I have 4 storage class variables that are set by default to false , then set one of them in inputs to "true" . Looking for a way to validate that only one of 4 storage classes variable is set to "true".
variable "sc1_default" {
default = "false"
}
variable "sc1_default" {
default = "false"
}
variable "sc3_default" {
default = "false"
}
variable "sc4_default" {
default = "false"
}
on terraform.tfvars Inputs
sc3_default = "true"
On
@helder-sepulveda's answer has a minor bug - validation will fail when all variables are set to "false"
Here's a working example:
variable "sc1_default" {
default = "true"
}
variable "sc2_default" {
default = "false"
}
variable "sc3_default" {
default = "false"
}
variable "sc4_default" {
default = "true"
}
provider "null" {}
locals {
joined_scs = join("", [var.sc1_default, var.sc2_default, var.sc3_default, var.sc4_default])
scs_are_valid = replace(local.joined_scs, "false", "") == "true"
}
resource "null_resource" "validation" {
lifecycle {
precondition {
condition = local.scs_are_valid
error_message = "One and only one SC should be set to true."
}
}
}
Running terraform plan:
Planning failed. Terraform encountered an error while generating this plan.
│ Error: Resource precondition failed
│
│ on main.tf line 27, in resource "null_resource" "validation":
│ 27: condition = local.scs_are_valid
│ ├────────────────
│ │ local.scs_are_valid is false
│
│ One and only one SC should be set to true.
As an alternative to my other answer, I was just wondering how exactly are you using the storage class variables?
Instead of 4 boolean variables wouldn't it be easier to just declare one string variable and add a condition in order to accept only valid values?
For example, assuming that valid values are sc1, sc2, sc3 and sc4:
variable "storage_class" {
type = string
description = "Value of storage class"
validation {
condition = contains(["sc1", "sc2", "sc3", "sc4"], var.storage_class)
error_message = "The storage_class must be one of: sc1, sc2, sc3, sc4."
}
}
Running terraform plan with variable storage_class="abc":
Planning failed. Terraform encountered an error while generating this plan.
╷
│ Error: Invalid value for variable
│
│ on main.tf line 1:
│ 1: variable "storage_class" {
│ ├────────────────
│ │ var.storage_class is "abc"
│
│ The storage_class must be one of: sc1, sc2, sc3, sc4.
Option #1
We can do that with a lifecycle precondition in a null_resource
A couple of things before we dive into the code:
sc1_defaultvariables I'm assuming that the second one was a typo and what you meant there issc2_defaulttypein the variables, it's a good practice, makes the code more readable and if someone accidentally passes the wrong type the code fails gracefully.see sample code below
You can see I set the
sc3_defaultandsc4_defaultboth to true just to trigger the error ...The condition is the core of this validation we are just adding all the true with the help of shorthand if syntax
(var.sc_default ? 1 : 0)and the total should be less than two, I'm assuming that all false is OK, but if not you can change that logic to check that is precisely one.A terraform plan on that code will error out with the following message:
Option #2
If you can change the input variables we could reduce it to just one with a
list(bool)the code will be smaller and the validation would be right on the variable