1

I have an output from subnets and vpc id from the networking terraform implementation on my AWS. The tfstate is stored in the s3 example/networking/terraform.tfstate.

public_subnets = [
  "subnet-0c1ed9933fxxxxxf",
  "subnet-0ee61aaa65xxxx3",
  "subnet-0b9bcf251ebxxxxx54",
]
vpc_id = "vpc-085b3d740xxxxxx"

I do not want to manually put the output vpc or subnets in the tf code but calling it dynamically. but is throwing this error below

| Error: Variables not allowed
│ 
│   on main.tf line 28, in variable "target_vpc":
│   28:   default     = "${data.terraform_remote_state.vpc.outputs.vpc_id}"
│ 
│ Variables may not be used here.
╵
╷
│ Error: Variables not allowed
│ 
│   on main.tf line 34, in variable "target_subnet":
│   34:   default     = "${data.terraform_remote_state.subnet.outputs.public_subnets[1]}"
│ 
│ Variables may not be used here.

Code :

provider "aws" {
  region = "eu-west-1"
}

data "terraform_remote_state" "vpc" {
  backend = "s3"
  config = {
    bucket = "example-comp"
    key    = "comp/networking/terraform.tfstate"
    region = "eu-west-1"
  }
}

data "terraform_remote_state" "subnet" {
  backend = "s3"
  config = {
    bucket = "example-comp"
    key    = "comp/networking/terraform.tfstate"
    region = "eu-west-1"
  }

} 

variable "target_vpc" { 
  default     = "${data.terraform_remote_state.vpc.outputs.vpc_id}"
  description = "Project Default VPC: aws acct as default"
}

variable "target_subnet" { 
  default     = "${data.terraform_remote_state.subnet.outputs.public_subnets[1]}"
  description = "Project Default VPC SN: eu-west-1"
}

variable "aws_ami" {
  type = string
  default = "ami-0b850cf02cc00fdc8"
}

variable "server_type" {
  type = string
  default = "t2.micro"
}   

variable "target_keypairs" {
  type = string
  default     = "EC2 Tutorial"
  description = "Project default keys:"
}   

variable "project" {
  default = "example-comp"
}

terraform {
  required_version = ">= 0.12.31"

  backend "s3" {
    bucket = "example-comp"
    key    = "comp/simple-instance/terraform.tfstate"
    region = "eu-west-1"
  }
}

resource "aws_security_group" "dm_sg_res" {
  name        = "${var.project}-server-sg"
  description = "multiple firewall rules"
  vpc_id      = var.target_vpc

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 3000
    to_port     = 3000
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

resource "aws_instance" "server_inst_res" {
  ami                    = var.aws_ami
  instance_type          = var.server_type
  vpc_security_group_ids = [aws_security_group.dm_sg_res.id]
  key_name               = var.target_keypairs
  subnet_id              = var.target_subnet

    connection {
      type        = "ssh"
      user        = "centos"
      private_key = "${file("EC2Tutorial.pem")}"
      timeout     = "3m"
      host        = "${self.public_ip}"
    }

    provisioner "remote-exec" {
      inline = [
        "sudo yum update -y",
        "sudo yum install git wget vim unzip -y",
        "sudo setenforce 0"
      ]
    }

    provisioner "local-exec" {
        command = "ANSIBLE_HOST_KEY_CHECKING=false ansible-playbook -u centos -i '${self.public_ip},' --private-key 'EC2Tutorial.pem' site.yaml"
    }

  tags = {
    Name = "${var.project}-server"
  }
}

output "pub_ip" {
  value = ["${aws_instance.server_inst_res.public_ip}"]
}
Improve this question
5
  • Remove the " in the second last line. And three lines above as well. Commented May 28, 2022 at 19:04
  • you are using a string literal. Dont quote them. Commented May 28, 2022 at 19:05
  • i tried that, it says Variables not allowed On main.tf line 45: Variables may not be used here Commented May 28, 2022 at 19:19
  • Please update the question with the changed code, the new error message, and show us the line the error is been raised (since we cannot see your line numbers). Commented May 28, 2022 at 22:05
  • @DennisGrunert thanks. have pasted the full code .... Commented May 28, 2022 at 22:51

1 Answer 1

Reset to default
4

You are referencing a data resource for the default value of a variable, which is not allowed (see the Terraform documentation on input variables):

variable "target_vpc" {
  default = data.terraform_remote_state.vpc.outputs.vpc_id
}

Instead, use a local variable as intermediate:

locals {
  target_vpc = var.target_vpc == null ? data.terraform_remote_state.vpc.outputs.vpc_id : var.target_vpc
}

variable "target_vpc" {
  default = null
}

When referencing the VPC in other resources, use then local.target_vpc instead of var.target_vpc.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.