Reputation: 815
terraform conditional resource
I have the following and I want to know what I am doing wrong, as I am sure I shouldn't have to double my code just because of a condition.
So I want to do:
variable "https" { value = true }
resource "aws_security_group" "http_instance_sg" {
count = "${var.https ? 0 : 1}"
......
}
resource "aws_security_group" "https_instance_sg" {
count = "${var.https ? 1 : 0}"
......
}
resource "aws_elb" "fe_elb" {
security_groups = ["${var.https ? aws_aws_security_group.https_instance_sg.id : aws_aws_security_group.http_instance_sg.id}"]
.....
}
But when I do this terraform complains that http_instance_sg cant be found, which I get it hasn't be built, but surely I dont have to double up on all the code and have:
resource "aws_elb" "http_fe_elb" {
count = "${var.https ? 0 : 1}"
security_groups = ["${aws_aws_security_group.http_instance_sg.id}"]
.....
}
resource "aws_elb" "https_fe_elb" {
count = "${var.https ? 1 : 0}"
security_groups = ["${aws_aws_security_group.https_instance_sg.id}"]
.....
}
Upvotes: 10
Views: 6506
Answers (3)
Reputation: 3737
The way you are currently defining the code with a count means that the response of the resource is a list. This means you will need to access the values differently
resource "aws_elb" "fe_elb" {
security_groups = ["${var.https ? element(aws_security_group.https_instance_sg.*.id,0) : element(aws_security_group.http_instance_sg.*.id,0)}"]
.....
}
It's worth noting that you will get an error if you try to access a list that is empty using this method.
This means you will need to concat an empty value to each to ensure the response of element doesn't throw.
Example using concat
"${var.https ? element(concat(aws_security_group.https_instance_sg.*.id, list("")), 0) : element(concat(aws_security_group.http_instance_sg.*.id, list("")), 0)
Different approach
Without seeing the code I might ask here if there is an easier way to achieve what you are trying to do using a security_group_rule
variable "https" { value = true }
resource "aws_security_group" "instance_sg" {
# notice we no longer have a count here
}
resource "aws_elb" "fe_elb" {
security_groups = ["${aws_security_group.instance_sg.id}"]
.....
}
resource "aws_security_group_rule" "http" {
count = "${var.https ? 0 : 1}"
.... http definitions
security_group_id = "${aws_security_group.instance_sg.id}"
}
resource "aws_security_group_rule" "https" {
count = "${var.https ? 0 : 1}"
.... https definitions
security_group_id = "${aws_security_group.instance_sg.id}"
}
Upvotes: 8
Reputation: 3074
Do you try to add depends_on instruction ? Something like this (I'm not sure about the syntax) :
resource "aws_elb" "fe_elb" { depends_on = [ aws_aws_security_group.https_instance_sg, aws_aws_security_group.http_instance_sg ] security_groups = ["${var.https ? aws_aws_security_group.https_instance_sg.id : aws_aws_security_group.http_instance_sg.id}"] ..... }
Upvotes: 0
Reputation: 690
you must use :
resource "aws_security_group" "http_instance_sg"
instead of:
resource "aws_aws_security_group" "http_instance_sg"
there is no resource with name "aws_aws_security_group" in Terraform , the error is most probably because of this resource name typo.
Hope it will help!
Upvotes: 1
Related Questions
- Terraform - How to use conditionally created resource's output in conditional operator?
- in terraform how to set if condition for data resource
- Using Conditional Expressions in Terraform
- create resource in terraform conditionally
- Terraform dynamic/conditional resource creation
- Terraform Conditional Content Block Inside Resource
- How to conditionally use existing resource in Terraform?
- Conditional nested block in Terraform resource
- Terraform conditional source in MODULE
- terraform conditionally create resource based on external data?