===== Terraform =====

===Debugging===


<sxh shell>
# https://developer.hashicorp.com/terraform/internals/debugging
# investigage errors
export TF_LOG="TRACE"
export TF_LOG_PATH="./terraform.log"
</sxh>

===Glossary===

| Terraform Module |A Terraform module is a set of Terraform configuration files in a single directory.|



Installation
https://askubuntu.com/questions/983351/how-to-install-terraform-in-ubuntu

Introduction:
https://www.terraform.io/intro/getting-started/build.html

Skeleton project
https://github.com/skipidar/terraform-skeleton

== Apply terraform bash script == 
<sxh bash>

#!/bin/bash
set -eo pipefail

if [[ ! -d ".terraform" ]]
then
  terraform init
fi

terraform validate
terraform plan

#terraform apply
</sxh>

== Upgrade terraform provider ==

https://developer.hashicorp.com/terraform/tutorials/configuration-language/provider-versioning

<sxh bash>

terraform init -upgrade

Initializing the backend...

Initializing provider plugins...
- Finding hashicorp/aws versions matching "~> 5.0"...
- Installing hashicorp/aws v5.21.0...
- Installed hashicorp/aws v5.21.0 (signed by HashiCorp)

Terraform has made some changes to the provider dependency selections recorded
in the .terraform.lock.hcl file. Review those changes and commit them to your
version control system if they represent changes you intended to make.

Terraform has been successfully initialized!
</sxh>

=== Main ===

Create "**main.tf**"

<sxh json>
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 3.0"
    }
  }
}

provider "aws" {
  profile = "default"
  region  = format("%s", var.aws_region)
}

</sxh>

=== Variables ===

Create "**variables.tf**"
<sxh json>

variable "aws_region" {
  description = "The AWS region to deploy the resources into"
  type = string
  default = "eu-central-1"
}

variable "aws_account_id" {
  description = "The AWS account identifier of the project"
  type = string
  default = "1234567891234"
}

variable "prefix" {
  description = "The resource prefix"
  type = string
  default = "alf-dev-con1"
}


locals {
  iot_policy = "${var.prefix}-thing2"
}



</sxh>

**locals**  defines inner variables.
Only here one can combine other variables

Use the variable
<sxh json>

provider "aws" {
  profile = "default"
  region  = var.region
}
</sxh>


=== Data ===

When you define ''data'' blocks Terraform communicates with the **AWS provider** to query AWS and fetch the list of requested resources, mentioned in data-block.

<sxh json>

</sxh>

You can apply filters.

<sxh json>

# Find the latest available AMI that is tagged with Component = web
data "aws_ami" "web" {
  filter {
    name   = "state"
    values = ["available"]
  }

  filter {
    name   = "tag:Component"
    values = ["web"]
  }

  most_recent = true
}
</sxh>


Create **templates.tf**

<sxh json>

data "template_file" "tf_iot_policy" {
  vars = {
    aws_region = "${var.aws_region}"
    aws_account_id = "${var.aws_account_id}"
  }
  template = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "iot:Connect",
        "iot:Publish",
        "iot:Receive",
        "iot:Subscribe"
      ],
      "Resource": "arn:aws:iot:$${aws_region}:$${aws_account_id}:*"
    }
  ]
}
EOF
}

</sxh>

Usage
<sxh json>
resource "aws_iot_policy" "iot_policy" {
  name   = "${local.iot_policy}"
  policy = "${data.template_file.tf_iot_policy.rendered}"
}
</sxh>


=== Dynamic block ===

See https://spacelift.io/blog/terraform-dynamic-blocks

To replace the repetitive code as here in a module:
<sxh json>
resource "azurerm_virtual_network" "dynamic_block" {
  name                = "vnet-dynamicblock-example-centralus"
  resource_group_name = azurerm_resource_group.dynamic_block.name
  location            = azurerm_resource_group.dynamic_block.location
  address_space       = ["10.10.0.0/16"]

  subnet {
    name           = "snet1"
    address_prefix = "10.10.1.0/24"
  }

  subnet {
    name           = "snet2"
    address_prefix = "10.10.2.0/24"
  }

  subnet {
    name           = "snet3"
    address_prefix = "10.10.3.0/24"
  }

  subnet {
    name           = "snet4"
    address_prefix = "10.10.4.0/24"
  }
}
</sxh>


Use the "dynamic" block

<sxh json>
resource "azurerm_virtual_network" "dynamic_block" {
  name                = "vnet-dynamicblock-example-centralus"
  resource_group_name = azurerm_resource_group.dynamic_block.name
  location            = azurerm_resource_group.dynamic_block.location
  address_space       = ["10.10.0.0/16"]

  dynamic "subnet" {
    for_each = var.subnets
    iterator = item   #optional
    content {
      name           = item.value.name
      address_prefix = item.value.address_prefix
    }
  }
}

</sxh>


Declare a variable in your module
<sxh json>
variable "subnets" {
  description = "list of values to assign to subnets"
  type = list(object({
    name           = string
    address_prefix = string
  }))
}
</sxh>


**USAGE of your module**

Assigning values to the variable "subnets", which are taken by the module above.

<sxh json>
subnets = [
  { name = "snet1", address_prefix = "10.10.1.0/24" },
  { name = "snet2", address_prefix = "10.10.2.0/24" },
  { name = "snet3", address_prefix = "10.10.3.0/24" },
  { name = "snet4", address_prefix = "10.10.4.0/24" }
]
</sxh>