Updated on 2023-12-13 GMT+08:00

Input Variables

Input variables are like arguments for a module. They are declared using the keyword variable. By defining input variables, you can flexibly modify the configuration without altering the source code of the module. You can use default values, CLI options, or environment variables to set the input variables' values.

Defining Input Variables

By convention, input variables are defined in a file named variables.tf. The input variable is declared using the keyword variable:

variable "iamge_id" {
  type        = string
  description = "image id of Ubuntu 1804"
}

variable "availability_zone_name" {
  type    = string
  default = 
}
The label after the variable keyword is the name of the input variable, which must be unique among all variables in the same module. The name of a variable can be any valid identifier other than a reserved keyword. The reserved keywords include:
source    version    providers    count    for_each    lifecycle    depends_on    locals

A variable block contains the following arguments:

  • type: specifies the type of a variable. The default value is string.
  • description: describes the usage of a variable.
  • default: specifies the default value of a variable. A variable with a default value can be regarded as an optional variable.
  • validation block: specifies the customized validation rules of a variable.

If no variable type is specified, the default value string is used. You are advised to explicitly specify variable types; they can serve as helpful reminders for users of the module, and they allow Terraform to return a helpful error message if the wrong type is used. Terraform input variables support the following types:

  • Basic types: string, number, and bool
  • Compound types: list(<TYPE>), set(<TYPE>), map(<TYPE>)

The following example defines a variable of the compound type:

variable "availability_zone_names" {
  type    = list(string)
  default = []
}

variable "docker_ports" {
  type = list(object({
    internal = number
    external = number
    protocol = string
  }))
  default = [{
    internal = 8300
    external = 8300
    protocol = "tcp"
  }]
}

Custom Validation Rules

You can use the validation nested block to specify custom validation rules for an input variable. This feature is supported in Terraform 0.13.0 and later versions. Example:

variable "iam_user_password" {
    type        = string
    description = "The password for iam user to log in."

    validation {
      condition     = length(var.iam_user_password)>=8
      error_message = "The password is too short."
    }
}

The condition argument is a Boolean expression. You can use a can function to check whether an error will be caused by the expression. Example:

variable "iam_user_name" {
    type        = string
    description = "This name is used for iam user to log in."

    validation {
      # regex(...) If the variable fails to match the following condition, an error is returned.
      condition     = can(regex("([a-zA-Z])", var.iam_user_name))
      error_message = "Incorrect user name. Please check whether it contains upper and lower case letters."
    }
}

If the result of condition is false, Terraform generates an error message that contains the character string defined by error_message. The value of error_message must include at least a complete sentence that starts with an uppercase letter and ends with a period (.) or question mark (?).

Referencing Input Variables

An input variable can be accessed as var.<Variable name> and only in the module that declares it.

# variables.tf
variable "vpc_cidr" {
  type        = string
  description = "the CIDR of VPC"
}

# main.tf

Setting Variables

You can set input variables in either of the following ways:

  • With the -var command line option.
  • In variable definitions (.tfvars) files, either specified on the command line or automatically loaded.
  • As environment variables.

Variable Definitions (.tfvars) Files

If many variables are used in the configuration, you are advised to set their values in a variable definitions file, and then use the -var-file option to specify that file.

terraform apply -var-file="testing.tfvars"

A variable definitions (.tfvars) file uses the same basic syntax as the configuration files, but consists only of variable name assignments:

vpc_name = "my_vpc"
vpc_cidr = "192.168.0.0/16"
availability_zone_names = [
]

Terraform also automatically loads variable definitions files if they are present:

  • Files named exactly terraform.tfvars or terraform.tfvars.json
  • Any files with names ending in .auto.tfvars or .auto.tfvars.json

Files whose names end with .json are parsed instead as JSON objects.

{
    "vpc_name": "my_vpc"
}

Variable Definition Precedence

The above mechanisms for setting variables can be used together in any combination. For variables of the compound type, you are advised to use the variable definitions file to improve readability and avoid problems caused by escape. If you assign multiple values to the same variable, Terraform uses the last value it finds, overriding any previous values. Terraform loads variables in the following order, with later sources taking precedence over earlier ones:

  1. Environment variables
  2. terraform.tfvars or terraform.tfvars.json file
  3. *.auto.tfvars or *.auto.tfvars.json file
  4. -var and -var-file options in the command line

Note that the same variable cannot be assigned multiple values within a single source.

For more information about variables, see Input Variables in the Terraform documentation.