Terraform
The terraform resource allows you to provision infrastructure using Terraform configurations within your lab environment. It executes Terraform commands in a containerized environment and can pass variables and capture outputs for use by other resources.
Use Cases
Section titled “Use Cases”As a lab author, you can use terraform resources to:
- Lab Environment Setup: Provision cloud infrastructure required for your lab scenarios using Terraform configurations
- Real Infrastructure Integration: Connect your lab to actual cloud resources when simulated environments aren’t sufficient
- Dynamic Configuration: Generate configuration files for other lab resources based on Terraform-provisioned infrastructure
Terraform resources allow lab authors to integrate real cloud infrastructure provisioning into their lab setup workflows.
HCL Syntax
Section titled “HCL Syntax”Basic Syntax
Section titled “Basic Syntax”resource "terraform" "example" { source = "./terraform"}Full Syntax
Section titled “Full Syntax”resource "terraform" "example" { source = "./terraform" version = "1.9.8" working_directory = "/terraform"
# Environment variables environment = { AWS_REGION = "us-east-1" TF_LOG = "INFO" }
# Terraform variables variables = { instance_count = 2 vpc_cidr = "10.0.0.0/16" }
# Network configuration network { id = resource.network.main.meta.id ip_address = "10.0.0.5" aliases = ["terraform"] }
# Volume mounts volume { source = "./terraform-modules" destination = "/modules" type = "bind" read_only = true }}Fields
Section titled “Fields”| Field | Required | Type | Description |
|---|---|---|---|
source | ✓ | string | Source directory containing Terraform configuration files |
version | string | Version of Terraform to use. Defaults to “1.9.8”. | |
working_ | string | Working directory to run terraform commands. Defaults to ”./“. | |
environment | map(string) | Environment variables to set when running Terraform. Defaults to empty map. | |
variables | any | Variables to pass to Terraform | |
network | block | Network attachments (repeatable) | |
volume | block | Volume mounts (repeatable) |
Network Block
Section titled “Network Block”terraform → network
Network configuration for the Terraform container (repeatable).
| Field | Required | Type | Description |
|---|---|---|---|
id | ✓ | reference to network | Reference to network resource |
ip_ | string | Static IP address. Auto-assigned if not specified. | |
aliases | list(string) | Network aliases. Defaults to empty list. |
Volume Block
Section titled “Volume Block”terraform → volume
Volume mount configuration for the Terraform container (repeatable).
| Field | Required | Type | Description |
|---|---|---|---|
source | ✓ | string | Source path or volume name |
destination | ✓ | string | Mount path inside container |
type | string | Volume type: “bind”, “volume”, or “tmpfs”. Defaults to “bind”. | |
read_ | bool | Mount as read-only. Defaults to false. | |
bind_ | string | Bind propagation mode: “shared”, “private”, “slave”, “rslave”, “rprivate” | |
bind_ | bool | Use non-recursive bind mounting. Defaults to false. | |
selinux_ | string | SELinux relabeling mode: “shared” or “private” |
Computed Attributes
Section titled “Computed Attributes”These attributes are set by the system after Terraform execution:
| Field | Type | Description |
|---|---|---|
output |
any | Terraform outputs defined in the configuration |
apply_output |
string | Console output from the terraform apply command |
source_checksum |
string | Checksum of the source directory |
Validation Rules
Section titled “Validation Rules”- Source directory must exist and contain valid Terraform configuration files
- Working directory paths are normalized and made relative to container root
- Volume source paths are made absolute relative to config file location
- Terraform version must be a valid version string
- Network and volume configurations follow container resource validation rules
Examples
Section titled “Examples”Basic Terraform Configuration
Section titled “Basic Terraform Configuration”resource "terraform" "aws_vpc" { source = "./infrastructure"
variables = { region = "us-west-2" environment = "lab" }}Advanced Configuration with Custom Version
Section titled “Advanced Configuration with Custom Version”resource "terraform" "kubernetes" { source = "./k8s-terraform" version = "1.8.0"
environment = { KUBE_CONFIG_PATH = "/root/.kube/config" }
variables = { cluster_name = "lab-cluster" node_count = 3 }
volume { source = "./kubeconfig" destination = "/root/.kube" type = "bind" }}Using Terraform Outputs in Other Resources
Section titled “Using Terraform Outputs in Other Resources”resource "terraform" "infrastructure" { source = "./terraform"
variables = { vpc_cidr = "10.0.0.0/16" }}
## Reference Terraform outputsresource "container" "app" { image { name = "myapp:latest" }
environment = { VPC_ID = resource.terraform.infrastructure.output.vpc_id }}Best Practices
Section titled “Best Practices”- State Management: Use remote state backends for production-like scenarios
- Version Pinning: Specify exact Terraform versions for consistency across environments
- Variable Organization: Use structured variable files and clear naming conventions
- Output Usage: Define meaningful outputs for integration with other lab resources
- Resource Tagging: Include proper tags for cost tracking and resource management
- Network Isolation: Use dedicated networks for multi-tier application demonstrations
- Volume Mounts: Mount configuration files and modules as read-only when possible
- Environment Variables: Use environment variables for sensitive configuration like API keys