#terraform-0_12 (2019-08)
Discuss upgrading to terraform 0.12
Archive: https://archive.sweetops.com/terraform-0_12/
2019-08-02
P.S. since I am not sure if anybody used this trick, but someone on reddit ask the question and I did a small recording of it
basically due to show behaviour changed in 0.12
you can generate terraform code from any resource that support import
way cool
so it is like terraforming ?
similar, but the nice thing about the trick above is that it apply to any resouurce
not limited to aws
as long as the resource support import
ohhh I c ok, yep that is cool
2019-08-05
Just made https://github.com/Flaconi/terraform-aws-waf-acl-rules using the for_each directive
2019-08-06
hi guys, quick one
is hcl string or weak type?
hcl1 was completely string based (loose/weak typing)
hcl2 added some strong typing by having first-class bool, number and object types
thanks!
(so you can define it as map(list(string))
2019-08-07
Guys, I am looking how can I tag resources dynamically, and without repeating same block of code with one change.
# Resource 1
tags = merge(
var.tags,
map(
"Name", format("dev-bastion-0%s.${var.domain}",count.index+1),
"type", "bastion"
)
)
# Resource 2
tags = merge(
var.tags,
map(
"Name", format("dev-app-0%s.${var.domain}",count.index+1),
"type", "app"
)
)
any suggestions are welcome, thanks
Have you looked at terraform-null-label?
it supports inheritance using context
2019-08-08
Awesome. Thanks @Erik Osterman (Cloud Posse)
2019-08-12
Hello! I want to share with you resource:for_each and dynamicfor_each construction for terraform 12.6 . Hope this helps you work with large arrays of resources. https://github.com/devops-best-practices/terraform-best-practice/blob/master/s3.tf
Hey people, looking for terraform template on vpc peering ( syntax 0.12) any help plz
2019-08-15
Any ideas about Error: Invalid combination of "count" and "for_each" in TF 0.12 ?
What are the semantics of for_each to replicate boolean logic of count?
nvm, got it
Does 0.12 have the ability to do nested loops?
for_each gives you each.key / each.value
I want to loop through each.value too
it does, one moment
ah ha, think I can… for foo in bar
lol
playing with null again ?
No, playing with loops, no null
Nothing particularly complex either, sigh
back to count for me.
hey, not sure where the best place to ask this is, curious if there is a place where ya’ll are tracking compatibility with terraform 0.12? I am making use primarily of https://github.com/cloudposse/terraform-aws-eks-workers and https://github.com/cloudposse/terraform-aws-eks-cluster (great modules btw!), happy also to help get them ported, but just was curious if you have a guide on how you are approaching that? I noticed it looks like you are maintaining a 0.11 branch
I have an existing aws ecs cluster (made by hand) and would like to update it by using terraform. Is there any documentation for updating existing aws services (alb, ecr, ecs)?
Alternatively, if you are doing imports at scale: https://github.com/dtan4/terraforming
2019-08-16
2019-08-19
2019-08-20
Anyone know how to access the iterator count within a dynamic block? EG:
dynamic "security_rule" {
for_each = module.tf-var-globals.wl-trust
content {
name = "${local.saname_prefix}-wl-tcp-${count.index}"
priority = "14${count.index}"
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "80"
source_address_prefix = "${security_rule.value.ip}"
description = "${security_rule.value.description}"
destination_address_prefix = "*"
}
}
Yes I do : dynamic “website” { for_each = contains(each.value.type, “website”) ? [each.value.website] : [] content { error_document = each.value.website.error_document index_document = each.value.website.index_document } }
https://github.com/devops-best-practices/terraform-best-practice/blob/master/s3.tf
===================== for_each = contains(each.value.type, “website”) ? [each.value.website] : [] =====================
If at all possible
The iterator object has two attributes:
key is the map key or list element index for the current element. If the for_each expression produces a set value then key is identical to value and should not be used.
value is the value of the current element.
if module.tf-var-globals.wl-trust is a list, then name = "${local.saname_prefix}-wl-tcp-${security_rule.key}"
Thanks!!
If using a list it must be a set(list) if you are using for_each. Otherwise maps are fine.
for_each could be used with any collection type
map, list, set
it does not have to be always a set
Hmm, I remember trying to pass in a list of strings and explicitly getting a failure for this.
I could of been doing something weird, as it was a local variable being passed into a module, the module manipulating that var and creating a list.
Lots of places where I could of gone wrong I think
Error: Invalid for_each argument
on .terraform/modules/inventor/github.tf line 56, in resource "github_repository_webhook" "discord":
56: for_each = var.discord_webhooks
The given "for_each" argument value is unsuitable: the "for_each" argument
must be a map, or set of strings, and you have provided a value of type list
of dynamic.
Where var.discord_webhooks was something like: ["a8efu9a8fuae8u9f8eua98fu", "a3ijoij40958092840932j"]
Within the var definition, it was associated explicitly with the list type and when I had changed it to set(list) was resolved.
0.12.6 for reference, unsure if it’s applicable all the time but in my specific case it helped me.
dynamic looks so useful! Haven’t been able to try it out yet.
Would help me be more DRY with file provisioners in some of the resources I have. Any sub-resource block expansion really
2019-08-22
How do you go about creating N of a module resource when looping a list of names?
For instance I have a list of ecr repos and I want to have the module create a repo for every item in the list of strings
I’m aware the for each is there for resources but I csnt seem to get it working for a module.
New account as that was registered to my old work email so couldn’t log in on different devices.
It doesnt seem like you can use for each or dynamic in a module
Error: The role “arn
iam:role/gc-invoicedataimport-function-role” cannot be assumed.
There are a number of possible causes of this - the most common are:
* The credentials used in order to assume the role are invalid
* The credentials do not have appropriate permission to assume the role
* The role ARN is not valid
2019-08-23
The variable “lambda_settings” is required, so Terraform cannot proceed without a defined value for it.
anyone came across this issues
2019-08-25
@Sharanya you’ll need to specify what module you’re using and provide some more info before anyone can give you any precise help. But the error is pretty clear that you need to set the variable lambda_settings to something appropriate for whatever requires it.
2019-08-27
I am trying to upgrade to 0.12.6 from 0.11.4, with aws emr cluster, I am using multiple bootstrap_action scripts. Now I am getting error: resource “aws_emr_cluster” “cluster”: 124: bootstrap_action = [
An argument named “bootstrap_action” is not expected here. Did you mean to define a block of type “bootstrap_action”?
any suggestions?
Use dynamic blocks
In CloudPosse GitHub, search for emr-cluster
It’s already in 0.12
Deployed it today, so should work :)
Thanks, Let me check that
and the same thing applies for having multiple steps also?
var.bootstrap_action is a list of objects (each representing a step)
2019-08-28
Can I get some input pls on for_each?
resource "aws_iam_user" "mfa_user" {
for_each = toset(var.users)
name = each.value
force_destroy = true
}
resource "aws_iam_user_group_membership" "mfa" {
user = aws_iam_user.mfa_user
groups = [
aws_iam_group.mfa_group.name
]
depends_on = [aws_iam_user.mfa_user]
}
I’ve tried all variations of the syntax and even had the for_each inside the membership resource…
I need the users to be created from a list of names, and then I need them adding to a group. It also needs to be in that order else the group_membership resource complains about missing users (?)
I just can’t seem to nail this for_each thing in 0.12
NVM I gots it
resource "aws_iam_user" "mfa_user" {
for_each = toset(var.users)
name = each.value
force_destroy = true
}
resource "aws_iam_user_group_membership" "mfa" {
for_each = toset(var.users)
user = aws_iam_user.mfa_user[each.key].name
groups = [
aws_iam_group.mfa_group.name
]
depends_on = [aws_iam_user.mfa_user]
}
For reference
does terraform 0.12 supports MFA properly now ?
Did anyone Come across NPM memory Issues ?
2019-08-29
@Sharanya How is that related to Terraform ? Please check out http://www.catb.org/~esr/faqs/smart-questions.html https://rurounijones.github.io/blog/2009/03/17/how-to-ask-for-help-on-irc/
@Erik Osterman (Cloud Posse) looks like 0.12 for_each on modules is still not yet developed, it is purely reserved ATM https://github.com/hashicorp/terraform/issues/17519
I’m either going to PR your ECR (https://github.com/cloudposse/terraform-aws-ecr) module to support for_each or work on it privately and have it as an internal module. What’s your pref as that would change a chunk of the code?
ahk, i got it mixed up