Terraform Variables

From Dave-Wiki

Terraform Variables: Best Practices and Use Cases

This guide covers the different types of variables in **Terraform**, their use cases, and best practices to manage them efficiently.

Overview of Terraform Variables

Variables in Terraform allow for the parameterization of configurations, making deployments more flexible and reusable.

Terraform supports three primary types of variables:

  • Input Variables (var) – Define dynamic values for Terraform modules.
  • Environment Variables (TF_VAR_name) – Pass values externally without modifying files.
  • Output Variables (output) – Display key information after deployment.

Defining Input Variables

Input variables make Terraform configurations more dynamic and reusable.

Example of Variable Definition

Create a file named variables.tf: 

variable "vpc_cidr" {
  description = "CIDR block for the VPC"
  type        = string
  default     = "10.0.0.0/16"
}

Using Variables in Terraform Code

Use the defined variable in a Terraform resource: 

resource "aws_vpc" "main" {
  cidr_block = var.vpc_cidr
}

Passing Variables

Variables can be passed in multiple ways:

  • Using a .tfvars file: Create terraform.tfvars with the following content:
vpc_cidr = "10.1.0.0/16"

Run Terraform with: 

terraform apply -var-file=terraform.tfvars
  • Passing via CLI:
terraform apply -var="vpc_cidr=10.2.0.0/16"
  • Using Environment Variables:
export TF_VAR_vpc_cidr="10.3.0.0/16"
terraform apply

Variable Types and Best Practices

Terraform supports different data types for variables:

String

variable "region" {
  type    = string
  default = "us-east-1"
}

Number

variable "instance_count" {
  type    = number
  default = 2
}

Boolean

variable "enable_logging" {
  type    = bool
  default = true
}

List

variable "azs" {
  type    = list(string)
  default = ["us-east-1a", "us-east-1b"]
}

Map

variable "instance_type_map" {
  type = map(string)
  default = {
    dev  = "t2.micro"
    prod = "t3.medium"
  }
}

Usage: 

instance_type = var.instance_type_map[terraform.workspace]

Object

variable "vpc_config" {
  type = object({
    cidr_block = string
    enable_dns_support = bool
  })
  default = {
    cidr_block = "10.0.0.0/16"
    enable_dns_support = true
  }
}

Output Variables

Output variables provide visibility into infrastructure values after deployment.

Example of an Output Variable

output "vpc_id" {
  value       = aws_vpc.main.id
  description = "The ID of the created VPC"
}

Retrieve outputs after running Terraform: 

terraform output vpc_id

Best Practices for Terraform Variables

  • Use Type Constraints – Define variable types explicitly for validation.
  • Separate Variables into Files – Organize variables.tf and terraform.tfvars separately.
  • Use Default Values Sparingly – Ensure flexibility by not over-relying on defaults.
  • Use Sensitive Variables for Secrets – Mark sensitive data to prevent it from being exposed in logs:
variable "db_password" {
  type      = string
  sensitive = true
}
  • Utilize Workspace-Specific Variables – Adapt values based on workspaces (e.g., dev, prod).
  • Secure State Files – Store state files securely in S3 with encryption and DynamoDB state locking.

This guide ensures secure, scalable, and efficient usage of Terraform variables to optimize infrastructure as code (IaC) deployments!

Retrieved from "https://davehome.net/wiki/index.php?title=Terraform_Variables&oldid=566"