terraform

general

providers

data types

reserved words

logic

commands

messing with the state

workspaces

let you create different sets of infrastructure with the same working copy of your configuration and the same plugin and module caches.

Workspaces are technically equivalent to renaming your state file. Terraform then includes a set of protections and support for remote state.

For remote state, the workspaces are stored directly in the configured backend.

modules

terraform cloud

sentinel and OPA

OPA = Open Policy agent

Sentinel and OPA : define and enforce policies that govern the configurations and changes made to your infrastructure.

playing with expressions

given the file variables.tf

variable "myvar" {
  type = list(string)
}

variable "mytup" {
  type = tuple([string, number, number])
}

variable "myobject" {
  type = object(
    {
      name = string,
      description = string,
      age = number
    }
  )
}

and a variable file located at vars/varfile that contains

myvar = ["one", "two", "three"]

mytup = ["stringyay", 5, 9]

myobject = {
  name = "toto",
  description = "super hero"
  age = 33
}

we can create a test.tf file to experiment with expressions

# output to list

output "test1" {
  value = [ for v in var.myvar : v ]
}

# output to map
# in a list, an extra variable(i) automatically
# becomes an index

output "test2" {
  value = { for i, v in var.myvar : i => v }
}

# for_each can only be used in module
# or resource block

# it can only take sets or maps 
# as arguments (keys needs to be unique)

# The triggers argument allows specifying
# an arbitrary set of values that,
# when changed, will cause the resource
# to be replaced.

# this is a fugly hack to use for_each...

resource "null_resource" "test3" {
  for_each = toset(var.myvar)
  triggers = {
    name = each.value
  }
}

output "test3" {
  value = null_resource.test3
}

# output to a list of list with the index

output "test4" {
  value = [ for i, v in var.myvar : [i, v] ]
}

# lets print a tuple now

output "test5" {
  value = [ for v in var.mytup : v ]
}

# and finally play with an object
# and we choose to return a map {}

output "test6" {
  value = { for k,v in var.myobject: k => v }
}

and test some expression running

terraform apply -var-file=vars/varfile