Terraform using variables and other resources in modules

Question

I am refactoring my terraform code to use modules. But I am getting alot of variable/resource not defined errors/found.

I found that I need to move my variable [name] {} blocks into the module. Isit impossible for modules to reference parent/another modules variables? Eg. sometimes I may have some reused variables eg. NODE_ENV.

Next ... after this, I find that it says missing required argument. I am just running terraform init because terraform says I need to do it... I tried adding -var-file but it does not seem to work for modules? How should I resolve this?

There are also alot of

resource 'aws_ecs_service.xxx-ecs-service' config: unknown module referenced: ecs

errors ... it appears I cannot reference resources the usual way anymore?

# ecs/ecs.tf
resource "aws_ecs_task_definition" "xxx-ecs-task" {
  family = "${var.family}"
  container_definitions = "${data.template_file.container_defination.rendered}"
  task_role_arn = "${var.role_arn}"
  execution_role_arn = "${var.role_arn}"
  network_mode = "awsvpc"
  cpu = "${var.cpu}"
  memory = "${var.memory}"
  requires_compatibilities = ["FARGATE"]
  tags = "${var.tags}"
}

resource "aws_ecs_service" "xxx-ecs-service" {
  name = "${var.service_name}"
  cluster = "${var.ecs_cluster}"
  task_definition = "${module.ecs.aws_ecs_task_definition.pinfare-ecs-task.arn}"
}

For the task_defination, I tried adding module.ecs since ecs is the name of my module

module "ecs" {
  source  = "./ecs"
  name = "ecs"
}

mon mon · Accepted Answer · 2019-01-24T12:41:10

To avoid confusion, would recommend complete directory separation.

module/ecs/ecs.tf
env/dev/myecs.tf

Below is illustration purpose and have not tested by myself.

Configurations

module/ecs/ecs.tf

resource "aws_ecs_task_definition" "xxx-ecs-task" {
  family = "${var.family}"
  container_definitions = "${data.template_file.container_defination.rendered}"
  task_role_arn = "${var.role_arn}"
  execution_role_arn = "${var.role_arn}"
  network_mode = "awsvpc"
  cpu = "${var.cpu}"
  memory = "${var.memory}"
  requires_compatibilities = ["FARGATE"]
  tags = "${var.tags}"
}

resource "aws_ecs_service" "xxx-ecs-service" {
  name = "${var.service_name}"
  cluster = "${var.ecs_cluster}"
  task_definition = "${aws_ecs_task_definition.xxx-ecs-task.arn}"
}

module/ecs/variables.tf

Define all the variables to be passed from the module user side (env/dev/myecs.tf).

variable "family" {
}
variable "role_arn" {
}
...

env/dev/myeecs.tf

module "ecs" {
  source  = "../../module/ecs"
  family = "value of family here"
  role_arn = "value of IAM role arn"
  ...
}

module path

Please beware of ${path.module} as in Paths and Embedded Files to specify a path to a file within a module. Confusingly both env/dev/ and module/ecs are module in Terraform where env/dev/ is the root module.

Creating Modules

Modules in Terraform are folders with Terraform files. In fact, when you run terraform apply, the current working directory holding the Terraform files you're applying comprise what is called the root module. This itself is a valid module.

When specify a path, basically it is that within the root module. Therefore within a called module (module/ecs), prefix with ${path.module}/ so that the called module will not try to load files inside env/dev.

Terraform Registry

I would recommend having a look at Terraform Registry, for instance Security Group module to get used to how to use Terraform module. Links to GitHub are there too.