Try SpotterManages a Terraform deployment (and plans)
Authors: Ryan Scott Brown (@ryansb)
Install with ansible-galaxy collection install community.general:==8.5.0
collections:
- name: community.general
version: 8.5.0Provides support for deploying resources with Terraform and pulling resource information back into Ansible.
- name: Basic deploy of a service
community.general.terraform:
project_path: '{{ project_dir }}'
state: present
- name: Define the backend configuration at init
community.general.terraform:
project_path: 'project/'
state: "{{ state }}"
force_init: true
backend_config:
region: "eu-west-1"
bucket: "some-bucket"
key: "random.tfstate"
- name: Define the backend configuration with one or more files at init
community.general.terraform:
project_path: 'project/'
state: "{{ state }}"
force_init: true
backend_config_files:
- /path/to/backend_config_file_1
- /path/to/backend_config_file_2
- name: Disable plugin discovery and auto-download by setting plugin_paths
community.general.terraform:
project_path: 'project/'
state: "{{ state }}"
force_init: true
plugin_paths:
- /path/to/plugins_dir_1
- /path/to/plugins_dir_2
- name: Complex variables example
community.general.terraform:
project_path: '{{ project_dir }}'
state: present
complex_vars: true
variables:
vm_name: "{{ inventory_hostname }}"
vm_vcpus: 2
vm_mem: 2048
vm_additional_disks:
- label: "Third Disk"
size: 40
thin_provisioned: true
unit_number: 2
- label: "Fourth Disk"
size: 22
thin_provisioned: true
unit_number: 3
force_init: true
lock:
default: true
description:
- Enable statefile locking, if you use a service that accepts locks (such as S3+DynamoDB)
to store your statefile.
type: bool
state:
choices:
- planned
- present
- absent
default: present
description:
- Goal state of given stage/project
type: str
targets:
default: []
description:
- A list of specific resources to target in this plan/application. The resources selected
here will also auto-include any dependencies.
elements: str
type: list
plan_file:
description:
- The path to an existing Terraform plan file to apply. If this is not specified,
Ansible will build a new TF plan and execute it. Note that this option is required
if 'state' has the 'planned' value.
type: path
variables:
description:
- A group of key-values pairs to override template variables or those in variables
files. By default, only string and number values are allowed, which are passed on
unquoted.
- Support complex variable structures (lists, dictionaries, numbers, and booleans)
to reflect terraform variable syntax when O(complex_vars=true).
- Ansible integers or floats are mapped to terraform numbers.
- Ansible strings are mapped to terraform strings.
- Ansible dictionaries are mapped to terraform objects.
- Ansible lists are mapped to terraform lists.
- Ansible booleans are mapped to terraform booleans.
- B(Note) passwords passed as variables will be visible in the log output. Make sure
to use C(no_log=true) in production!
type: dict
workspace:
default: default
description:
- The terraform workspace to work with. This sets the E(TF_WORKSPACE) environmental
variable that is used to override workspace selection. For more information about
workspaces have a look at U(https://developer.hashicorp.com/terraform/language/state/workspaces).
type: str
force_init:
default: false
description:
- To avoid duplicating infra, if a state file can't be found this will force a C(terraform
init). Generally, this should be turned off unless you intend to provision an entirely
new Terraform deployment.
type: bool
state_file:
description:
- The path to an existing Terraform state file to use when building plan. If this
is not specified, the default C(terraform.tfstate) will be used.
- This option is ignored when plan is specified.
type: path
binary_path:
description:
- The path of a terraform binary to use, relative to the 'service_path' unless you
supply an absolute path.
type: path
parallelism:
description:
- Restrict concurrent operations when Terraform applies the plan.
type: int
version_added: 3.8.0
version_added_collection: community.general
complex_vars:
default: false
description:
- Enable/disable capability to handle complex variable structures for C(terraform).
- If V(true) the O(variables) also accepts dictionaries, lists, and booleans to be
passed to C(terraform). Strings that are passed are correctly quoted.
- When disabled, supports only simple variables (strings, integers, and floats), and
passes them on unquoted.
type: bool
version_added: 5.7.0
version_added_collection: community.general
lock_timeout:
description:
- How long to maintain the lock on the statefile, if you use a service that accepts
locks (such as S3+DynamoDB).
type: int
plugin_paths:
description:
- List of paths containing Terraform plugin executable files.
- Plugin executables can be downloaded from U(https://releases.hashicorp.com/).
- When set, the plugin discovery and auto-download behavior of Terraform is disabled.
- The directory structure in the plugin path can be tricky. The Terraform docs U(https://learn.hashicorp.com/tutorials/terraform/automate-terraform#pre-installed-plugins)
show a simple directory of files, but actually, the directory structure has to follow
the same structure you would see if Terraform auto-downloaded the plugins. See the
examples below for a tree output of an example plugin directory.
elements: path
type: list
version_added: 3.0.0
version_added_collection: community.general
project_path:
description:
- The path to the root of the Terraform directory with the vars.tf/main.tf/etc to
use.
required: true
type: path
check_destroy:
default: false
description:
- Apply only when no resources are destroyed. Note that this only prevents "destroy"
actions, but not "destroy and re-create" actions. This option is ignored when O(state=absent).
type: bool
version_added: 3.3.0
version_added_collection: community.general
backend_config:
description:
- A group of key-values to provide at init stage to the -backend-config parameter.
type: dict
overwrite_init:
default: true
description:
- Run init even if C(.terraform/terraform.tfstate) already exists in O(project_path).
type: bool
version_added: 3.2.0
version_added_collection: community.general
purge_workspace:
default: false
description:
- Only works with state = absent
- If true, the workspace will be deleted after the "terraform destroy" action.
- The 'default' workspace will not be deleted.
type: bool
variables_files:
aliases:
- variables_file
description:
- The path to a variables file for Terraform to fill into the TF configurations. This
can accept a list of paths to multiple variables files.
elements: path
type: list
init_reconfigure:
default: false
description:
- Forces backend reconfiguration during init.
type: bool
version_added: 1.3.0
version_added_collection: community.general
provider_upgrade:
default: false
description:
- Allows Terraform init to upgrade providers to versions specified in the project's
version constraints.
type: bool
version_added: 4.8.0
version_added_collection: community.general
backend_config_files:
description:
- The path to a configuration file to provide at init state to the -backend-config
parameter. This can accept a list of paths to multiple configuration files.
elements: path
type: list
version_added: 0.2.0
version_added_collection: community.general
command:
description: Full C(terraform) command built by this module, in case you want to
re-run the command outside the module or debug a problem.
returned: always
sample: terraform apply ...
type: str
outputs:
contains:
sensitive:
description: Whether Terraform has marked this value as sensitive
returned: always
type: bool
type:
description: The type of the value (string, int, etc)
returned: always
type: str
value:
description: The value of the output as interpolated by Terraform
returned: always
type: str
description: A dictionary of all the TF outputs by their assigned name. Use RV(ignore:outputs.MyOutputName.value)
to access the value.
returned: on success
sample: '{"bukkit_arn": {"sensitive": false, "type": "string", "value": "arn:aws:s3:::tf-test-bukkit"}'
type: complex
stdout:
description: Full C(terraform) command stdout, in case you want to display it or
examine the event log
returned: always
sample: ''
type: str