Terraform : Use Yaml to create variables

nico.stylemans

02/01/2023

Main Focus :

  • Deploy Azure Resources
  • Use Yaml file as parameter file
  • Validate Yaml Parameter file with a Yaml Schema file
  • Convert Yaml Parameter file to Terraform parameter file

Explanation :

As I have already described an example of converting a YAML file to a JSON parameter file that could be used for Bicep or ARM deployments, I was wondering if I could use the same technique to convert a YAML file to a tfvars file for use with terraform. As sometimes its easier to describe something in YAML.

Example 1 : Deploy IP-Groups

Started with a simple resource an Ip-group:

I created a module to deploy multiple Ip-groups

resource "azurerm_ip_group" "IpGroup" {

  for_each                    = var.IpGroups

  name                        = each.value["Name"]
  location                    = each.value["Location"]
  resource_group_name         = var.Rg

  cidrs                       = each.value["IpAddresses"]

  tags                        = var.Tags

}

To represent this Terraform file I created the following YAML-file

Tagging:
  domain: network
  environment: prd
  owner: nico

IpGroups:
  - Name: ipg-group-01-neu
    Location: northeurope
    IpAdresses:
      - 10.0.0.0/16
      - 10.255.0.0/15
  - Name: ipg-group-01-weu
    Location: westeurope
    IpAdresses:
      - 10.0.1.0/24

The Yaml file can be checked agains a schema file

 IpGroups:
    type: seq
    required: true
    sequence:
     - type: map
       required: true
       mapping:
         Name:
           type: str
           required: true
         Location:
           type: str
           required: true
         IpAddresses:
           type: seq
           required: true
           sequence:
             - type: str
               required: false

In the main deployment file the link between the parameters is done

module "Ipgroups" {
  source          = "./modules/azure/IpGroups"
  
  IpGroups          = var.IpGroups
  Rg                = var.resource_group
  Tags              = var.Tagging

  depends_on = [module.Resource-Group.rg-info]
}

To convert the YAML file to TFVARS file use the Python Script

Before Executing the python script you need to install some module

  1. Install Python
  2. Install Pykwalify : pip install pykwalify
  3. Install PyYaml : pip install pyyaml

python ConvertTo-TerraformVarsFile.py –parameter-file Ipgroup-TFParameters.yml –schema-file Ipgroup-TFSchema.yml

The ConvertTo-TerraformVarsFile script will verify the existing of both files and compare the Parameter-file with the define schema file. If the validation against the schema file is valid the conversion will be done by the TerraYaml.py python script

This produces a TFVars file that can be used during the deployment of the Terraform script

The IPGroup example can be found here : IpGroup
A more Advanced WAFPolicy Example can be found here : WafPolicy

This project can be found in the following repo :https://github.com/nico-stylemans/Terraform-Azure