I have recently separated terraform files from it's variable file as per below structure
(root)
| main.tf
| users.tf
| roles.tf
├── Configuration (folder)
├──── azure-pipelines.yml
├──── .gitignore
├──── variables.tf
and since then I am getting bellow error messages
│ Error: Unsupported attribute
│
│ on main.tf line 77, in resource "azurerm_key_vault_secret" "primary_account_storage_access_key":
│ 77: name = "${module.variables.storage-account_name}-access-key"
│ ├────────────────
│ │ module.variables is a object, known only after apply
│
│ This object does not have an attribute named "storage-account_name".
╵
╷
│ Error: Unsupported attribute
│
│ on main.tf line 78, in resource "azurerm_key_vault_secret" "primary_account_storage_access_key":
│ 78: value = module.variables.storage-access_key
│ ├────────────────
│ │ module.variables is a object, known only after apply
│
│ This object does not have an attribute named "storage-access_key".
╵
This is how problematic resource "primary_account_storage_access_key" is defined
resource "azurerm_key_vault_secret" "primary_account_storage_access_key" {
depends_on = [azurerm_key_vault_access_policy.terraform_sp_access]
key_vault_id = data.azurerm_key_vault.azvault.id
name = "${module.variables.storage-account_name}-access-key"
value = module.variables.storage-access_key
}
Module is defined as below:
module "variables" {
source = "./Configuration"
}
I have no issue with utilizing the same module in other resources placed in the same file (main.tf)
terraform {
backend "azurerm" {
resource_group_name = module.variables.storage-resource_group_name
storage_account_name = module.variables.storage-storage_account_name
container_name = module.variables.storage-container_name
key = module.variables.storage-key
}
}
Found articles here on the site focusing on the error suggesting
"splat" operator with "toset" / "one" function, however that did not help:
name = "${toset(module.variables[*].storage-account_name)}-access-key"
value = toset(module.variables[*].storage-access_key)
name = "${one(module.variables[*].storage-account_name)}-access-key"
value = one(module.variables[*].storage-access_key)
Content of variables.tf what child module variables uses:
variable "storage-resource_group_name" {
type = string
default = "Reporting-HFM-integration-rg"
}
variable "storage-account_name" {
type = string
default = "reportinghfmintegration"
}
variable "storage-container_name" {
type = string
default = "tfstate-blob"
}
variable "storage-key" {
type = string
default = "terraform.tfstate"
}
variable "storage-access_key" {
type = string
default = "u3K..."
}
variable "keyVault-name" {
type = string
default = "se-dataplat-dwvault-prod"
}
variable "keyVault-resource_group_name" {
type = string
default = "AzureDataPlatform-dwtools-prod-rg"
}
variable "keyVault-id" {
type = string
default = "/subscriptions/23a89ca1-9743-4b3b-b5ff-41cea9985deb/resourceGroups/..."
}
Related
I have a module that accepts the following variable
variable "policy" {
description = "The policy to be created"
type = map(list(object({
path = string
capabilities = list(string)
})))
}
I am then calling the above module from another one
module "policies" {
source = "../path/to/module/above"
for_each = var.policies.policies
policy = each.value
}
Where var.policies is declared in terragrunt.hcl
locals {
policies = yamldecode(file("config.yaml"))
}
inputs = {
policies = local.policies
}
and config.yaml
policies:
policy-test-1:
- capabilities:
- read
- create
path: /foo/lala
- capabilities:
- read
- create
path: /bar/lala
policy-test-2:
- capabilities:
- update
- delete
path: /foo/lala
This fails:
╷
│ Error: Invalid value for input variable
│
│ on main.tf line 38, in module "policies":
│ 38: policy = each.value
│
│ The given value is not suitable for
│ module.policies["policy-test-2"].var.policy declared at
│ ../path/to/module/above/variables.tf:5,1-18: map of
│ list of object required.
╵
╷
│ Error: Invalid value for input variable
│
│ on main.tf line 38, in module "policies":
│ 38: policy = each.value
│
│ The given value is not suitable for
│ module.policies["policy-test-1"].var.policy declared at
│ ../path/to/module/above/variables.tf:5,1-18: map of
│ list of object required.
Why isn't each var.policies.policies a map of list of objects? Isn't supposed to be an
policy-test-1 : {
[
{
capabilities = ["create", "read"]
path = "/foo/lala"
},
{
capabilities = ["create", "read"]
path = "/bar/lala"
}
]
}
which is a map (with key policy-test-1) of a list of objects, each object in the list being of
{
path = string
capabilities = list(string)
}
type?
The correct type for your policy is a list, not a map, because your each.value will be a list:
variable "policy" {
description = "The policy to be created"
type = list(object({
path = string
capabilities = list(string)
}))
}
I'm trying to create a ssm parameter in aws for dyanamo db table with name and arn so it can be referenced by another application. I've tried a few different things but can't figure out what I'm doing wrong here. Can anyone tell me what is wrong here?
Thank you
Here's my main file with the module.
main.tf
locals {
prefix = "/this/is/a/test"
}
module "test_table" {
source = "git#github.com:test/terraform-modules.git//dynamodb"
name = "dynamo-${local.environment}"
ssm_parameter_prefix = local.prefix
tags = {
Environment = local.environment
}
}
resource "aws_ssm_parameter" "table_name" {
provider = aws.east
name = "${local.prefix}/new/table-name"
type = "String"
value = module.test_table.name
}
resource "aws_ssm_parameter" "table_arn" {
provider = aws.east
name = "${local.prefix}/new/table-arn"
type = "String"
value = module.test_table.arn
}
Here is the output
outputs.tf
output "test_table" {
value = module.test_table
}
output "table_arn" {
value = module.test_table.arn
}
output "table_name" {
value = module.test_table.name
}
Terraform Error
│ Error: Unsupported attribute
│
│ on dynamo.tf line, in resource "aws_ssm_parameter" "table_name":
│ 118: value = module.test_table.name
│ ├────────────────
│ │ module.test_table is a object, known only after apply
│
│ This object does not have an attribute named "name".
╵
╷
│ Error: Unsupported attribute
│
│ on dynamo.tf line, in resource "aws_ssm_parameter" "table_arn":
│ 125: value = module.test_table.arn
│ ├────────────────
│ │ module.test_table is a object, known only after apply
│
│ This object does not have an attribute named "arn".
╵
The output blocks you showed declare output values named table_arn and table_name, but your references are to module.test_table.name and module_test.table.arn.
You'll need to either change the output value names to match the references, or change the references to match the output value names. Specifically, you'll need to either remove the table_ prefix from each of your output value names, or add table_ to the front of the references like module.test_table.table_name and module.test_table.table_arn.
I am trying to create a resource in azure via Terraform. Even though I have declared all required variables, its erroring out. I am using modules for the same...
Here is the below code that I tried:
My Module's Bastion/main.tf that used to create resource:
resource "azurerm_public_ip" "syn_pip" {
name = "pip-${var.prefix}-${var.postfix}"
location = var.location
resource_group_name = var.rg_name
allocation_method = var.bastion_allocation_method
sku = var.bastion_sku_type
}
My modules's Bastion/variables.tf :
variable "bastion_allocation_method" {
type = string
description = "allocation method for bastion"
}
variable "bastion_sku_type" {
type = string
description = "sku to be used for bastion"
}
My root module bastion.tf :
module "bastion" {
source = "../modules/bastion"
rg_name = module.resource_group.name
location = module.resource_group.location
allocation_method = var.bastion_allocation_method
sku = var.bastion_sku_type
prefix = var.prefix
postfix = random_string.postfix.result
subnet_id = azurerm_subnet.bastion_subnet.id
}
root module's variable.tf:
variable "bastion_allocation_method" {
type = string
}
variable "bastion_sku_type" {
type = string
}
my terraform.tfvars which passed to terraform plan :
"bastion_allocation_method": "Static",
"bastion_sku_type": "Standard"
Error that I get:
│ Error: Missing required argument
│
│ on bastion.tf line 1, in module "bastion":
│ 1: module "bastion" {
│
│ The argument "bastion_allocation_method" is required, but no definition was found.
╵
╷
│ Error: Missing required argument
│
│ on bastion.tf line 1, in module "bastion":
│ 1: module "bastion" {
│
│ The argument "bastion_sku_type" is required, but no definition was found.
╵
╷
│ Error: Unsupported argument
│
│ on bastion.tf line 7, in module "bastion":
│ 7: allocation_method = var.bastion_allocation_method
│
│ An argument named "allocation_method" is not expected here.
╵
╷
│ Error: Unsupported argument
│
│ on bastion.tf line 8, in module "bastion":
│ 8: sku = var.bastion_sku_type
│
│ An argument named "sku" is not expected here.
╵
Exited with code exit status 1
Can someone suggest, what is the mistake I am doing ?
In your Bastion module in the variables.tf you specify the arguments
variable "bastion_allocation_method" {
...
}
variable "bastion_sku_type" {
...
}
In your case your module expects the vars bastion_allocation_method and bastion_sku_type
But when you call the module, you dont pass the variable names properly
module "bastion" {
source = "../modules/bastion"
...
allocation_method = var.bastion_allocation_method
sku = var.bastion_sku_type
...
}
Use instead
module "bastion" {
source = "../modules/bastion"
...
bastion_allocation_method = var.bastion_allocation_method
bastion_sku_type = var.bastion_sku_type
...
}
The variable assignments that you pass in module clause should match the definitions in the module's variables.tf
The following block within a google_cloud_storage resource
dynamic "lifecycle_rule" {
for_each = var.bucket_lifecycle_rule
content {
condition {
age = lifecycle_rule.age
with_state = lifecycle_rule.with_state
}
action {
type = lifecycle_rule.type
storage_class = lifecycle_rule.storage_class
}
}
}
with the following variable declaration
variable "bucket_lifecycle_rule" {
description = "Lifecycle rules"
type = list(object({
age = string
with_state = string
type = string
storage_class = string
}))
default = [
{
age = 30
with_state = "ANY"
type = "SetStorageClass"
storage_class = "COLDLINE"
},
{
age = 120
with_state = "ANY"
type = "Delete"
storage_class = ""
},
]
}
errors out as follows:
│ Error: Unsupported attribute
│
│ on main.tf line 18, in resource "google_storage_bucket" "my_bucket":
│ 18: age = lifecycle_rule.age
│
│ This object does not have an attribute named "age".
╵
╷
│ Error: Unsupported attribute
│
│ on main.tf line 19, in resource "google_storage_bucket" "my_bucket":
│ 19: with_state = lifecycle_rule.with_state
│
│ This object does not have an attribute named "with_state".
╵
╷
│ Error: Unsupported attribute
│
│ on main.tf line 22, in resource "google_storage_bucket" "my_bucket":
│ 22: type = lifecycle_rule.type
│
│ This object does not have an attribute named "type".
╵
╷
│ Error: Unsupported attribute
│
│ on main.tf line 23, in resource "google_storage_bucket" "my_bucket":
│ 23: storage_class = lifecycle_rule.storage_class
│
│ This object does not have an attribute named "storage_class".
why is that?
You have to reference the properties from your objects with value:
dynamic "lifecycle_rule" {
for_each = var.bucket_lifecycle_rule
content {
condition {
age = lifecycle_rule.value.age
with_state = lifecycle_rule.value.with_state
}
action {
type = lifecycle_rule.value.type
storage_class = lifecycle_rule.value.storage_class
}
}
}
In the Terraform docs there is a note about this:
The iterator object has two attributes:
key is the map key or list element index for the current element. If
the for_each expression produces a set value then key is identical to value and should not be used.
value is the value of the current element.
I have two terraform files main.tf and var.tfvars:
main.tf:
provider "google" {
project = var.project_id
region = var.gcp_region
}
provider "aws" {
region = var.aws_region
alias = "aws"
}
vars.tfvars:
variable "gcp_region" {
type = string
default = "asia-southeast1"
}
variable "aws_region" {
type = string
default = "ap-southeast-2"
}
variable "project_id" {
type = string
default = "test-oidc-arosha"
}
when I run terraform apply, I got below error:
Error: Reference to undeclared input variable
│
│ on local.tf line 6, in locals:
│ 6: state_backet = "${local.component_name}-${local.part_name}-deployment-${var.aws_region}-${data.aws_caller_identity.current.account_id}"
│
│ An input variable with the name "aws_region" has not been declared. This variable can be declared
│ with a variable "aws_region" {} block.
╵
╷
│ Error: Reference to undeclared input variable
│
│ on main.tf line 2, in provider "google":
│ 2: project = var.project_id
│
│ An input variable with the name "project_id" has not been declared. This variable can be declared
│ with a variable "project_id" {} block.
╵
╷
│ Error: Reference to undeclared input variable
│
│ on main.tf line 3, in provider "google":
│ 3: region = var.gcp_region
│
│ An input variable with the name "gcp_region" has not been declared. This variable can be declared
│ with a variable "gcp_region" {} block.
I don't understand why I got this error even I already specified the default values for each variable.
My terraform version is:
$ terraform --version
Terraform v1.0.0
on darwin_amd64
+ provider registry.terraform.io/hashicorp/aws v3.45.0
+ provider registry.terraform.io/hashicorp/google v3.72.0
Change the name of you vars.tfvars file to variables.tf and it should pick up the default value. .tfvars files are for inputs to variables which are in turn defined in the variables.tf file (or any .tf file actually, doesn't matter what you call it.)
you need to add variable definition to your main.tf and then use your variable in var.tf approapriately
example
variable "aws_region" {
type = string
default = "ap-southeast-2"
}
var.tfvars
example
aws_region = {
Name = "created by jatin/terraform",
instance_type="t2.micro"
}