Configuration
Configuration Syntax¶
Terraform uses text files to describe infrastructure and to set variables. These text files are called Terraform configurations and end in .tf
The format of the configuration files are either in Terraform format or in JSON. The Terraform format is more human-readable, supports comments, and is the generally recommended
Terraform format ends in .tf
and JSON format ends in .tf.json.
The syntax of Terraform configurations is called HashiCorp Configuration Language (HCL).
Example:
# An AMI
variable "ami" {
description = "the AMI to use"
}
/* A multi
line comment. */
resource "aws_instance" "web" {
ami = "${var.ami}"
count = 2
source_dest_check = false
connection {
user = "root"
}
}
- Single line comments start with
#
- Multi-line comments are wrapped with
/* and */
- Values are assigned with the syntax of
key = value
- Strings are in double-quotes.
- Strings can interpolate other values using syntax wrapped in
${}
, such as${var.foo}
. - Boolean values:
true, false
. - Lists of primitive types can be made with square brackets
([])
. Example:["foo", "bar", "baz"]
. - Maps can be made with braces
({})
and colons(:): { "foo": "bar", "bar": "baz" }
.
Interpolation¶
- Interpolations are wrapped in
${}
, such as${var.foo}
- The interpolation syntax is powerful and allows you to reference variables, attributes of resources, call functions, etc.
- You can perform simple math in interpolations, allowing you to write expressions such as
${count.index + 1}
. And you can also use conditionals to determine a value based on some logic. - You can escape interpolation with double dollar signs:
$${foo}
will be rendered as a literal${foo}
.
Variables¶
User string variables¶
Use the var.
prefix followed by the variable name. For example, ${var.foo}
will interpolate the foo
variable value
Assigning Variables¶
From Command Line¶
You can set variables directly on the command-line with the -var flag. Any command in Terraform that inspects the configuration accepts this flag, such as apply, plan, and refres
$ terraform apply \
-var 'access_key=foo' \
-var 'secret_key=bar'
From a File¶
It is not recommended saving usernames and password to version control, but you can create a local secret variables file and use -var-file to load it.
$ terraform apply \
-var-file="secret.tfvars" \
-var-file="production.tfvars"
Lists¶
Lists are defined either explicitly or implicitly
implicitly by using brackets [...]
variable "cidrs" { default = [] }
variable "cidrs" { type = "list" }
cidrs = [ "10.0.0.0/16", "10.1.0.0/16" ]
Access the CIDR using:
cidr = ${"var.cidrs[0]"}
Maps¶
Maps are a way to create variables that are lookup tables
variable "amis" {
type = "map"
default = {
"us-east-1" = "ami-b374d5a5"
"us-west-2" = "ami-4b32be2b"
}
}
A variable can have a map type assigned explicitly, or it can be implicitly declared as a map by specifying a default value that is a map. The above demonstrates both.
To get the AMI vaulue for the var.region:
resource "aws_instance" "example" {
ami = "${lookup(var.amis, var.region)}"
instance_type = "t2.micro"
}
If var.region is not setup:
resource "aws_instance" "example" {
ami = "${lookup(var.amis, "us-west-2")}"
instance_type = "t2.micro"
}
-var
and -var-file
values
$ terraform apply -var 'amis={ us-east-1 = "foo", us-west-2 = "bar" }'