Variable Interpolation in Terraform - terraform

I am having trouble in variable interpolation in terraform. Here is what my terraform configuration looks like. i.e variable inside builtin function
variable "key" {}
ssh_keys {
path = "/home/${var.provider["user"]}/.ssh/authorized_keys"
key_data = "${file(${var.key})}"
}
Command: terraform apply -var 'key=~/.ssh/id_rsa.pub'
It's not reading the value of "key" from command line argument or from env variable. However when i hardcore the value in .tf file, it works. Like below.
key_data = "${file("~/.ssh/id_rsa.pub")}"

The ${ ... } syntax is only used when embedding an expression into a quoted string. In this case, where your var.key variable is just being passed as an argument to a function already within a ${ ... } sequence, you can just reference the variable name directly like this:
key_data = "${file(var.key)}"
Nested ${ ... } sequences are sometimes used to pass an interpolated string to a function. In that case there would first be a nested set of quotes to return to string context. For example:
key_data = "${file("${path.module}/${var.key_filename}")}"
In this more complicated case, the innermost string expression is first evaluated to join together the two variables with a /, then that whole string is passed to the file function, with the result finally returned as the value of key_data.

It doesn't work because you were using the wrong flag for the scenario you described above.
If you want to specify a path to a file use the "-var-file" flag as follow:
terraform apply -var-file=~/.ssh/id_rsa.pub
If you must use the "-var" flag then you must specify the content of the file as follow:
terraform apply -var 'key=contenctOFPublicKey'

ssh_keys - (Optional) Specifies a collection of path and key_data to be placed on the virtual machine.
Note: Please note that the only allowed path is /home/<username>/.ssh/authorized_keys due to a limitation of Azure.
refer: AZURERM_VIRTUAL_MACHINE

Related

Reference Terraform variable in shell script using templatefile function

I have a shell script to download a http link using wget:
wget -qO - "${mojang_server_url}"
I want to enter this link in a tfvars file, and then reference this in the shell script using Terraform.
I found a good solution here using template_file data source (it works)
data "template_file" "setup_script" {
template = file("setup.sh")
vars = {
mojang_server_url = "${var.mojang_server_url}"
}
}
However, the official Terraform documentation for template_file tells me I should be using the templatefile function instead?
I can't seem to figure out the syntax for this function, here's what I've got:
templatefile("setup.sh",{"mojang_server_url"="${var.mojang_server_url}")
it highlights templatefile, saying:
Argument or block definition required: An argument or block definition
is required here. To set an argument, use the equals sign "=" to
introduce the argument value.
Is there a way to make it so this can reference the tfvars variable ina shell script?
thank you!
You just simply have to provide a map as an input for the second argument:
data "template_file" "setup_script" {
template = templatefile("setup.sh",
{
mojang_server_url = var.mojang_server_url
}
)
}

Error: Invalid multi-line string terraform

I am trying to define a resource but Terraform complains
resource "aws_cloudwatch_event_target" "my-functions-order-machine-completion-target" {
target_id = "some target id"
rule = aws_cloudwatch_event_rule.my-functions-order-machine-completion-rule.name
arn = module.lambda["myLambda"].function_arn
}
error:
Quoted strings may not be split over multiple lines. To produce a multi-line
string, either use the \n escape to represent a newline character or use the
"heredoc" multi-line template syntax.
I saw Heredoc Strings but not sure how to use this after "resource"
Although not a great answer, shortening the name of the resource sorted out the issue for me.
I also tried interpolation syntax like so which did not work:
resource "resource" "${var.name}"

How to use format function in Terraform

I am trying to register an application in Azure AD using TF and i would like to define some redirect URIs using the arg as mentioned in the link --> https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/application :
reply_urls = ["https://replyurl"]
But i have to put 3 URIs and the format of the URI is like this below :
https://(project code)-yellow-(resourcegroup).azurewebsites.net/oauth2-redirect.html
https://(project code)-blue-(resourcegroup).azurewebsites.net/oauth2-redirect.html
https://(project code)-green-(resourcegroup).azurewebsites.net/oauth2-redirect.html
So the second part is changing only and the other part is constant. We cannot hardcode URIs for best practices
Also, we need to use format function
So can anyone tell how to put the reply_urls using the format function so that only the middle part changes as described above
Also, can this be done in any way using concat for that matter
You can pass the project_id and resourcegroup as input parameters to your TF code:
variable "project_id" {}
variable "resource_group" {}
Then your reply_urls could be:
reply_urls = [
format("https://%s-yellow-%s.azurewebsites.net/oauth2-redirect.html", var.project_id, var.resource_group),
format("https://%s-blue-%s.azurewebsites.net/oauth2-redirect.html", var.project_id, var.resource_group),
format("https://%s-green-%s.azurewebsites.net/oauth2-redirect.html", var.project_id, var.resource_group)
]

Question about referencing specific indexes in Terraform Interpolation

Let me first start out by saying that I currently have a working terraform configuration, however my IDE (VSCode; using the mauve.terraform extension, v 1.3.12) complains about my syntax when I do something like:
virtual_machine_name = "${azurerm_virtual_machine.sql["${count.index}"].name}"
It complains that it's expecting a '}' but found a '.'.
Should I be writing this out differently, or in a more "correct" manner? I'm fairly new to working with terraform so I'm sure my syntax could use some help.
Thanks in advance!
For reference, here's my full resource block:
resource "azurerm_virtual_machine_extension" "sql" {
name = "OMSExtension"
location = "${data.azurerm_resource_group.generics_sql_dev.location}"
resource_group_name = "${data.azurerm_resource_group.generics_sql_dev.name}"
virtual_machine_name = "${azurerm_virtual_machine.sql["${count.index}"].name}"
publisher = "Microsoft.EnterpriseCloud.Monitoring"
type = "MicrosoftMonitoringAgent"
type_handler_version = "1.0"
auto_upgrade_minor_version = true
count = "${var.sql_node_count}"
settings = <<-BASE_SETTINGS
{
"workspaceId" : "${data.azurerm_log_analytics_workspace.oms.workspace_id}"
}
BASE_SETTINGS
protected_settings = <<-PROTECTED_SETTINGS
{
"workspaceKey" : "${data.azurerm_log_analytics_workspace.oms.primary_shared_key}"
}
PROTECTED_SETTINGS
}
From Terraform 0.12 and later, the "standard" way to write that is:
virtual_machine_name = azurerm_virtual_machine.sql[count.index].name
What you tried would also work in Terraform 0.12, but the string interpolations are redundant in that version. It works in Terraform 0.12 because of a special backward-compatibility rule that if a quoted string sequence consists only of a single interpolation (like "${ ...anything ... }") then Terraform will ignore the quotes and just return the inner expression value directly.
That's only supported for backward-compatibility with configurations written for Terraform 0.11 and so I'd recommend avoiding it if you are using Terraform 0.12 or later; it tends to hurt readability by leaving a reader wondering if it implies conversion to a string.
For Terraform 0.11 and earlier, one level of string interpolation is required and indexing must be against a "splat operator":
virtual_machine_name = "${azurerm_virtual_machine.sql.*.name[count.index]}"
The azurerm_virtual_machine.sql.*.name part here produces a list of name values, and then [count.index] selects one of them. This approach is required in Terraform 0.11 and earlier because in those versions the index operator [...] must always come at the end of a sequence of traversal steps.

How to check if string contains a substring in terraform interpolation?

How do you check if a terraform string contains another string?
For example, I want to treat terraform workspaces with "tmp" in the name specially (e.g. allowing rds instances to be deleted without a snapshot), so something like this:
locals
{
is_tmp = "${"tmp" in terraform.workspace}"
}
As far as I can tell, the substr interpolation function doesn't accomplish this.
For terraform 0.12.xx apparently you are suppose to use regexall to do this.
From the manual for terraform 0.12.XX:
regexall() documentation
regexall can also be used to test whether a particular string matches a given pattern, by testing whether the length of the resulting list of matches is greater than zero.
Example from the manual:
> length(regexall("[a-z]+", "1234abcd5678efgh9"))
2
> length(regexall("[a-z]+", "123456789")) > 0
false
Example applied to your case in terraform 0.12.xx syntax should be something like:
locals
{
is_tmp = length(regexall(".*tmp.*", terraform.workspace)) > 0
}
It also specifically says in the manual not to use "regex" but instead use regexall.
If the given pattern does not match at all, the regex raises an error. To test whether a given pattern matches a string, use regexall and test that the result has length greater than zero.
As stated above this is because you will actually get an exception error when you try to use it in the later versions of 0.12.xx that are out now when you run plan. This is how I found this out and why I posted the new answer back here.
You can indirectly check for substrings using replace, e.g.
locals
{
is_tmp = "${replace(terraform.workspace, "tmp", "") != terraform.workspace}"
}
Like #MechaStorm, with Terrafor 0.12.7+ you can use regex to return a Boolean value if your string contains a particular substring
locals {
is_tmp = contains(regex("^(?:.*(tmp))?.*$",terraform.workspace),"tmp")
}
The regex query returns a list of capture groups for any characters before tmp, tmp if found, any characters after tmp. Then contains looks for "tmp" in the list and returns true or false. I am using this type of logic in my own terraform.
Length of the list produced by split function is greater than one when separtor is a substring.
locals {
is_tmp = length(split("tmp", terraform.workspace)) > 1
}
Use replace( string, search, replace ) as in the snippet:
// string contains ABBA = result is ABBA
output "match" {
value = "${ replace("xxxABBAyyy", "/(?:.*)(ABBA)(?:.*)/", "$1") }"
}
// string doesn't contain ABBA = result is original string
output "no_match" {
value = "${ replace("xxxBABAyyy", "/(?:.*)(ABBA)(?:.*)/", "$1")}"
}
// string contains ABBA (ingorecase) = result is AbBA
output "equals_ignorecase" {
value = "${ replace("xxxAbBAyyy", "/(?:.*)((?i)ABBA)(?:.*)/", "$1")}"
}
An output of terraform apply is:
Outputs:
equals_ignorecase = AbBA
match = ABBA
no_match = xxxBABAyyy
In terraform 0.12.7, we now have regex . This may help simplify some code and make it readable to some (perhaps?)
> regex("[a-z]+", "53453453.345345aaabbbccc23454")
aaabbbccc
I use this way to check if bucket name start with test-tmp
eg. test-tmp, test-tmp-app1, test-tmp-db1 etc..
is_test_bucket = can(regex("^(test-tmp){1}($|-{1}.*$)", var.bucket_name))
Something that makes sense reading, IMHO:
locals {
is_tmp = can(regex("tmp", terraform.workspace))
}
This works because the regex function will raise an error if no matches are found.
Bonus: since Terraform 1.3.x, there are the new startswith and endswith functions that can be handy in a good amount of cases.

Resources