Using Functions and Variables¶
Working with Variables¶
Name, type, default
Multiple sources
File, environment variable, var option
Overriding variables and precedence
Environment, file, command line
Select values based on environment
Split Terraform configuration file
Variable Examples¶
#Specify default variable and type
variable "environment_name" {
type = string
defualt = "development"
}
#Specify variable in file
environment_name = "uat"
#Specify variable in-file
terraform plan -var 'environment_name=production'
#Create variable map
variable "cidr" {
type = map(string)
default = {
development = "10.0.0.0/16"
uat = "10.1.0.0/16"
production = "10.2.0.0/16"
}
}
#Use map based on environment
cidr_block = lookup(var.cidr, var.environment_name)
Multiple Environments¶
Commonality and differences
Abstractiosn and ruse
Production access
Using workspaces
Multiple Environment Decisions¶
State management
Variables data
Credentials management
Complexity and overhead
State File Example¶
Main - main.config.tf - common.tfvars
Dev
- dev.state
- dev.tfvars
-terraform plan -state="./dev/dev.state" -var-file="common.tfvars" -var-file="./dev/dev.tfvars"
UAT
- uat.state
- uat.tfvars
- terraform plan -state="./uat/uat.state" -var-file="common.tfvars" -var-file="./uat/uat.tfvars"
Prod
- prod.state
- prod.tfvars
- terraform plan -state="./prod/prod.state" -var-file="common.tfvars" -var-file="./prod/prod.tfvars"
Workspaces Example¶
main.config.tf
terraform.tfvars
terraform.tfstate.d (folder)
terraform workspace new dev
terraform plan
Managing Secrets¶
Variables file
Environment variable
Secrets management
Environment Variables¶
#AWS Environment Variables
AWS_ACCESSS_KEY_ID
AWS_SECRET_ACCESS_KEY
AWS_SHARED_CREDENTIALS_FILE
AWS_PROFILE
#Powershell
$env:AWS_ACCESS_KEY_ID="AASAS9283708FDKJ"
#Linux
export AWS_ACCESS_KEY_ID="AASAS9283708FDKJ"