Interpolation Syntax

Useful resource output#

Once a resource is created, it returns a number of attributes. The attributes a resource returns can be found in the “Attributes Reference” section on the documentation page for any resource. This is amazingly useful as it allows you to use the output from one resource as the argument for another resource.

Project example#

Consider the following project:

This project creates an AWS VPC with CIDR block 10.0.0.0/16. Then it defines a security group (aws_security_group). Notice that the value of vpc_id is set to aws_vpc.my_vpc.id in the definition of the security group . The value of aws_vpc.my_vpc.id is not known before we run the project, since AWS will randomly assign it when we create the VPC. By referencing the VPC we created, we can use this value even though we do not know what it will be until we run the project.

Output attribute#

The format for using an output attribute from a resource is <resource_type>.<resource_identifier>.<attribute_name>. In the VPC id example, we are getting the output from an aws_vpc resource type, with the identifier name my_vpc, and we want to get the id attribute value. Thus, we end up with aws_vpc.my_vpc.id. It is worth noting here that this syntax was greatly simplified in Terraform version 0.15 (which is the syntax all of the examples in this course will be using).

Security group rule#

Next, in our project, we define a security group rule (aws_security_group_rule). This allows ingress traffic on port 443. In the aws_security_group_rule, we need to reference the id of the security group that we want to put this rule in. We can use the same technique as we did when we referenced the id of the VPC. Let’s work through how to figure this out together:

• It will start with the type of resource we want to reference, aws_security_group.

• Next, we use the identifier to specify which instance of the security group we want to use, which is my_security_group.

• Lastly, we use the attribute of that property we want to use, which is id.

This leads us to build the expression aws_security_group.my_security_group.id which we can use for the value of the property security_group_id inside the aws_security_group_rule resource.

Adding a new security group#

To illustrate the way Terraform can create a project in parallel, consider what happens when we add a new security group rule to our project above:

When you run the project now, Terraform will realise that it can create both security group rules in parallel. Once the security group they both depend on is created, it will create both of the rules together. This feature of Terraform makes for excellent performance. It may seem obvious in this example, but as a project grows, the amount Terraform can run in parallel can be quite impressive.

📝Note: Once you are done with the project, do not forget to run terraform destroy and then confirm with yes to delete all of the resources in this project.