Terraform: aws_cloudformation_stack outputs unable to be referenced from other resources

Created on 2 Aug 2016  ยท  10Comments  ยท  Source: hashicorp/terraform

Terraform Version

Terraform v0.7.0-rc4 (abfd2c1daf914867b8737ac9419f3bd2ecc7a822)

Affected Resource(s)

aws_cloudformation_stack

Expected Behavior

Planned creation of the resource after the cloudformation resource using the output from cloudformation

Actual Behavior

Failure to plan the creation of the resources dependent on the cloudformation resource

Important Factoids

This will work in 0.6.16

Without a resource referencing the cloudformation stack resource the plan succeeds and can be applied without issues.

Also, I realize there is an aws_vpc resource, this is just a simple sample that shows the failure. My use case is more specific.

Terraform Configuration Files

#main.tf ---
variable region  { }
variable profile { }
variable cloudformation_file { default = "cloudformation.json" }

provider "aws" {
  region  = "${var.region}"
  profile = "${var.profile}"
}

resource "aws_cloudformation_stack" "main" {
  name = "test-sample-cloudformation"
  template_body = "${file(var.cloudformation_file)}"

  parameters {
    VPCCidrParameter = "10.175.0.0/16"
  }

  timeout_in_minutes = 5

  tags {
    Name = "test-sample-vpc"
  }
}

resource "aws_subnet" "private" {
  cidr_block        = "10.175.0.0/20"
  vpc_id            = "${aws_cloudformation_stack.main.outputs.VPCReference}"
  availability_zone = "us-west-2a"
  tags {
    Name = "test-sample-subnet"
  }
}

output vpc_id { value =  "${aws_cloudformation_stack.main.outputs.VPCReference}"}

cloudformation.json

{
  "AWSTemplateFormatVersion" : "2010-09-09",
  "Description" : "Test cloudformation template",
  "Parameters" : {
    "VPCCidrParameter" : {
      "Type" : "String",
      "Description" : "Cidr block for vpc creation"
    }
  },
  "Resources" : {
    "SampleVPC" : {
      "Type" : "AWS::EC2::VPC",
      "Properties" : {
        "CidrBlock" : { "Ref" : "VPCCidrParameter" },
        "EnableDnsSupport" : true,
        "EnableDnsHostnames" : true,
        "InstanceTenancy" : "default"
      }
    }
  },
  "Outputs" : {
    "VPCReference" : {
      "Description" : "VPC reference ID",
      "Value" : { "Ref" : "SampleVPC" }
    }
  }
}

#terrafrom.tfvars
region = "us-west-2"
#profile = {replace me}

Debug Output

https://gist.github.com/mxlan/b8ecb75b99e360e61e3c2c7862f89904

Steps to Reproduce

Setup your aws credentials.
create a directory for the above files.
create the main.tf, terraform.tfvars, and cloudformation.json files with the associated text
replace the profile var with your configured profile
run: terraform plan -out=sample.plan
see error

Error running plan: 1 error(s) occurred:

* Resource 'aws_cloudformation_stack.main' does not have attribute 'outputs.VPCReference' for variable 'aws_cloudformation_stack.main.outputs.VPCReference'
bug provideaws
Source
picture mxlan

Most helpful comment

A note to anyone who stumbles across this: seems the bracketed value works best when quoted as well. So:

${aws_cloudformation_stack.main.outputs["VPCReference"]}

picture spanktar on 28 Sep 2016
👍12

All 10 comments

Also affects released version Terraform v0.7.0 e822a79165dbc06bbf8271ee349fe256867d53dc

miked0004 picture miked0004 on 3 Aug 2016

I think what happens is that the variable checking with terraform plan and apply in 0.7.0 became stricter. It fails because it cannot find the aws_cloudformation_stack.main.outputs.VPCReference variable since that one is only available at runtime (Terraform does not parse the cloudformation script, so it will not know about the VPCReference field at the time it is performing the checks).

It works in 0.7.0 when the variable is referenced as aws_cloudformation_stack.main.outputs[VPCReference].

I think the only thing that needs to be done is updating the documentation to be clearer about how you're supposed to use the aws_cloudformation_stack outputs field since one of the ways you could use it in 0.6 no longer works in 0.7.

sigurdknippenberg picture sigurdknippenberg on 4 Aug 2016
👍3

Thank you for that, shall I change the issue to update the documentation or open a new ticket?

mxlan picture mxlan on 4 Aug 2016

I was actually incorrect when I posted that 6 days ago. Even though that change allowed terraform plan and terraform apply to succeed in my local test, the referenced variables were not replaced by their actual values, but instead were not replaced at all.

I submitted a pull request that allows the outputs to be predefined in the aws_cloudformation_stack block so that they can be referenced later. I have verified that the variables will actually get replaced in that case and terraform plan and terraform apply work with this change: https://github.com/hashicorp/terraform/pull/8108

sigurdknippenberg picture sigurdknippenberg on 10 Aug 2016

Issue resolved with: https://github.com/hashicorp/terraform/pull/8080

mxlan picture mxlan on 11 Aug 2016

A note to anyone who stumbles across this: seems the bracketed value works best when quoted as well. So:

${aws_cloudformation_stack.main.outputs["VPCReference"]}

spanktar picture spanktar on 28 Sep 2016
👍12

Another note: I ran into this problem (using the suggested syntax with brackets and quoting) when I had a stack that was rolled back, but not deleted.
Then terraform will not create it again, but also is unable to read the exports.

Manual deletion of the stack helped.

BernhardBln picture BernhardBln on 10 Jul 2018

We have run into similar issues here as well. I did some digging and as a result submitted the following issue with Terraform https://github.com/hashicorp/terraform/issues/18863

But if they can't do any of the proposals in that ticket one potential way to fix this purely in the provider is create a resource for stack outputs that are composed of just a computed value that can then have a dependency on the cloudformation stack resource as well as provide something that you can reference in other resources. It's a little ugly but it would work with the way terraforms schema datamodel and algorithms function.

zaphar picture zaphar on 14 Sep 2018
👍1

Another note: I ran into this problem (using the suggested syntax with brackets and quoting) when I had a stack that was rolled back, but not deleted.
Then terraform will not create it again, but also is unable to read the exports.

Manual deletion of the stack helped.

Appreciated your solution, Issue got fixed.

RamaIndia picture RamaIndia on 29 Apr 2019

I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

hashibot[bot] picture hashibot[bot] on 26 Jul 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

darron picture darron  ยท  3Comments
Seraf picture Seraf  ยท  3Comments
rjinski picture rjinski  ยท  3Comments
thebenwaters picture thebenwaters  ยท  3Comments
cpoole picture cpoole  ยท  3Comments