The difficulty is to make the Terraform fail if you decide to use a bad value. There are several ways to do that, here is mine:
data "aws_s3_bucket_object" "white_list" { bucket = "my-bucket" key = "my_white_list" } locals { value_to_check = "SomeValue" white_list = split( " ", replace(data.aws_s3_bucket_object.white_list.body, "/\\s+/", " "), ) allowed = zipmap(local.white_list, local.white_list)[local.value_to_check] }
The data part is fetching my file from an S3, but you can imagine using a simple file command, or even a hardcoded list.
Then I am setting the value to check, which is hardcoded here for the example, but it will typically be calculated or retrieved from some other place. I then create a Terraform list from the file, by removing any extra space and splitting the lines.
Finally, here is my way of making Terraform fail. I create a map from the white list, using the zipmap function, and get the value from it. If the value is not in the map, Terraform will just stop with an error.
No comments:
Post a Comment