snippetterraformMinor
Is it possible to create a module that either creates a resource or sources a data source, based on a boolean value?
Viewed 0 times
createscreateresourcesourcebooleanmodulevalueeitherpossiblethat
Problem
Basically, what I'd like to do is create a module that does this pseudocode:
I hope I'm being clear. Happy to add more info to clarify what I'm hoping is possible.
if then
resource "" "name" {
# ... set variables ...
} else {
data "" "name" {
# grab data
}
output "resource_type.name" {
if then
value = resource_type.name
else
value = data_source.name
}I hope I'm being clear. Happy to add more info to clarify what I'm hoping is possible.
Solution
You can use the count meta-parameter to achieve the effects of an if-else statement. It is talked about in detail in the link below and I also pulled one relevant example out.
I'm not 100% sure if you can give both the data source and resource the same name without a conflict; but I assume it would work. It may be dependent on the resource you're creating though, not sure.
https://blog.gruntwork.io/terraform-tips-tricks-loops-if-statements-and-gotchas-f739bbae55f9
Excerpt:
To do this in Terraform, you can use the count parameter and a conditional expression on each of the resources:
I'm not 100% sure if you can give both the data source and resource the same name without a conflict; but I assume it would work. It may be dependent on the resource you're creating though, not sure.
https://blog.gruntwork.io/terraform-tips-tricks-loops-if-statements-and-gotchas-f739bbae55f9
Excerpt:
# This is just pseudo code. It won't actually work in Terraform.
if var.give_neo_cloudwatch_full_access {
resource "aws_iam_user_policy_attachment" "neo_cloudwatch_full" {
user = aws_iam_user.example[0].name
policy_arn = aws_iam_policy.cloudwatch_full_access.arn
}
} else {
resource "aws_iam_user_policy_attachment" "neo_cloudwatch_read" {
user = aws_iam_user.example[0].name
policy_arn = aws_iam_policy.cloudwatch_read_only.arn
}
}To do this in Terraform, you can use the count parameter and a conditional expression on each of the resources:
resource "aws_iam_user_policy_attachment" "neo_cloudwatch_full" {
count = var.give_neo_cloudwatch_full_access ? 1 : 0
user = aws_iam_user.example[0].name
policy_arn = aws_iam_policy.cloudwatch_full_access.arn
}
resource "aws_iam_user_policy_attachment" "neo_cloudwatch_read" {
count = var.give_neo_cloudwatch_full_access ? 0 : 1
user = aws_iam_user.example[0].name
policy_arn = aws_iam_policy.cloudwatch_read_only.arn
}Code Snippets
# This is just pseudo code. It won't actually work in Terraform.
if var.give_neo_cloudwatch_full_access {
resource "aws_iam_user_policy_attachment" "neo_cloudwatch_full" {
user = aws_iam_user.example[0].name
policy_arn = aws_iam_policy.cloudwatch_full_access.arn
}
} else {
resource "aws_iam_user_policy_attachment" "neo_cloudwatch_read" {
user = aws_iam_user.example[0].name
policy_arn = aws_iam_policy.cloudwatch_read_only.arn
}
}resource "aws_iam_user_policy_attachment" "neo_cloudwatch_full" {
count = var.give_neo_cloudwatch_full_access ? 1 : 0
user = aws_iam_user.example[0].name
policy_arn = aws_iam_policy.cloudwatch_full_access.arn
}
resource "aws_iam_user_policy_attachment" "neo_cloudwatch_read" {
count = var.give_neo_cloudwatch_full_access ? 0 : 1
user = aws_iam_user.example[0].name
policy_arn = aws_iam_policy.cloudwatch_read_only.arn
}Context
StackExchange DevOps Q#11204, answer score: 2
Revisions (0)
No revisions yet.