How can I create an actual my local terraform module when pulling the source from a public terraform module?

Question

Learning terraform for last few days here. So don't judge me.

I am trying to create hub-spoke (parent/child) for utilizing public modules to deploy my own infrastructure in AWS. I can create a child module in my local with the resources what is suppose to deploy or I can create a module itself

module "name" {
  source: git:git@github.com:terraform-aws-modules/terraform-aws-iam.git
   ...
  resource "aws_iam_account_password_policy" "this" {
  count = var.create_account_password_policy ? 1 : 0

  max_password_age               = var.max_password_age
  minimum_password_length        = var.minimum_password_length
  allow_users_to_change_password = var.allow_users_to_change_password
  hard_expiry                    = var.hard_expiry
  password_reuse_prevention      = var.password_reuse_prevention
  require_lowercase_characters   = var.require_lowercase_characters
  require_uppercase_characters   = var.require_uppercase_characters
  require_numbers                = var.require_numbers
  require_symbols                = var.require_symbols
}
 }

Instead of adding the entire resource block, is there a way to just call the necessary parameters from the parent public module to my local, like this?

module "name" {
  source: git:git@github.com:terraform-aws-modules/terraform-aws-iam.git
   ...
  allow_users_to_change_password = var.allow_users_to_change_password
  hard_expiry                    = var.hard_expiry
  password_reuse_prevention      = var.password_reuse_prevention

}
 }

And then obviously I need to add my variables.tf file and provide the default vaules.

I tried to lookup and I couldnt find a clear distinction or good examples on creating local terraform modules.

Need help :-(

Create a local terraform module sourced from a public module without adding the resource block and by only adding the needed parameters

Answer 1

create an actual my local terraform module when pulling the source from a public terraform module

While using a module approach you should know how to pass variables. Here in this you are trying to set prameters for the mentioned resource by directly including its resource block within your local configuration this doesnt satisfy the condition for using module.

Here in this approach, we need pass the input through the variables for the module block

Configuration:

module "iam_password_policy" {
  source = "git::https://github.com/terraform-(aws/azure)-modules/terraform-(aws/azure)-iam.git//modules/account-password-policy" // you can us e what ever the cloud porvider you want 


  allow_users_to_change_password = var.allow_users_to_change_password
  hard_expiry                    = var.hard_expiry
  password_reuse_prevention      = var.password_reuse_prevention
  max_password_age               = var.max_password_age
  minimum_password_length        = var.minimum_password_length
  require_lowercase_characters   = var.require_lowercase_characters
  require_uppercase_characters   = var.require_uppercase_characters
  require_numbers                = var.require_numbers
  require_symbols                = var.require_symbols
}

The source attribute mentions the location of the public module that youre using & resource configuration should not be used inside the module configuration.

variable.tf:

variable "minimum_password_length" {
  description = "The minimum length of the password."
  type        = number
  default     = 8
}

variable "require_lowercase_characters" {
  description = "Whether to require lowercase characters in the password."
  type        = bool
  default     = true
}

... so on

Refer:

Build and use a local module | Terraform | HashiCorp Developer

https://registry.terraform.io/providers/hashicorp/azuread/latest/docs

https://github.com/terraform-aws-modules/terraform-aws-iam