Writing Terraform configurations
Use locals
to specify explicit dependencies between resources
locals
to specify explicit dependencies between resourcesHelpful way to give a hint to Terraform that some resources should be deleted before even when there is no direct dependency in Terraform configurations.
https://raw.githubusercontent.com/antonbabenko/terraform-best-practices/master/snippets/locals.tf
Terraform 0.12 - Required vs Optional arguments
Required argument
index_document
must be set, ifvar.website
is not an empty map.Optional argument
error_document
can be omitted.
Managing Secrets in Terraform
Secrets are sensitive data that can be anything from passwords and encryption keys to API tokens and service certificates. They are typically used to set up authentication and authorization for cloud resources. Safeguarding these sensitive resources is crucial because exposure could lead to security breaches. It’s highly recommended to avoid storing secrets in Terraform config and state, as anyone with access to version control can access them. Instead, consider using external data sources to fetch secrets from external sources at runtime. For instance, if you’re using AWS Secrets Manager, you can use the aws_secretsmanager_secret_version
data source to access the secret value. The following example uses write-only arguments, which are supported in Terraform 1.11+, and keep the value out of Terraform state.
Last updated