github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/website/source/docs/configuration/resources.html.md (about) 1 --- 2 layout: "docs" 3 page_title: "Configuring Resources" 4 sidebar_current: "docs-config-resources" 5 description: |- 6 The most important thing you'll configure with Terraform are resources. Resources are a component of your infrastructure. It might be some low level component such as a physical server, virtual machine, or container. Or it can be a higher level component such as an email provider, DNS record, or database provider. 7 --- 8 9 # Resource Configuration 10 11 The most important thing you'll configure with Terraform are 12 resources. Resources are a component of your infrastructure. 13 It might be some low level component such as a physical server, 14 virtual machine, or container. Or it can be a higher level 15 component such as an email provider, DNS record, or database 16 provider. 17 18 This page assumes you're familiar with the 19 [configuration syntax](/docs/configuration/syntax.html) 20 already. 21 22 ## Example 23 24 A resource configuration looks like the following: 25 26 ``` 27 resource "aws_instance" "web" { 28 ami = "ami-408c7f28" 29 instance_type = "t1.micro" 30 } 31 ``` 32 33 ## Description 34 35 The `resource` block creates a resource of the given `TYPE` (first 36 parameter) and `NAME` (second parameter). The combination of the type 37 and name must be unique. 38 39 Within the block (the `{ }`) is configuration for the resource. The 40 configuration is dependent on the type, and is documented for each 41 resource type in the 42 [providers section](/docs/providers/index.html). 43 44 <a id="meta-parameters"></a> 45 ### Meta-parameters 46 47 There are **meta-parameters** available to all resources: 48 49 * `count` (int) - The number of identical resources to create. 50 This doesn't apply to all resources. For details on using variables in 51 conjunction with count, see [Using Variables with 52 `count`](#using-variables-with-count) below. 53 54 ~> **NOTE:** Modules don't currently support the `count` parameter. 55 56 * `depends_on` (list of strings) - Explicit dependencies that this 57 resource has. These dependencies will be created before this 58 resource. For syntax and other details, see the section below on 59 [explicit dependencies](#explicit-dependencies). 60 61 * `provider` (string) - The name of a specific provider to use for 62 this resource. The name is in the format of `TYPE.ALIAS`, for example, 63 `aws.west`. Where `west` is set using the `alias` attribute in a 64 provider. See [multiple provider instances](#multi-provider-instances). 65 66 * `lifecycle` (configuration block) - Customizes the lifecycle 67 behavior of the resource. The specific options are documented 68 below. 69 70 The `lifecycle` block allows the following keys to be set: 71 72 * `create_before_destroy` (bool) - This flag is used to ensure 73 the replacement of a resource is created before the original 74 instance is destroyed. As an example, this can be used to 75 create an new DNS record before removing an old record. 76 77 * `prevent_destroy` (bool) - This flag provides extra protection against the 78 destruction of a given resource. When this is set to `true`, any plan 79 that includes a destroy of this resource will return an error message. 80 81 <a id="ignore-changes"></a> 82 83 * `ignore_changes` (list of strings) - Customizes how diffs are evaluated for 84 resources, allowing individual attributes to be ignored through changes. 85 As an example, this can be used to ignore dynamic changes to the 86 resource from external resources. Other meta-parameters cannot be ignored. 87 88 ~> **NOTE on create\_before\_destroy and dependencies:** Resources that utilize 89 the `create_before_destroy` key can only depend on other resources that also 90 include `create_before_destroy`. Referencing a resource that does not include 91 `create_before_destroy` will result in a dependency graph cycle. 92 93 ~> **NOTE on ignore\_changes:** Ignored attribute names can be matched by their 94 name, not state ID. For example, if an `aws_route_table` has two routes defined 95 and the `ignore_changes` list contains "route", both routes will be ignored. 96 Additionally you can also use a single entry with a wildcard (e.g. `"*"`) 97 which will match all attribute names. Using a partial string together with a 98 wildcard (e.g. `"rout*"`) is **not** supported. 99 100 101 <a id="timeouts"></a> 102 103 ### Timeouts 104 105 Individual Resources may provide a `timeout` block to enable users to configure the 106 amount of time a specific operation is allowed to take before being considered 107 an error. For example, the 108 [aws_db_instance](/docs/providers/aws/r/db_instance.html#timeouts) 109 resource provides configurable timeouts for the 110 `create`, `update`, and `delete` operations. Any Resource that provies Timeouts 111 will document the default values for that operation, and users can overwrite 112 them in their configuration. 113 114 Example overwriting the `create` and `delete` timeouts: 115 116 ``` 117 resource "aws_db_instance" "timeout_example" { 118 allocated_storage = 10 119 engine = "mysql" 120 engine_version = "5.6.17" 121 instance_class = "db.t1.micro" 122 name = "mydb" 123 [...] 124 125 timeout { 126 create = "60m" 127 delete = "2h" 128 } 129 } 130 ``` 131 132 Individual Resources must opt-in to providing configurable Timeouts, and 133 attempting to configure the timeout for a Resource that does not support 134 Timeouts, or overwriting a specific action that the Resource does not specify as 135 an option, will result in an error. Valid units of time are `s`, `m`, `h`. 136 137 <a id="explicit-dependencies"></a> 138 139 ### Explicit Dependencies 140 141 Terraform ensures that dependencies are successfully created before a 142 resource is created. During a destroy operation, Terraform ensures that 143 this resource is destroyed before its dependencies. 144 145 A resource automatically depends on anything it references via 146 [interpolations](/docs/configuration/interpolation.html). The automatically 147 determined dependencies are all that is needed most of the time. You can also 148 use the `depends_on` parameter to explicitly define a list of additional 149 dependencies. 150 151 The primary use case of explicit `depends_on` is to depend on a _side effect_ 152 of another operation. For example: if a provisioner creates a file, and your 153 resource reads that file, then there is no interpolation reference for Terraform 154 to automatically connect the two resources. However, there is a causal 155 ordering that needs to be represented. This is an ideal case for `depends_on`. 156 In most cases, however, `depends_on` should be avoided and Terraform should 157 be allowed to determine dependencies automatically. 158 159 The syntax of `depends_on` is a list of resources and modules: 160 161 * Resources are `TYPE.NAME`, such as `aws_instance.web`. 162 * Modules are `module.NAME`, such as `module.foo`. 163 164 When a resource depends on a module, _everything_ in that module must be 165 created before the resource is created. 166 167 An example of a resource depending on both a module and resource is shown 168 below. Note that `depends_on` can contain any number of dependencies: 169 170 ``` 171 resource "aws_instance" "web" { 172 depends_on = ["aws_instance.leader", "module.vpc"] 173 } 174 ``` 175 176 -> **Use sparingly!** `depends_on` is rarely necessary. 177 In almost every case, Terraform's automatic dependency system is the best-case 178 scenario by having your resources depend only on what they explicitly use. 179 Please think carefully before you use `depends_on` to determine if Terraform 180 could automatically do this a better way. 181 182 <a id="connection-block"></a> 183 184 ### Connection block 185 186 Within a resource, you can optionally have a **connection block**. 187 Connection blocks describe to Terraform how to connect to the 188 resource for 189 [provisioning](/docs/provisioners/index.html). This block doesn't 190 need to be present if you're using only local provisioners, or 191 if you're not provisioning at all. 192 193 Resources provide some data on their own, such as an IP address, 194 but other data must be specified by the user. 195 196 The full list of settings that can be specified are listed on 197 the [provisioner connection page](/docs/provisioners/connection.html). 198 199 <a id="provisioners"></a> 200 201 ### Provisioners 202 203 Within a resource, you can specify zero or more **provisioner 204 blocks**. Provisioner blocks configure 205 [provisioners](/docs/provisioners/index.html). 206 207 Within the provisioner block is provisioner-specific configuration, 208 much like resource-specific configuration. 209 210 Provisioner blocks can also contain a connection block 211 (documented above). This connection block can be used to 212 provide more specific connection info for a specific provisioner. 213 An example use case might be to use a different user to log in 214 for a single provisioner. 215 216 <a id="using-variables-with-count"></a> 217 218 ## Using Variables With `count` 219 220 When declaring multiple instances of a resource using [`count`](#count), it is 221 common to want each instance to have a different value for a given attribute. 222 223 You can use the `${count.index}` 224 [interpolation](/docs/configuration/interpolation.html) along with a map 225 [variable](/docs/configuration/variables.html) to accomplish this. 226 227 For example, here's how you could create three [AWS 228 Instances](/docs/providers/aws/r/instance.html) each with their own 229 static IP address: 230 231 ``` 232 variable "instance_ips" { 233 default = { 234 "0" = "10.11.12.100" 235 "1" = "10.11.12.101" 236 "2" = "10.11.12.102" 237 } 238 } 239 240 resource "aws_instance" "app" { 241 count = "3" 242 private_ip = "${lookup(var.instance_ips, count.index)}" 243 # ... 244 } 245 ``` 246 247 <a id="multi-provider-instances"></a> 248 249 ## Multiple Provider Instances 250 251 By default, a resource targets the provider based on its type. For example 252 an `aws_instance` resource will target the "aws" provider. As of Terraform 253 0.5.0, a resource can target any provider by name. 254 255 The primary use case for this is to target a specific configuration of 256 a provider that is configured multiple times to support multiple regions, etc. 257 258 To target another provider, set the `provider` field: 259 260 ``` 261 resource "aws_instance" "foo" { 262 provider = "aws.west" 263 264 # ... 265 } 266 ``` 267 268 The value of the field should be `TYPE` or `TYPE.ALIAS`. The `ALIAS` value 269 comes from the `alias` field value when configuring the 270 [provider](/docs/configuration/providers.html). 271 272 ``` 273 provider "aws" { 274 alias = "west" 275 276 # ... 277 } 278 ``` 279 280 If no `provider` field is specified, the default provider is used. 281 282 ## Syntax 283 284 The full syntax is: 285 286 ``` 287 resource TYPE NAME { 288 CONFIG ... 289 [count = COUNT] 290 [depends_on = [NAME, ...]] 291 [provider = PROVIDER] 292 293 [LIFECYCLE] 294 295 [CONNECTION] 296 [PROVISIONER ...] 297 } 298 ``` 299 300 where `CONFIG` is: 301 302 ``` 303 KEY = VALUE 304 305 KEY { 306 CONFIG 307 } 308 ``` 309 310 where `LIFECYCLE` is: 311 312 ``` 313 lifecycle { 314 [create_before_destroy = true|false] 315 [prevent_destroy = true|false] 316 [ignore_changes = [ATTRIBUTE NAME, ...]] 317 } 318 ``` 319 320 where `CONNECTION` is: 321 322 ``` 323 connection { 324 KEY = VALUE 325 ... 326 } 327 ``` 328 329 where `PROVISIONER` is: 330 331 ``` 332 provisioner NAME { 333 CONFIG ... 334 335 [when = "create"|"destroy"] 336 [on_failure = "continue"|"fail"] 337 338 [CONNECTION] 339 } 340 ```