Terraform depends_on with modules

Solution 1

In most cases, the necessary dependencies just occur automatically as a result of your references. If the configuration for one resource refers directly or indirectly to another, Terraform automatically infers the dependency between them without the need for explicit depends_on.

This works because module variables and outputs are also nodes in the dependency graph: if a child module resource refers to var.foo then it indirectly depends on anything that the value of that variable depends on.

For the rare situation where automatic dependency detection is insufficient, you can still exploit the fact that module variables and outputs are nodes in the dependency graph to create indirect explicit dependencies, like this:

variable "storage_account_depends_on" {
  # the value doesn't matter; we're just using this variable
  # to propagate dependencies.
  type    = any
  default = []
}

resource "azurerm_storage_account" "test" {
  name                     = "diagnostics${azurerm_resource_group.management.name}"
  resource_group_name      = "${azurerm_resource_group.management.name}"
  location                 = "${azurerm_resource_group.management.location}"
  account_tier             = "Standard"
  account_replication_type = "LRS"

  tags = {
    environment = "diagnostics"
  }

  # This resource depends on whatever the variable
  # depends on, indirectly. This is the same
  # as using var.storage_account_depends_on in
  # an expression above, but for situations where
  # we don't actually need the value.
  depends_on = [var.storage_account_depends_on]
}

When you call this module, you can set storage_account_depends_on to any expression that includes the objects you want to ensure are created before the storage account:

module "diagnostic_logs" {
  source = "./modules/diagnostic_logs"
}

module "storage_account" {
  source = "./modules/storage_account"

  storage_account_depends_on = [module.diagnostic_logs.logging]
}

Then in your diagnostic_logs module you can configure indirect dependencies for the logging output to complete the dependency links between the modules:

output "logging" {
  # Again, the value is not important because we're just
  # using this for its dependencies.
  value = {}

  # Anything that refers to this output must wait until
  # the actions for azurerm_monitor_diagnostic_setting.example
  # to have completed first.
  depends_on = [azurerm_monitor_diagnostic_setting.example]
}

If your relationships can be expressed by passing actual values around, such as by having an output that includes the id, I'd recommend preferring that approach because it leads to a configuration that is easier to follow. But in rare situations where there are relationships between resources that cannot be modeled as data flow, you can use outputs and variables to propagate explicit dependencies between modules too.

Solution 2

module dependencies are now supported in Terraform 13, this is currently at the release candidate stage.

resource "aws_iam_policy_attachment" "example" {
  name       = "example"
  roles      = [aws_iam_role.example.name]
  policy_arn = aws_iam_policy.example.arn
}

module "uses-role" {
  # ...

  depends_on = [aws_iam_policy_attachment.example]
}

Related videos on Youtube

05 : 01

Using terraform depends_on block | Learn Terraform

Bee-a-Learner

984

09 : 32

4.5 Learn Terraform - Module Outputs

NimbusDevOps

349

28 : 17

Terraform : AWS - How to build reusable terraform modules with example

Java Home Cloud

109

35 : 11

Modules | Terraform Tutorial | #15

Will Brock

75

13 : 53

Creating a module in Terraform - Getting started with Terraform Modules (part 1)

Cobus Bernard

21

24 : 20

Resource Meta Arguments | Terraform Tutorial | #11

Will Brock

14

13 : 36

Resource Exports & Dependencies | Terraform Tutorial | #5

Will Brock

14

Author by

El so

Updated on July 09, 2022