How to use Terraform resource meta arguments?
Terraform resource Meta-Arguments can be useful while setting up your cloud infrastructure. The resource arguments depends_on, count, for_Each, provider, lifecycle
has some features such as -
- You can create multiple
aws_resource
using thecount
for_each
can be used for iteration and can also help you to create multipleaws_resource
using the same blockprovider
is used for overriding terraform default behavior using thealias
- With
lifecycle
you can prevent destroy, create resource after destroy and ignore changes to be saved inside tstate
We will look into each resource meta arguments in a bit more details along with the example -
Table of Content
1. Count
As the name suggests count
can be used inside the aws_instance
block to specify how many resources you would like to create.
Here is an example in which we are going to spin 2 aws_instance -
1provider "aws" {
2 region = "eu-central-1"
3 access_key = "AKIATQ37NXB2HS7IVM5R"
4 secret_key = "MJy5JX6HIqHwP9gLAv+22kffS/jiDsMo2XLP9mZn"
5}
6
7resource "aws_instance" "ec2_example" {
8
9 count = 2
10 ami = "ami-0767046d1677be5a0"
11 instance_type = "t2.micro"
12
13 tags = {
14 Name = "Terraform EC2"
15 }
16}
Benefit of Count: -
-
You do not need to write the same resource block again if you want to create more than one resource.
-
It can also be used with modules and any kind of resource type available in terraform.
2. for_each
Similar to the previous step 1 for_each
can also be used for creating similar kinds of resources instead of creating a writing duplicate terraform block.
Here is one more example of terraforming block with for_each
-
1provider "aws" {
2 region = "eu-central-1"
3 access_key = "AKIATQ37NXB2HS7IVM5R"
4 secret_key = "MJy5JX6HIqHwP9gLAv+22kffS/jiDsMo2XLP9mZn"
5}
6
7resource "aws_instance" "ec2_example" {
8
9 for_each = {
10 instance1 = "t2.micro"
11 instance2 = "t2.micro"
12 }
13
14 ami = "ami-0767046d1677be5a0"
15 instance_type = each.value
16
17 tags = {
18 Name = "Terraform ${each.key}"
19 }
20}
As you can see in the above terraform block we have created 2 key-value pair instance1 = t2.micro
and instance2 = t2.micro
inside the for_each
block.
The next question is how to use key-value pair defined inside for_each?
The answer - It is very simple you can just simply type each.value and it will iterate over the values.
Here is a screenshot from aws after starting the aws_instance
3. provider
This meta argument is one of my favorite because it lets you override Terraform's default behavior. It can help you to create multiple configurations for a single cloud service provider (.e.g - AWS, GCP).
One simple example would be - "Suppose you want to create two aws_instance
one in eu-central-1
and another one in eu-nort-1
region, would it be possible for you to create in single main.tf file?"
Well, YES you can do that but to achieve this you need to use provider
inside your terraform file along with the alias
.
Here are the steps for using provider meta argument -
Step 1 - First create a simple provider
block in your terraform file -
1provider "aws" {
2 region = "eu-central-1"
3 access_key = "AKIATQ37NXB2HS7IVM5R"
4 secret_key = "MJy5JX6HIqHwP9gLAv+22kffS/jiDsMo2XLP9mZn"
5}
Step 2 - Create a one more provider
block but with an additional argument alias
1provider "aws" {
2 alias = "north"
3 region = "eu-north-1"
4 access_key = "AKIATQ37NXB2HS7IVM5R"
5 secret_key = "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"
6}
Step 3 - Here is the final terraform file in which we are going to create 2 aws instance with one in eu-north-1
region and another in eu-central-1
region -
1provider "aws" {
2 alias = "north"
3 region = "eu-north-1"
4 access_key = "AKIATQ37NXB2HS7IVM5R"
5 secret_key = "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"
6}
7
8provider "aws" {
9 region = "eu-central-1"
10 access_key = "AKIATQ37NXB2HS7IVM5R"
11 secret_key = "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"
12}
13
14resource "aws_instance" "ec2_eu_north" {
15 provider = aws.north
16 ami = "ami-0ff338189efb7ed37"
17 instance_type = "t3.micro"
18 count = 1
19 tags = {
20 Name = "Terraform EC2"
21 }
22
23}
24
25resource "aws_instance" "ec2_eu_central" {
26 ami = "ami-0767046d1677be5a0"
27 instance_type = "t2.micro"
28 count = 1
29 tags = {
30 Name = "Terraform EC2"
31 }
32}
So as you can see provider
with alias
can be useful in case you want to spin/start multiple instances in the different regions of your cloud service provider.
4. lifecycle
This meta argument is a lifesaver if you are working in the production environment where you have to be very careful so that you do not accidentally destroy any resource.
With lifecyle
meta tag you can make sure that certain resources should not be deleted and you can also create a new similar resource after the terraform destroy
command.
There are three arguments which you can pass inside the lifecycle
block -
- create_before_destroy - Once you set this argument the resource will be created once again after you issue the terraform destroy command
- prevent_destroy - It prevents from destroying your terraform resource, once you set this terraform argument then the resource can not be destroyed
- ignore_changes - Suppose you have manually made some changes on aws or GCP but you want to prevent those changes to be saved inside your terraform
terraform.tfstate
file then you can useignore_changes
arguments.
Here is the sample code snippet (Please uncomment the arguments as per your need) -
1provider "aws" {
2 region = "eu-central-1"
3 access_key = "AKIATQ37NXB2HS7IVM5R"
4 secret_key = "MJy5JX6HIqHwP9gLAv+22kffS/jiDsMo2XLP9mZn"
5}
6
7resource "aws_instance" "ec2_example" {
8
9 count = 2
10 ami = "ami-0767046d1677be5a0"
11 instance_type = "t2.micro"
12
13 tags = {
14 Name = "Terraform EC2"
15 }
16
17 lifecycle {
18 create_before_destroy = true
19 #prevent_destroy = true
20 #ignore_changes = [tags]
21 }
22}
Read More - Terragrunt -
Posts in this Series
- Securing Sensitive Data in Terraform
- Boost Your AWS Security with Terraform : A Step-by-Step Guide
- How to Load Input Data from a File in Terraform?
- Can Terraform be used to provision on-premises infrastructure?
- Fixing the Terraform Error creating IAM Role. MalformedPolicyDocument Has prohibited field Resource
- In terraform how to handle null value with default value?
- Terraform use module output variables as inputs for another module?
- How to Reference a Resource Created by a Terraform Module?
- Understanding Terraform Escape Sequences
- How to fix private-dns-enabled cannot be set because there is already a conflicting DNS domain?
- Use Terraform to manage AWS IAM Policies, Roles and Users
- How to split Your Terraform main.tf File into Multiple Files
- How to use Terraform variable within variable
- Mastering the Terraform Lookup Function for Dynamic Keys
- Copy files to EC2 and S3 bucket using Terraform
- Troubleshooting Error creating EC2 Subnet InvalidSubnet Range The CIDR is Invalid
- Troubleshooting InvalidParameter Security group and subnet belong to different networks
- Managing strings in Terraform: A comprehensive guide
- How to use terraform depends_on meta argument?
- What is user_data in Terraform?
- Why you should not store terraform state file(.tfstate) inside Git Repository?
- How to import existing resource using terraform import comand?
- Terraform - A detailed guide on setting up ALB(Application Load Balancer) and SSL?
- Testing Infrastructure as Code with Terraform?
- How to remove a resource from Terraform state?
- What is Terraform null Resource?
- In terraform how to skip creation of resource if the resource already exist?
- How to setup Virtual machine on Google Cloud Platform
- How to use Terraform locals?
- Terraform Guide - Docker Containers & AWS ECR(elastic container registry)?
- How to generate SSH key in Terraform using tls_private_key?
- How to fix-Terraform Error acquiring the state lock ConditionalCheckFiledException?
- Terraform Template - A complete guide?
- How to use Terragrunt?
- Terraform and AWS Multi account Setup?
- Terraform and AWS credentials handling?
- How to fix-error configuring S3 Backend no valid credential sources for S3 Backend found?
- Terraform state locking using DynamoDB (aws_dynamodb_table)?
- Managing Terraform states?
- Securing AWS secrets using HashiCorp Vault with Terraform?
- How to use Workspaces in Terraform?
- How to run specific terraform resource, module, target?
- How Terraform modules works?
- Secure AWS EC2s & GCP VMs with Terraform SSH Keys!
- What is terraform provisioner?
- Is terraform destroy needed before terraform apply?
- How to fix terraform error Your query returned no results. Please change your search criteria and try again?
- How to use Terraform Data sources?
- How to use Terraform resource meta arguments?
- How to use Terraform Dynamic blocks?
- Terraform - How to nuke AWS resources and save additional AWS infrastructure cost?
- Understanding terraform count, for_each and for loop?
- How to use Terraform output values?
- How to fix error configuring Terraform AWS Provider error validating provider credentials error calling sts GetCallerIdentity SignatureDoesNotMatch?
- How to fix Invalid function argument on line in provider credentials file google Invalid value for path parameter no file exists
- How to fix error value for undeclared variable a variable named was assigned on the command line?
- What is variable.tf and terraform.tfvars?
- How to use Terraform Variables - Locals,Input,Output
- Terraform create EC2 Instance on AWS
- How to fix Error creating service account googleapi Error 403 Identity and Access Management (IAM) API has not been used in project before or it is disabled
- Install terraform on Ubuntu 20.04, CentOS 8, MacOS, Windows 10, Fedora 33, Red hat 8 and Solaris 11