Terraform Module Output: Access Field Values

• Introduction
• Step-by-Step Guide
• Code Example
• Additional Notes
• Summary
• Conclusion
• References

In Terraform, modules are a powerful way to encapsulate and reuse infrastructure code. But what if you need to share information from a module with other parts of your configuration? That's where outputs come in. Outputs act as bridges, allowing you to expose specific values from a module to be used elsewhere. Let's explore how to define and utilize outputs effectively.

To make information from a Terraform module accessible to other parts of your infrastructure code, you use outputs. Here's how it works:

1. Inside the Module:

• Define an output block: This block acts as a window to share specific values.
• Give it a descriptive name: This name is how you'll reference the output later.
• Assign a value: This is the actual data you want to expose. It can be a simple string, a resource attribute, or even a complex data structure.

output "instance_ip" {
  value = aws_instance.example.public_ip
}

2. Using the Output (in a different module or the root module):

• Reference the module: Use the module's name followed by the output name, separated by a period (.).
• Access like a variable: The output value is now available for use in expressions, resource configurations, etc.

module "my_server" {
  source = "./modules/server"
}

resource "aws_security_group_rule" "allow_ssh" {
  # ... other configurations
  source_address = module.my_server.instance_ip
}

Key Points:

• Outputs are module-specific: Each module defines its own outputs.
• Outputs are read-only: You can't modify an output's value outside its defining module.
• Outputs promote reusability: By exposing key values, you make modules more adaptable to different scenarios.

Example:

Imagine a module that creates a database. You could define outputs for the database's endpoint, username, and password. These outputs would then allow other parts of your infrastructure to connect to and interact with the database without needing to know the internal details of how it was created.

The code defines a Terraform module that creates a MySQL database instance on AWS. It generates a random password and assigns it to the database. The module outputs the database endpoint, username, and password. A root module utilizes this database module and retrieves the output values to use in other parts of the infrastructure code. This demonstrates how to create reusable modules and securely share information between different components of your infrastructure.

This example demonstrates how to use outputs in a Terraform module to expose information about a newly created database.

1. Database Module (modules/database/main.tf)

# Configure the AWS Provider
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 5.0"
    }
  }
}

# Create a Random Password
resource "random_password" "db_password" {
  length  = 16
  special = true
}

# Create a Database Instance
resource "aws_db_instance" "default" {
  identifier               = "mydb-${random_id.db_name_suffix.hex}"
  engine                  = "mysql"
  engine_version          = "8.0.28"
  instance_class           = "db.t3.micro"
  username                = "admin"
  password                = random_password.db_password.result
  skip_final_snapshot    = true
  allocated_storage       = 20
  max_allocated_storage  = 100
}

# Create a Random ID for Unique Database Name
resource "random_id" "db_name_suffix" {
  byte_length = 8
}

# Define Outputs
output "db_endpoint" {
  value = aws_db_instance.default.address
  description = "The endpoint of the database instance."
}

output "db_username" {
  value = aws_db_instance.default.username
  description = "The username for the database."
}

output "db_password" {
  value = random_password.db_password.result
  description = "The password for the database."
  sensitive = true
}

2. Root Module (main.tf)

# Configure the AWS Provider
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 5.0"
    }
  }
}

# Use the Database Module
module "my_database" {
  source = "./modules/database"
}

# Output the Database Information
output "database_details" {
  value = {
    endpoint = module.my_database.db_endpoint
    username = module.my_database.db_username
    password = module.my_database.db_password
  }
  sensitive = true
}

Explanation:

• Database Module: This module creates a MySQL database instance and defines three outputs: db_endpoint, db_username, and db_password. These outputs expose the database connection details.
• Root Module: This module uses the database module and accesses its outputs using the syntax module.<module_name>.<output_name>. It then outputs these values, demonstrating how they can be used in other parts of your infrastructure code.

This example shows how outputs make your Terraform modules more reusable and allow you to share information between different parts of your infrastructure code securely.

Best Practices:

• Descriptive Names: Use clear, concise names for outputs that indicate their purpose (e.g., database_connection_string instead of db_conn).
• Documentation: Add descriptions to outputs using the description attribute to explain their meaning and usage.
• Sensitive Outputs: Mark outputs containing sensitive data (passwords, API keys) as sensitive = true to prevent them from being displayed in the console output.
• Output Data Structures: Outputs can be complex types like lists, maps, and objects, allowing you to structure data for easier consumption.
• Versioning: When making changes to module outputs, consider versioning your modules to avoid breaking changes in downstream configurations.

Common Use Cases:

• Connecting Resources: Passing database connection details from a database module to an application module.
• Chaining Modules: Passing outputs from one module as inputs to another to create complex dependencies.
• Exposing Information: Outputting the public IP address of a load balancer for external access.
• Creating Reusable Components: Building modules like networking or security groups with configurable outputs for different environments.

Troubleshooting:

• Output Not Found: Double-check the module name, output name, and ensure the module is correctly referenced.
• Type Mismatch: Verify that the data type of the output matches how it's being used in the consuming module.
• Circular Dependencies: Ensure that outputs are not creating circular dependencies between modules.

Beyond the Basics:

• Terraform Remote State: Outputs can be accessed from remote state files, enabling sharing across workspaces and teams.
• Data Sources: Outputs can be used as inputs to data sources to fetch information based on dynamically generated values.

By mastering Terraform outputs, you can create modular, reusable, and well-organized infrastructure code that is easier to maintain and scale.

Example: A module creating a database could expose outputs for endpoint, username, and password, allowing other parts of the infrastructure to connect without knowing the database's internal creation details.

Outputs are essential for building modular and reusable Terraform code. They allow you to expose specific values from your modules, making them adaptable to different scenarios without revealing internal implementation details. By defining clear and well-documented outputs, you can create infrastructure building blocks that are easy to understand, use, and maintain. Mastering Terraform outputs is crucial for writing clean, organized, and scalable infrastructure code.

• Output Values - Configuration Language | Terraform | HashiCorp ... | A child module can use outputs to expose a subset of its resource attributes to a parent module. · A root module can use outputs to print certain values in the ...
• Why is my Terraform output not working in module? - Stack Overflow | Sep 25, 2018 ... To get outputs from a module in Terraform 0.12 and above, you must export them from the root (eg example_module ) module using an output block in the caller ...
• Terraform module - output whole resource or individual attributes? : r ... | Posted by u/DH171 - 14 votes and 6 comments
• Terraform Output Values : Complete Guide & Examples | What are Terraform outputs? See the different options for their configuration and how Terraform handles and exports output values between modules.
• Unable to access output attributes · Issue #3759 · hashicorp ... | I'm unable to access attributes from terraform.tfstate for a service account resource I created. The attribute exists and has a value. module1/main.tf resource "google_service_account" "gsvc_accoun...
• Unable to use module output as array - Terraform - HashiCorp Discuss | I am trying to create an AWS ElasticSearch domain module "es_xxx" { source = "../modules/aws_elasticsearch_domain" providers = { aws = "aws.default" } domain_name = "${var.env_name}-offers" tags = { env = "${var.env_name}" } elasticsearch_version = "7.9" instance_type = "t3.small.elasticsearch" subnet_ids = ["${module.p2s_vpc.elasticsearch_subnets}"] } terraform plan shows only one subnet: vpc_options.0.subnet_ids.#: “1” In the module output I ...
• Ability to set "type" on module output · Issue #30579 · hashicorp ... | Current Terraform Version Terraform v0.15.5 on darwin_amd64 Use-cases It would be useful to define the expected type of an output (the same way we can for variable). That would allow Terraform to t...
• How to Output an Object - Terraform - HashiCorp Discuss | Hi there, I’m going nuts trying to do what I think is a simple thing. I am creating two VMs. I would like to output an object that contains two maps or sets containing the name and IP of each VM. This is what I have to try and accomplish this: output "vms_and_ips" { value = tomap({ "name" = google_compute_instance_from_template.firewall..name "ip" = google_compute_instance_from_template.firewall..network_interface.0.access_config.0.nat_ip }) } This is how I am trying to acce...
• Can I add an output to a Terraform module that already exists in ... | May 7, 2019 ... So I resolved this myself. You can actually manually update a state file to add outputs to a module. Key points are:.