes by typing “yes”.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fx56s55zynnxgjwh4ay2j.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fx56s55zynnxgjwh4ay2j.png" alt="Ubuntu EC2"></a></p> <p>Awesome! You just created your Ubuntu EC2 instance via Terraform.</p> <h3> Check through AWS UI: </h3> <p>Navigate to the AWS Management Console to verify your instance and other resources. You can now view the public IP address and other details directly in the console.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvnwg9g8mo0qv60q3yfoz.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvnwg9g8mo0qv60q3yfoz.png" alt="AWS UI"></a></p> <h3> Access Through Port 8080 in Your Browser: </h3> <p>Open your web browser and enter <code>http://&lt;your-public-ip&gt;:8080</code> in the address bar, replacing <code>&lt;your-public-ip&gt;</code> with the EC2 instance's public IP. You should see your <strong>"Hello From Ubuntu EC2 Instance!!!"</strong> message.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkmojx721lvu7r0f1nujg.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkmojx721lvu7r0f1nujg.png" alt="Port 8080"></a></p> <h3> Destroy the Infrastructure: </h3> <p>If you want to tear down the infrastructure you created, use the <code>terraform destroy</code> command:</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> terraform destroy </code></pre> </div> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flheblztxj65ur32mvquq.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flheblztxj65ur32mvquq.png" alt="destroy-1"></a></p> <p>Confirm the changes by typing “yes”.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7a3ggpcum4hxupa64xbu.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7a3ggpcum4hxupa64xbu.png" alt="destroy-2"></a></p> <p>Delete all the resources defined in your configuration, ensuring a clean removal of everything Terraform created.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F37ialmzi5zz7gx210t54.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F37ialmzi5zz7gx210t54.png" alt="destroy-aws"></a></p> <h2> Conclusion </h2> <p>In this guide, we have successfully utilized Terraform to automate the deployment of an AWS infrastructure, including a <strong>VPC, subnet, security group, and EC2 instance</strong>. By leveraging Terraform’s capabilities, we streamlined the process of provisioning and configuring resources, ensuring a consistent and efficient setup. Accessing the EC2 instance via <strong>port 8080</strong> allows you to verify the deployment and confirm that your configuration is working as expected. This approach exemplifies the power of Infrastructure as Code (IaC) in managing cloud resources effectively and paves the way for scalable and manageable infrastructure solutions.</p> <p>Stay tuned for our upcoming blogs where we’ll dive deeper into <strong>advanced Terraform concepts, including modules, remote backends, state management, and more</strong>. We’ll explore how these features can further enhance your infrastructure management and automation practices.</p> terraform devops aws cloud Understanding Docker ENTRYPOINT vs CMD: Key Differences and Practical Examples Panchanan Panigrahi Sun, 15 Sep 2024 13:31:00 +0000 https://dev.to/sre_panchanan/understanding-docker-entrypoint-vs-cmd-key-differences-and-practical-examples-2d0j https://dev.to/sre_panchanan/understanding-docker-entrypoint-vs-cmd-key-differences-and-practical-examples-2d0j <p>When building Docker images, two critical instructions you'll often encounter are <code>ENTRYPOINT</code> and <code>CMD</code>. While both define commands that a container executes when it starts, they serve distinct purposes. In this post, we’ll break down the differences between <code>ENTRYPOINT</code> and <code>CMD</code> and show how to use them effectively with real-world examples.</p> <h2> What Are ENTRYPOINT and CMD? </h2> <h3> ENTRYPOINT </h3> <p><code>ENTRYPOINT</code> defines the main command that <em>always</em> runs when the container starts. It is ideal when you want your container to execute a specific script or process consistently, regardless of additional user input. While <code>ENTRYPOINT</code> can accept arguments, the primary command is fixed.</p> <h3> CMD </h3> <p><code>CMD</code> serves as a way to provide <em>default arguments</em> to <code>ENTRYPOINT</code>. If no <code>ENTRYPOINT</code> is defined, <code>CMD</code> acts as the primary command itself. The beauty of <code>CMD</code> is its flexibility—it can be overridden when running the container, making it ideal for specifying default behavior that can easily be customized.</p> <h3> Key Differences </h3> <ul> <li> <strong><code>ENTRYPOINT</code></strong> is used to define the main process that a container should always run.</li> <li> <strong><code>CMD</code></strong> supplies default arguments to <code>ENTRYPOINT</code>, or, if no <code>ENTRYPOINT</code> is defined, it acts as the default command.</li> </ul> <h2> Example 1: Using a Command in ENTRYPOINT </h2> <p>In this first example, we’ll set a fixed command with <code>ENTRYPOINT</code> and provide a default argument with <code>CMD</code>.</p> <h3> Dockerfile: </h3> <div class="highlight js-code-highlight"> <pre class="highlight docker"><code><span class="c"># Base image</span> <span class="k">FROM</span><span class="s"> alpine:latest</span> <span class="c"># Set ENTRYPOINT to a fixed command</span> <span class="k">ENTRYPOINT</span><span class="s"> ["ping"]</span> <span class="c"># CMD provides default arguments to ENTRYPOINT</span> <span class="k">CMD</span><span class="s"> ["google.com"]</span> </code></pre> </div> <h3> Explanation: </h3> <ul> <li> <strong><code>ENTRYPOINT</code></strong> is set to <code>ping</code>, meaning that command will <em>always</em> run when the container starts.</li> <li> <strong><code>CMD</code></strong> provides the default argument <code>google.com</code> for the <code>ping</code> command.</li> </ul> <h4> Building the docker image <code>my-ping-image</code>: </h4> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker build <span class="nt">-t</span> my-ping-image:v1.0.0 <span class="nb">.</span> <span class="nt">-f</span> Dockerfile.ping </code></pre> </div> <h4> Running the container without arguments: </h4> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker run <span class="nt">--name</span> google-ping-container my-ping-image:v1.0.0 </code></pre> </div> <p>This will execute:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>ping google.com </code></pre> </div> <h4> Overriding CMD: </h4> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker run <span class="nt">--name</span> localhost-ping-container my-ping-image:v1.0.0 localhost </code></pre> </div> <p>This overrides <code>CMD</code>, and the container will now execute:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>ping localhost </code></pre> </div> <h2> Example 2: Using a Shell Script in ENTRYPOINT with CMD for Environment-Specific Behavior </h2> <p>Now, let’s look at a more complex use case. We’ll use <code>ENTRYPOINT</code> to run a shell script that generates an <code>index.html</code> file dynamically based on the environment (<code>development</code> or <code>production</code>). The <code>CMD</code> will specify the environment, with a default of <code>development</code>.</p> <h3> Scenario: </h3> <p>You want to run an Nginx container that serves different content based on the environment. The <code>index.html</code> file will be created dynamically by a shell script using <code>ENTRYPOINT</code>, and the environment can be specified via <code>CMD</code>.</p> <h3> Dockerfile: </h3> <div class="highlight js-code-highlight"> <pre class="highlight docker"><code><span class="c"># Base image</span> <span class="k">FROM</span><span class="s"> nginx:latest</span> <span class="c"># Install necessary utilities</span> <span class="k">RUN </span>apt-get update <span class="o">&amp;&amp;</span> apt-get <span class="nb">install</span> <span class="nt">-y</span> bash <span class="c"># Copy entrypoint script to the container</span> <span class="k">COPY</span><span class="s"> entrypoint.sh /usr/local/bin/entrypoint.sh</span> <span class="k">RUN </span><span class="nb">chmod</span> +x /usr/local/bin/entrypoint.sh <span class="c"># Set ENTRYPOINT to the shell script</span> <span class="k">ENTRYPOINT</span><span class="s"> ["/usr/local/bin/entrypoint.sh"]</span> <span class="c"># CMD provides default environment (development)</span> <span class="k">CMD</span><span class="s"> ["development"]</span> </code></pre> </div> <h3> Shell Script (<code>entrypoint.sh</code>): </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/bin/bash</span> <span class="c"># Get the environment from CMD or default to development</span> <span class="nv">ENVIRONMENT</span><span class="o">=</span><span class="nv">$1</span> <span class="c"># Create the index.html file based on the environment</span> <span class="k">if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$ENVIRONMENT</span><span class="s2">"</span> <span class="o">==</span> <span class="s2">"development"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"&lt;h1&gt;Welcome to the Development Page&lt;/h1&gt;"</span> <span class="o">&gt;</span> /usr/share/nginx/html/index.html <span class="k">else </span><span class="nb">echo</span> <span class="s2">"&lt;h1&gt;Welcome to the Production Page&lt;/h1&gt;"</span> <span class="o">&gt;</span> /usr/share/nginx/html/index.html <span class="k">fi</span> <span class="c"># Start Nginx in the foreground</span> nginx <span class="nt">-g</span> <span class="s1">'daemon off;'</span> </code></pre> </div> <h3> Explanation: </h3> <ul> <li> <strong><code>ENTRYPOINT</code></strong>: The script <code>/usr/local/bin/entrypoint.sh</code> will always run when the container starts. This script generates the <code>index.html</code> file based on the environment (either development or production).</li> <li> <strong><code>CMD</code></strong>: The default argument is <code>development</code>, so by default, the container will serve a "development" page.</li> </ul> <h4> Building the docker image <code>my-nginx-app</code>: </h4> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker build <span class="nt">-t</span> my-nginx-app:v1.0.0 <span class="nb">.</span> <span class="nt">-f</span> Dockerfile.shell </code></pre> </div> <h4> Running the container without arguments (default to development): </h4> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker run <span class="nt">-d</span> <span class="nt">-p</span> 8080:80 <span class="nt">--name</span> development-nginx-container my-nginx-app:v1.0.0 </code></pre> </div> <p>This will generate an <code>index.html</code> file containing:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="nt">&lt;h1&gt;</span>Welcome to the Development Page<span class="nt">&lt;/h1&gt;</span> </code></pre> </div> <p>Visit <code>http://localhost:8080</code> to see the development page.</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhgrnexy9k425forqr9y0.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhgrnexy9k425forqr9y0.png" alt="Development Page" width="800" height="406"></a></p> <h4> Overriding CMD to run in production: </h4> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker run <span class="nt">-d</span> <span class="nt">-p</span> 8081:80 <span class="nt">--name</span> production-nginx-container my-nginx-app:v1.0.0 production </code></pre> </div> <p>This will generate an <code>index.html</code> file containing:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="nt">&lt;h1&gt;</span>Welcome to the Production Page<span class="nt">&lt;/h1&gt;</span> </code></pre> </div> <p>Now, visiting <code>http://localhost:8081</code> will show the production page.</p> <h2> <img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7hwfkdxckpa0rdvjo7h8.png" alt="Production Page" width="800" height="406"> </h2> <h2> Key Takeaways </h2> <ul> <li> <strong><code>ENTRYPOINT</code></strong> defines a command that will always run when the container starts. It is well-suited for containers that must always perform a specific action (e.g., starting a web server or database).</li> <li> <strong><code>CMD</code></strong> provides default arguments to <code>ENTRYPOINT</code>. If there’s no <code>ENTRYPOINT</code>, <code>CMD</code> acts as the primary command itself. It's flexible, allowing you to customize the behavior of your containers easily.</li> </ul> <h3> When to Use ENTRYPOINT </h3> <p>Use <code>ENTRYPOINT</code> when you need the container to run a specific process consistently, like a web server, background service, or database.</p> <h3> When to Use CMD </h3> <p>Use <code>CMD</code> to provide default arguments or when you want to allow users to override the command without altering the core functionality of the container.</p> <h2> Conclusion </h2> <p>By understanding the differences between <code>ENTRYPOINT</code> and <code>CMD</code>, you can build flexible, reusable Docker containers. <code>ENTRYPOINT</code> ensures that a container always performs a specific action, while <code>CMD</code> lets you adjust that behavior without changing the container's core functionality. Together, they provide a powerful combination for building efficient Docker images, as demonstrated by the examples above. Whether you're configuring a simple utility or dynamically creating environment-based content, mastering these instructions will enhance your Docker workflows.</p> docker devops bash beginners