#terraform (2025-01)
Discussions related to Terraform or Terraform Modules
Archive: https://archive.sweetops.com/terraform/
2025-01-01
2025-01-04
trying to set up atmos and slightly new, I am having difficulty understanding how to use this _defaults.yaml
I am trying to work out how I can set up my s3 backend without having to put it in each stack yaml…
@Daniel Booth let’s use atmos
did oyu review this doc https://atmos.tools/quick-start/advanced/configure-terraform-backend
2025-01-07
v1.11.0-alpha20250107 1.11.0-alpha20250107 (January 7, 2025) ENHANCEMENTS:
init: Provider installation will utilise credentials configured in a .netrc file for the download and shasum URLs returned by provider registries. (https://github.com/hashicorp/terraform/pull/35843) New command modules -json: Displays a full list of all installed modules in a working directory, including whether each module is currently referenced by the…
2025-01-08
v1.10.4 1.10.4 (January 8, 2025) BUG FIXES:
type conversion: Empty map conversions now return correct type information (#36262)
terraform console: Fix crash when printing ephemeral values (<a href=”https://github.com/hashicorp/terraform/issues/36267” data-hovercard-type=”pull_request”…
Has anyone messed around with OpenTofu? What are your thoughts?
I’ve used it. Exactly the same as terraform, with different features
The one win terraform has over it is ephemeral. Opentofu will get it soon
Opentofus for each on providers is nice
Best thing about opentofu is that it can be used with any cicd due to the open license
Thanks for the insight, I learn something new everyday
2025-01-09
Hi everyone, I don’t know if I should post this here but I’m facing an issue when working with Localstack and trying to create some subnets using the dynamic-subnets module, during plan I can see the tags I’ve added to the module, but affter apply I cannot see the tags. Is this a known issue? or am I doing something wrong with my localstack setup?
hey, which input do you use to specify tags? also, for which resource are they missing?
They’re missing for the subnets I’m adding to the VPC:
paola.gonzalez@XXX 00-base % aws --endpoint-url=<http://localhost:4566> ec2 describe-subnets \
--filters "Name=vpc-id,Values=$(aws --endpoint-url=<http://localhost:4566> ec2 describe-vpcs --filters "Name=tag:Name,Values=ifeel-localstack-base-vpc-home-office" --query 'Vpcs[0].VpcId' --output text)" \
--query 'Subnets[*].[SubnetId,CidrBlock,AvailabilityZone,Tags[*]]' \
--output table
-----------------------------------------------------------------------
| DescribeSubnets |
+---------------------------+-------------------+-------------+-------+
| subnet-60dc36a52c049ce50 | 10.111.0.0/26 | us-east-1a | None |
| subnet-eab4817e855db8035 | 10.111.1.128/26 | us-east-1a | None |
| subnet-3a6faadc5bb1c2103 | 10.111.0.64/26 | us-east-1b | None |
| subnet-5b7bb25e10c543f41 | 10.111.1.192/26 | us-east-1b | None |
+---------------------------+-------------------+-------------+-------+
This is the output from the subnets, and I created them with:
# Module implementation for creating subnets for the home office VPC
module "subnets_home_office" {
source = "cloudposse/dynamic-subnets/aws"
version = "2.4.1"
namespace = local.namespace
environment = var.environment
stage = local.stage
name = "subnet"
attributes = ["home-office"]
availability_zones = local.azs
subnets_per_az_names = local.subnets_per_az_names
vpc_id = module.vpc_home_office.vpc_id
igw_id = [module.vpc_home_office.igw_id]
ipv4_cidr_block = [module.vpc_home_office.vpc_cidr_block]
nat_gateway_enabled = true
nat_instance_enabled = false
# Tags to apply during launch
tags = merge(local.default_tags, {
Resource-Type = "subnet" # Tag to identify the resource type
Security-Level = "high"
Access-Control = "strict"
})
}
Seems some odd behavior from Localstack, but I want to know if there’s some kind of configuration I’m missing because my other configurations relies on this tags
Hmm, mine don’t populate either:
----------------------------------------------------------------------------
| DescribeSubnets |
+-------------------+-----------------+----------------------------+-------+
| AvailabilityZone | CidrBlock | SubnetId | Tags |
+-------------------+-----------------+----------------------------+-------+
| us-east-1a | 172.31.0.0/20 | subnet-ec66b8ed96a309a47 | None |
| us-east-1b | 172.31.16.0/20 | subnet-a064bebd4c760222e | None |
| us-east-1c | 172.31.32.0/20 | subnet-3d16330ceebe12c84 | None |
| us-east-1d | 172.31.48.0/20 | subnet-54539814e1b4abd6e | None |
| us-east-1e | 172.31.64.0/20 | subnet-f5f75179de158b1d4 | None |
| us-east-1f | 172.31.80.0/20 | subnet-3e1fb295838bc26ad | None |
+-------------------+-----------------+----------------------------+-------+
Interesting find!
not sure if others have this particular use case, but would appreciate some support via on the feature request i opened for a new terraform aws resource to manage invoicing configurations for an aws organization… https://github.com/hashicorp/terraform-provider-aws/issues/40844
2025-01-10
Hi everyone, enjoying using Atmos :heart: I just had a quick clarification question regarding setting the remote_state_backend configuration, reading the backend configuration docs it says
When working with Terraform backends and writing/updating the state, the terraform-backend-read-write role will be used. But when reading the remote state of components, the terraform-backend-read-only role will be used.
Could someone clarify, this refers to using the remote_state terraform module only and not say if I ran
atmos terraform output my_component -s my_stack
or if I referenced an output in a stack via a yaml function such as
!terraform.output my_component my_stack my_output_value
This is the behavior I’m seeing, just wanting to know if I’m not doing something wrong
Mind moving this to atmos?
2025-01-14
The Hashitalks schedule was just released if anyone is interested: https://events.hashicorp.com/hashitalks2025