Search code examples
azureterraform

dependency between items in foreach loop in terraform

I have a modul which is responsible to create azure private endpoints. For one resource I would like to create two private enpoints, hence I use terraform forech loop as following:

module "azure_private_endpoint" {
  source = "../azure-private-endpoint"
  for_each = { for k, v in var.endpoints : k => merge(v, { index = index(keys(var.endpoints), k) + 1 }) }
  name                = "testpe_${each.key}_${each.value.type}"
  location            = var.resource_location
  resource-group-name = "MyResourceGroup"
  subnet-key          = each.value.subnet
   ....
}

My problem is now, that private endpoints should not be created in parallel. They should be created after each other.

How can I realise this requirement in a single call to the module?

Solution

  • Dependency between items to create one after another in terraform

    Thanks Lorenzo Felletti for your valuable inputs on achieving the requirement after not creating resources simultaneously but to create one after another.

    In the configuration you shared creating the private point was not depends on each other even though we use the depends_on meta-argument it doesn't work because depends_on works with static inputs it can't achieved while using foreach as it provides dynamic references.

    As mentioned in comments i tried using null resource configuration and I was able to achieve the requirement you're looking for.

    Configuration:

    provider "azurerm" {
  features {}
}

variable "resource_group_name" {
  description = "Name of the resource group."
  type        = string
}

variable "vnet_name" {
  description = "Name of the virtual network."
  type        = string
}

variable "endpoints" {
  description = "List of private endpoints with their configurations."
  type        = list(object({
    name                          = string
    subnet                        = string
    private_connection_resource_id = string
    group_ids                     = list(string)
    connection_name               = string
  }))
}

resource "null_resource" "set_initial_state" {
  provisioner "local-exec" {
    interpreter = ["pwsh", "-c"]
    command = "Set-Content -Path current_state.txt -Value '0'"
  }
}

resource "null_resource" "sequential_resources" {
  count = length(var.endpoints)

  provisioner "local-exec" {
    interpreter = ["pwsh", "-c"]
    command = <<EOT
      while ((Get-Content current_state.txt) -ne "${count.index}") {
        Write-Host "${count.index} is waiting..."
        Start-Sleep -Seconds 5
      }
    EOT
  }

  provisioner "local-exec" {
    interpreter = ["pwsh", "-c"]
    command = <<EOT
      az network private-endpoint create `
        --name ${var.endpoints[count.index].name} `
        --resource-group ${var.resource_group_name} `
        --vnet-name ${var.vnet_name} `
        --subnet ${var.endpoints[count.index].subnet} `
        --private-connection-resource-id ${var.endpoints[count.index].private_connection_resource_id} `
        --group-ids ${join(" ", var.endpoints[count.index].group_ids)} `
        --connection-name ${var.endpoints[count.index].connection_name}
    EOT
  }

  provisioner "local-exec" {
    interpreter = ["pwsh", "-c"]
    command = "Set-Content -Path current_state.txt -Value '${count.index + 1}'"
  }

  depends_on = [null_resource.set_initial_state]
}

    Deployment:

    When i ran the terraform commands the provisioning state logs looks something like this

    enter image description here

    which means while creating pe1 the rest of two were in waiting state.

    enter image description here

    enter image description here

    Refer:

    Sequential resource creation in terraform with count or for_each. Possible? - Stack Overflow answered by Fedor Petrov

    https://developer.hashicorp.com/terraform/language/resources/provisioners/local-exec