Terraform

This walkthrough shows you how to pass CloudTruth parameters as Environment Variables to Terraform.

You can also use CloudTruth to externally reference backend tfstate output as an external parameter.

Prerequisites

You know basic Terraform.
You have created a CloudTruth API Access token and installed the CLI.

Terraform deploy with CloudTruth

For this example we will build on top of the Terraform AWS tutorial to deploy an EC2 instance defining variables with CloudTruth parameters. You can use any target for your deploys.

Set CloudTruth Terraform Variables

Create a CloudTruth Project called Terraform.

cloudtruth project set Terraform

Now you can create the CloudTruth parameters in the Terraform project that we will pass to Terraform as environment input variables with the TF_VAR_ convention.

cloudtruth --project Terraform parameter set TF_VAR_ami -v ami-830c94e3 
cloudtruth --project Terraform parameter set TF_VAR_instance_type -v t2.micro
cloudtruth --project Terraform parameter set TF_VAR_availability_zone_names -v \[\"us-west-2a\",\ \"us-west-2b\"\]
cloudtruth --project Terraform parameter set TF_VAR_resource_tags -v \{\"Name\":\"Cloudtruth-Instance\",\"project\":\"CloudTruth\ Run\ Terraform\",\"environment\":\"default\"\}

Create Terraform Configuration

From your Terraform working directory update your main.tf with the following configuration.

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 3.27"
    }
  }
}

provider "aws" {
  profile = "default"
  region  = "us-west-2"
}

resource "aws_instance" "cloudtruth" {
  ami           = var.ami
  instance_type = var.instance_type 
  availability_zone = var.availability_zone_names[0]

  tags = var.resource_tags
}

output "zone" {
  value = aws_instance.cloudtruth.availability_zone
}

output "AMI" {
  value = aws_instance.cloudtruth.ami
}

output "instance_type" {
  value = aws_instance.cloudtruth.instance_type
}

output "instance_name" {
  value = aws_instance.cloudtruth.tags.Name
}

#########################
####### VARIABLES #######
#########################

variable "ami" {   
  description = "Value of the Amazon Machine Image"
  type        = string
  }

variable "instance_type" {   
  description = "Value of the Instance Type"
  type        = string
  }
  
variable "availability_zone_names"{
  description = "List of available regions"
  type        = list(string)
 }  
 
variable "resource_tags" {
  description = "Tags to set for all resources"
  type        = map(string)
}

This main.tf will deploy an EC2 instance to us-west-2 and defines four variables that are centrally managed by CloudTruth. It also shows you how to use various Terraform variable types such as a map and list.

Variable

Type

CloudTruth Value

Build Terraform Infrastructure

From your Terraform working directory initialize the infrastructure.

terraform init

Now when executing a terraform plan you will notice that you are prompted to enter values for each variable defined.

terraform plan
var.ami
  Value of the Amazon Machine Image

  Enter a value:

CloudTruth Run

You can manage your Terraform configuration centrally with CloudTruth and pass Terraform environment input variables with the cloudtruth run CLI command.

The following command will pass the variables from the Terraform project where we set our input variables directly into terraform apply.

cloudtruth --project Terraform run -- terraform apply

Terraform will show the outputs and deploy the instance with our CloudTruth values.

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Outputs:

AMI = "ami-830c94e3"
instance_name = "Cloudtruth-Instance"
instance_type = "t2.micro"
zone = "us-west-2a"

Couple this method with CloudTruth Environments and you can manage and deploy different instance types with various configuration setting to your Prod, Dev and Staging with a single command.

Terraform Input Variables

CloudTruth run injects environment variables into your terraform commands. Terraform searches the environment for variables that contain TF_VAR_ preceding the variable name defined in your configuration script. The variable is case sensitive so if it is lower case in main.tf the variables must have lower case key names in CloudTruth.

Environment input variables have a specific order of precedence and CloudTruth run can be used with any combination that Terraform allows. Values from CloudTruth run be overridden by a file if the same variable exists in a terraform.tfvars or any of the higher precedence methods of passing values.

Terraform loads variables in the following order, with later sources taking precedence over earlier ones:

Environment variables
The terraform.tfvars file, if present.
The terraform.tfvars.json file, if present.
Any *.auto.tfvars or *.auto.tfvars.json files, processed in lexical order of their filenames.
Any -var and -var-file options on the command line, in the order they are provided. (This includes variables set by a Terraform Cloud workspace.)

PreviousPulumi NextTerragrunt

Last updated 2 years ago