github.com/pdecat/terraform@v0.11.9-beta1/website/docs/configuration/resources.html.md (about)

     1  ---
     2  layout: "docs"
     3  page_title: "Configuring Resources"
     4  sidebar_current: "docs-config-resources"
     5  description: |-
     6    The most important thing you'll configure with Terraform are resources. Resources are a component of your infrastructure. It might be some low level component such as a physical server, virtual machine, or container. Or it can be a higher level component such as an email provider, DNS record, or database provider.
     7  ---
     8  
     9  # Resource Configuration
    10  
    11  The most important thing you'll configure with Terraform are
    12  resources. Resources are a component of your infrastructure.
    13  It might be some low level component such as a physical server,
    14  virtual machine, or container. Or it can be a higher level
    15  component such as an email provider, DNS record, or database
    16  provider.
    17  
    18  This page assumes you're familiar with the
    19  [configuration syntax](/docs/configuration/syntax.html)
    20  already.
    21  
    22  ## Example
    23  
    24  A resource configuration looks like the following:
    25  
    26  ```hcl
    27  resource "aws_instance" "web" {
    28    ami           = "ami-408c7f28"
    29    instance_type = "t1.micro"
    30  }
    31  ```
    32  
    33  ## Description
    34  
    35  The `resource` block creates a resource of the given `TYPE` (first
    36  parameter) and `NAME` (second parameter). The combination of the type
    37  and name must be unique.
    38  
    39  Within the block (the `{ }`) is configuration for the resource. The
    40  configuration is dependent on the type, and is documented for each
    41  resource type in the
    42  [providers section](/docs/providers/index.html).
    43  
    44  ### Meta-parameters
    45  
    46  There are **meta-parameters** available to all resources:
    47  
    48  - `count` (int) - The number of identical resources to create. This doesn't
    49    apply to all resources. For details on using variables in conjunction with
    50    count, see [Using Variables with `count`](#using-variables-with-count) below.
    51  
    52      -> Modules don't currently support the `count` parameter.
    53  
    54  - `depends_on` (list of strings) - Explicit dependencies that this resource has.
    55    These dependencies will be created before this resource. For syntax and other
    56    details, see the section below on [explicit
    57    dependencies](#explicit-dependencies).
    58  
    59  - `provider` (string) - The name of a specific provider to use for this
    60    resource. The name is in the format of `TYPE.ALIAS`, for example, `aws.west`.
    61    Where `west` is set using the `alias` attribute in a provider. See [multiple
    62    provider instances](#multiple-provider-instances).
    63  
    64  - `lifecycle` (configuration block) - Customizes the lifecycle behavior of the
    65    resource. The specific options are documented below.
    66  
    67      The `lifecycle` block allows the following keys to be set:
    68  
    69    - `create_before_destroy` (bool) - This flag is used to ensure the replacement
    70      of a resource is created before the original instance is destroyed. As an
    71      example, this can be used to create an new DNS record before removing an old
    72      record.
    73  
    74    - `prevent_destroy` (bool) - This flag provides extra protection against the
    75      destruction of a given resource. When this is set to `true`, any plan that
    76      includes a destroy of this resource will return an error message.
    77  
    78    - `ignore_changes` (list of strings) - Customizes how diffs are evaluated for
    79      resources, allowing individual attributes to be ignored through changes. As
    80      an example, this can be used to ignore dynamic changes to the resource from
    81      external resources. Other meta-parameters cannot be ignored.
    82  
    83          ~> Ignored attribute names can be matched by their name, not state ID.
    84          For example, if an `aws_route_table` has two routes defined and the
    85          `ignore_changes` list contains "route", both routes will be ignored.
    86          Additionally you can also use a single entry with a wildcard (e.g. `"*"`)
    87          which will match all attribute names. Using a partial string together
    88          with a wildcard (e.g. `"rout*"`) is **not** supported.
    89  
    90    -> Interpolations are not currently supported in the `lifecycle` configuration block (see [issue #3116](https://github.com/hashicorp/terraform/issues/3116))
    91  
    92  ### Timeouts
    93  
    94  Individual Resources may provide a `timeouts` block to enable users to configure the
    95  amount of time a specific operation is allowed to take before being considered
    96  an error. For example, the
    97  [aws_db_instance](/docs/providers/aws/r/db_instance.html#timeouts)
    98  resource provides configurable timeouts for the
    99  `create`, `update`, and `delete` operations. Any Resource that provides Timeouts
   100  will document the default values for that operation, and users can overwrite
   101  them in their configuration.
   102  
   103  Example overwriting the `create` and `delete` timeouts:
   104  
   105  ```hcl
   106  resource "aws_db_instance" "timeout_example" {
   107    allocated_storage = 10
   108    engine            = "mysql"
   109    engine_version    = "5.6.17"
   110    instance_class    = "db.t1.micro"
   111    name              = "mydb"
   112  
   113    # ...
   114  
   115    timeouts {
   116      create = "60m"
   117      delete = "2h"
   118    }
   119  }
   120  ```
   121  
   122  Individual Resources must opt-in to providing configurable Timeouts, and
   123  attempting to configure the timeout for a Resource that does not support
   124  Timeouts, or overwriting a specific action that the Resource does not specify as
   125  an option, will result in an error. Valid units of time are  `s`, `m`, `h`.
   126  
   127  ### Explicit Dependencies
   128  
   129  Terraform ensures that dependencies are successfully created before a
   130  resource is created. During a destroy operation, Terraform ensures that
   131  this resource is destroyed before its dependencies.
   132  
   133  A resource automatically depends on anything it references via
   134  [interpolations](/docs/configuration/interpolation.html). The automatically
   135  determined dependencies are all that is needed most of the time. You can also
   136  use the `depends_on` parameter to explicitly define a list of additional
   137  dependencies.
   138  
   139  The primary use case of explicit `depends_on` is to depend on a _side effect_
   140  of another operation. For example: if a provisioner creates a file, and your
   141  resource reads that file, then there is no interpolation reference for Terraform
   142  to automatically connect the two resources. However, there is a causal
   143  ordering that needs to be represented. This is an ideal case for `depends_on`.
   144  In most cases, however, `depends_on` should be avoided and Terraform should
   145  be allowed to determine dependencies automatically.
   146  
   147  The syntax of `depends_on` is a list of resources and modules:
   148  
   149  - Resources are `TYPE.NAME`, such as `aws_instance.web`.
   150  - Modules are `module.NAME`, such as `module.foo`.
   151  
   152  When a resource depends on a module, _everything_ in that module must be
   153  created before the resource is created.
   154  
   155  An example of a resource depending on both a module and resource is shown
   156  below. Note that `depends_on` can contain any number of dependencies:
   157  
   158  ```hcl
   159  resource "aws_instance" "web" {
   160    depends_on = ["aws_instance.leader", "module.vpc"]
   161  }
   162  ```
   163  
   164  -> **Use sparingly!** `depends_on` is rarely necessary.
   165  In almost every case, Terraform's automatic dependency system is the best-case
   166  scenario by having your resources depend only on what they explicitly use.
   167  Please think carefully before you use `depends_on` to determine if Terraform
   168  could automatically do this a better way.
   169  
   170  ### Connection block
   171  
   172  Within a resource, you can optionally have a **connection block**.
   173  Connection blocks describe to Terraform how to connect to the
   174  resource for
   175  [provisioning](/docs/provisioners/index.html). This block doesn't
   176  need to be present if you're using only local provisioners, or
   177  if you're not provisioning at all.
   178  
   179  Resources provide some data on their own, such as an IP address,
   180  but other data must be specified by the user.
   181  
   182  The full list of settings that can be specified are listed on
   183  the [provisioner connection page](/docs/provisioners/connection.html).
   184  
   185  ### Provisioners
   186  
   187  Within a resource, you can specify zero or more **provisioner
   188  blocks**. Provisioner blocks configure
   189  [provisioners](/docs/provisioners/index.html).
   190  
   191  Within the provisioner block is provisioner-specific configuration,
   192  much like resource-specific configuration.
   193  
   194  Provisioner blocks can also contain a connection block
   195  (documented above). This connection block can be used to
   196  provide more specific connection info for a specific provisioner.
   197  An example use case might be to use a different user to log in
   198  for a single provisioner.
   199  
   200  ## Using Variables With `count`
   201  
   202  When declaring multiple instances of a resource using [`count`](#count), it is
   203  common to want each instance to have a different value for a given attribute.
   204  
   205  You can use the `${count.index}`
   206  [interpolation](/docs/configuration/interpolation.html) along with a map
   207  [variable](/docs/configuration/variables.html) to accomplish this.
   208  
   209  For example, here's how you could create three [AWS
   210  Instances](/docs/providers/aws/r/instance.html) each with their own
   211  static IP address:
   212  
   213  ```hcl
   214  variable "instance_ips" {
   215    default = {
   216      "0" = "10.11.12.100"
   217      "1" = "10.11.12.101"
   218      "2" = "10.11.12.102"
   219    }
   220  }
   221  
   222  resource "aws_instance" "app" {
   223    count = "3"
   224    private_ip = "${lookup(var.instance_ips, count.index)}"
   225    # ...
   226  }
   227  ```
   228  
   229  To reference a particular instance of a resource you can use `resource.foo.*.id[#]` where `#` is the index number of the instance.
   230  
   231  For example, to create a list of all [AWS subnet](/docs/providers/aws/r/subnet.html) ids vs referencing a specific subnet in the list you can use this syntax:
   232  
   233  ```hcl
   234  resource "aws_vpc" "foo" {
   235    cidr_block = "198.18.0.0/16"
   236  }
   237  
   238  resource "aws_subnet" "bar" {
   239    count      = 2
   240    vpc_id     = "${aws_vpc.foo.id}"
   241    cidr_block = "${cidrsubnet(aws_vpc.foo.cidr_block, 8, count.index)}"
   242  }
   243  
   244  output "vpc_id" {
   245    value = "${aws_vpc.foo.id}"
   246  }
   247  
   248  output "all_subnet_ids" {
   249    value = "${aws_subnet.bar.*.id}"
   250  }
   251  
   252  output "subnet_id_0" {
   253    value = "${aws_subnet.bar.*.id[0]}"
   254  }
   255  
   256  output "subnet_id_1" {
   257    value = "${aws_subnet.bar.*.id[1]}"
   258  }
   259  ```
   260  
   261  ## Multiple Provider Instances
   262  
   263  By default, a resource targets the provider based on its type. For example
   264  an `aws_instance` resource will target the "aws" provider. As of Terraform
   265  0.5.0, a resource can target any provider by name.
   266  
   267  The primary use case for this is to target a specific configuration of
   268  a provider that is configured multiple times to support multiple regions, etc.
   269  
   270  To target another provider, set the `provider` field:
   271  
   272  ```hcl
   273  resource "aws_instance" "foo" {
   274  	provider = "aws.west"
   275  
   276  	# ...
   277  }
   278  ```
   279  
   280  The value of the field should be `TYPE` or `TYPE.ALIAS`. The `ALIAS` value
   281  comes from the `alias` field value when configuring the
   282  [provider](/docs/configuration/providers.html).
   283  
   284  ```hcl
   285  provider "aws" {
   286    alias = "west"
   287  
   288    # ...
   289  }
   290  ```
   291  
   292  If no `provider` field is specified, the default provider is used.
   293  
   294  ## Syntax
   295  
   296  The full syntax is:
   297  
   298  ```text
   299  resource TYPE NAME {
   300  	CONFIG ...
   301  	[count = COUNT]
   302  	[depends_on = [NAME, ...]]
   303  	[provider = PROVIDER]
   304  
   305      [LIFECYCLE]
   306  
   307  	[CONNECTION]
   308  	[PROVISIONER ...]
   309  }
   310  ```
   311  
   312  where `CONFIG` is:
   313  
   314  ```text
   315  KEY = VALUE
   316  
   317  KEY {
   318  	CONFIG
   319  }
   320  ```
   321  
   322  where `LIFECYCLE` is:
   323  
   324  ```text
   325  lifecycle {
   326      [create_before_destroy = true|false]
   327      [prevent_destroy = true|false]
   328      [ignore_changes = [ATTRIBUTE NAME, ...]]
   329  }
   330  ```
   331  
   332  where `CONNECTION` is:
   333  
   334  ```text
   335  connection {
   336  	KEY = VALUE
   337  	...
   338  }
   339  ```
   340  
   341  where `PROVISIONER` is:
   342  
   343  ```text
   344  provisioner NAME {
   345  	CONFIG ...
   346  
   347  	[when = "create"|"destroy"]
   348  	[on_failure = "continue"|"fail"]
   349  
   350  	[CONNECTION]
   351  }
   352  ```