-
Notifications
You must be signed in to change notification settings - Fork 9.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Set variables from env vars #1621
Conversation
I like this as a stopgap and prefer it to tfvars files. 💯 lgtm |
Fresh, simple, delicious. 🚢 |
@mitchellh I am having troubles getting this to work. If I set
Does the environment variable not propagate through to a module? I am using the Terraform master branch. update actually it doesn't seem to work for non-modules as well. I suspect this is an error on my side. Investigating. |
@JeanMertz You can only set variables in the root module, can you show me your config? |
Just notice that variables needs to has a default value other wise TF_VAR won't work as terraform breaks before during apply. Also does this support overriding values for Mappings? |
Any chance you've already decided, and are willing to share, which of the two |
it would be nice if environment variables propagate into modules aswell. |
Relying on standard environment variables such as We'd use |
+1 for ${env.FOO} support. I want to use ${env.USER} and other things as well. This would be especially handy when tagging things |
+1 for being able to use ${env.FOO} |
We currently use a little helper script to do this for us: #!/bin/bash
DATE=$(date +%D)
export TF_VAR_username=$USER
export TF_VAR_date="$DATE"
exec terraform "$@" |
I wrote a bash wrapper to load my variables to the environment from a #!/bin/bash
# https://gist.github.com/goodtune/2cd676718b16752816a4
# Use this script to load the contents of a .vars file in your current working
# directory into the environment before running terraform.
#
# Useful for avoiding numerous '-var "var=val"' options on the command line.
#
# Your .vars file should contain each var=val on a single line.
/usr/bin/env -S "$(sed -e 's/^/TF_VAR_/' .vars 2> /dev/null)" \
terraform "$@" I place this in my
or
|
Could someone provide a simple example of how I can read AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables into my terraform config, without hard-coding the keys anywhere? I searched high and low and was unable to find a simple, clear example for new users. |
@scarolan - The best solution I found was to write a wrapper around terraform to allow me to use a profile listed in ~/.aws/credentials. Check out my runTF.py script here: https://github.com/pll/terraform_infrastructure for an example of how I did it. That's not the latest version of the code, but it works (I've vastly simplified it since I put this up). |
Thanks, hopefully the developers will consider reading in these credentials directly from ~/.aws/config or ~/.aws/credentials, or environment variables in the future. Having to put these creds in another file, or jump through other hoops (like wrapper scripts) feels janky. |
You can definitely set environment variables, that's clearly documented. You can also pass them in as -var='aws_access_key=XXX' and -var='aws_secret_key=YYY' |
@pll I don't want to set environment variables. I already have them, and i'm wiling to make more if I need to match the naming syntax. What I want to know is how do I use these in my example.tf file, instead of hard-coding my keys in yet another file. AWS_ACCESS_KEY_ID |
Trying to work through the quickstart intro, what do I put in here?
|
"${aws_access_key}" Then, from the command line, run tf like this: $ terraform plan -var='aws_access_key=YOUR_AWS_ACCESS_KEY' -var='aws_secret_key=YOUR_AWS_SECRET_KEY' |
got it. So what you're saying is there is no way to simply run A. A wrapper script |
No, you can also use environment variables as explained here: |
FYI: You should join the #terraform-tool irc channel, it's more real-time :) |
Thanks, i'll jump in there. |
@phinze The correct way of using environment variable is to |
This doesn't work for uppercase vars in the following key
Lowercase does appear to work rds_db_name = "TF_VAR_rds_db_name". Other uppercase VARS appear to be working (not returning errors). |
And the following doesn't appear to be working for me:
Vars set as Returns:
The keys are correct. Now I just input the keys manually. |
@devops1337 This allows variables to be set with env vars, not you to specify values coming from env vars. It appears your latter example is trying to do that... Instead the way you'd set them as |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
Fixes #62 (enough for now, at least)
This makes it so that you can set the env var
TF_VAR_name
to set the variable with the name "name".In the future, we'd still like to add
${env.NAME}
syntax to the configuration, but the way we'd like to do that represents significantly more engineering effort. This is a nice stop-gap solution to support env vars for configuration that is simple to implement. And it isn't mutually exclusive toenv.NAME
interpolations: we'll keep both when we implement them.I've found this style of configuration to be very useful in automation environments.