Terraform: Command line variables aren't passed to modules

Created on 7 Jul 2015  ยท  6Comments  ยท  Source: hashicorp/terraform

Using -var has been a great tool to keep us from committing secrets to git. It doesn't look like -var works when passing modules variables.
Consider this simple terraform config

module "test" {
  source = "[email protected]:terraform-community-modules/tf_aws_rds.git"
  rds_instance_name = "somename"
  rds_allocated_storage="5"
  rds_engine_type="postgres"
  rds_engine_version="9.4.1"
  rds_instance_class="db.m2.small"
  database_name="testdb"
  database_user="test"
  rds_security_group_id="sg-1234"
  subnet_az1="vpc-1234"
  subnet_az2="vpc-1234"
  aws_access_key = "123"
  aws_secret_key = "mysecret"
  aws_region="us-east-1"
}

I would expect to be able to run

terraform get
terraform plan -var "database_password=test"

But I get an error

Errors:

  * 1 error(s) occurred:

* module root: module test: required variable database_password not set

Is this expected behavior?

This approach works as long as I don't use modules.

picture curtisallen

Most helpful comment

All I needed to do was add a variable definition and this worked thanks!

In case anyone is wondering

variable "database_password" {
     description = "db password"
}

then reference the variable as Jed suggested

module "test" {
  ...
  database_password="${var.database_password}"
}
picture curtisallen on 8 Jul 2015
👍3

All 6 comments

You will need to pass it through to the module, so add

database_password="${var.database_password}"

to the module call.

jedineeper picture jedineeper on 8 Jul 2015

All I needed to do was add a variable definition and this worked thanks!

In case anyone is wondering

variable "database_password" {
     description = "db password"
}

then reference the variable as Jed suggested

module "test" {
  ...
  database_password="${var.database_password}"
}
curtisallen picture curtisallen on 8 Jul 2015
👍3

Thank you @curtisallen, was using some ansible vaulted ssl certs to inject into terraform on the command line task and adding the variable description fixed it. Could not find this information any where!
This should get documented somewhere in terraform.

steven-vogogo picture steven-vogogo on 4 Mar 2016

@curtisallen I have a similar issue where I am not seeing -var being passed to my module. In the module I have a variables.tf with all the variable "" {} definitions. eg:

variables.tf
variable "foo-ami" {
default="12345"
description="foo"
}

The variable is referenced in a resource which is creating an AWS EC2 instance. If I try to override it with something like terraform plan -var 'foo-ami=98765' it fails to do so. I've also tried removing the default from the variable thinking maybe I could only set it once but that fails complaining that the variable is never set further proving that -var is not getting picked up. Since you seem to be doing this, any thoughts would be really appreciated. Thanks!

noahwhite picture noahwhite on 7 Jan 2017

@noahwhite you have to reference the variable in terraform script that calls the module. Just like I mentioned here https://github.com/hashicorp/terraform/issues/2648#issuecomment-119610489

curtisallen picture curtisallen on 7 Jan 2017

I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

hashibot[bot] picture hashibot[bot] on 18 Apr 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

jrnt30 picture jrnt30  ยท  3Comments
allomov picture allomov  ยท  3Comments
shanmugakarna picture shanmugakarna  ยท  3Comments
franklinwise picture franklinwise  ยท  3Comments
rjinski picture rjinski  ยท  3Comments