- The terraform core workflow is: Write, Plan and Apply
- Terraform by default provision concurrently 10 resources: https://www.terraform.io/docs/internals/graph.html#walking-the-graph
- Resources that failed during the provisioning executing, are marked as tainted: https://www.terraform.io/docs/language/resources/provisioners/syntax.html#creation-time-provisioners
- Format of a resource block configuration:
<block type> "<resource type>" "<local name/label>"
- Terraform core workflow: Write, Plan, Apply https://www.terraform.io/guides/core-workflow.html
- Plan prefix meaning:
+/--> destroy and recreate (instead of update in-place)~-> update in-place
- A resource/module cannot use for_each and count at the same time
Variable block:
variable "my_varible" {}
Accepted arguments:
- default: default value (make the variable optional)
- type: accepted types for this variable
- description: variable documentation
- validation: block with validation rules
- sensitive: suppress the variable value from the logs
Output block:
output "output_variable" {}
Optional arguments:
-
description: output documentation
-
sensitive: suppress the ouput from the logs
-
depends_on: explicit output dependencies
-
To get output from child modules: module.< MODULE NAME >.< OUPUT NAME >
- To enable debugging mode, you can set the env TF_LOG with the options TRACE, DEBUG, INFO, WARN and ERROR
- To persist the logs, you can set the env TF_LOG_PATH
- terraform console -> provide an interactive console for evaluating expressions
- terraform get -> download and update modules mentioned in the root module
- terraform force-unlock -> manually unlock a remote state
- terraform show -> provide human-readable output from a state or plan file
- terraform refresh -> reads the current settings from all managed remote objects and updates the Terraform state to match.
Instead this, use terraform apply -refresh-only - terraform taint -> informs Terraform that a particular object has become degraded or damaged (i'll be recreated). Instead this, use terraform apply -replace=< resource >
https://www.terraform.io/docs/language/expressions/dynamic-blocks.html
Construct repeteable nested blocks
# block
setting {}
# dynamic block
dynamic "setting" {
for_each = var.settings
content {
namespace = setting.value["namespace"]
name = setting.value["name"]
value = setting.value["value"]
}
}
https://www.terraform.io/docs/language/expressions/conditionals.html
A conditional expression uses the value of a bool expression to select one of two values.
condition ? true_val : false_val
# If condition is true then the result is true_val. If condition is false then the result is false_val.
A splat expression provides a more concise way to express a common operation that could otherwise be performed with a for expression. https://www.terraform.io/docs/language/expressions/splat.html
https://www.terraform.io/docs/language/expressions/types.html
Accepted types:
- string: sequence of unicode characters representing some text -> primitive type
- number: numeric value (support fractional numbers) -> primitive type
- bool: boolean value, can be true or false -> primitive type
- list (or tuple): sequence of values, identified by consecutive whole numbers, starting with ZERO -> complex/structural/collection type
- map (or object): group of values identified by named labels -> complex/structural/collection type
Special value that has no type:
- null: represent absence of omission, if you set an argument of a resource or module to null, terraform behave as though you has completely omitted it
- lookup: retrieves the value of a single element from a map, given its key. If the given key does not exist, the given default value is returned instead, ex:
> lookup({a="ay", b="bee"}, "c", "what?")
what?
- join: produces a string by concatenating together all elements of a given list of strings with the given delimiter.
> join(", ", ["foo", "bar", "baz"])
foo, bar, baz
- merge: takes an arbitrary number of maps or objects, and returns a single map or object that contains a merged set of elements from all arguments.
> merge({a="b", c="d"}, {e="f", c="z"})
{
"a" = "b"
"c" = "z"
"e" = "f"
}
- zipmap: constructs a map from a list of keys and a corresponding list of values.
> zipmap(["a", "b"], [1, 2])
{
"a" = 1,
"b" = 2,
}
- for_each https://www.terraform.io/docs/language/meta-arguments/for_each.html (=> 0.13)
- count https://www.terraform.io/docs/language/meta-arguments/count.html (=> v0.13)
- lifecycle https://www.terraform.io/docs/language/meta-arguments/lifecycle.html
- IaC: HCL, Workspaces, Variables, Runs (separated plan and apply), Resource Graph, Providers, Modules, Public Module Registry
- Support: Community
- IaC: HCL, Workspaces, Variables, Runs (separated plan and apply), Resource Graph, Providers, Modules, Public Module Registry
- Collaborative IaC: Remote state, VCS Connection, Workspace Management, Secure Variable Storage, Remote Runs, Private Module Registry
- [Only team & governance and business] Team Management and Governance: Team Management, Sentinel Policy as a Code Management, Cost Estimation
- [Only business] Advanced Security, Compliance and Governance: SSO, Audit Logging, Sef-Hosted Agents
- [Only business] Self-Service Infra: Configuration Designer, ServiceNow Integration
- Performance Operations:
- Concurrent Runs: Free -> up to 1, team and governance -> up to 2, business -> unlimited
- Operations: Free -> Cloud, team and governance -> cloud, business -> cloud
- Support: free -> community, team and governance -> bronze, business -> bronze, silver and gold
- IaC: HCL, Workspaces, Vraibles, Runs (separated plan and apply), Resource Graph, Providers, Modules, Public Module Registry
- Collaborative IaC: Remote state, VCS Connection, Workspace Management, Secure Variable Storage, Remote Runs, Private Module Registry
- Team Management and Governance: Team Management, Sentinel Policy as a Code Management, Cost Estimation
- Advanced Security, Compliance and Governance: SSO, Audit Logging
- Self-Service Infra: Configuration Designer, ServiceNow Integration
- Performance Operations:
- Concurrent Runs: unlimited
- Operations: private
- Support: bronze, silver and gold
tem um typo vc escreveu "Vraibles"