Custom script from within a terraform module

What if you wanted to execute a python script or a bash / powershell script from within your terraform module?

Note that this is a different use case from that of executing a bash / powershell script on a VM spin up. On AWS, you would use Systems Manager or the user data field on EC2. On GCP, you would use the metadata_startup_script (I wrote a couple of posts around GCP’s metadata startup script here)

Also read, Reusable Modules and calling modules from the public terraform registry

Step 1 – Your main.tf needs a special resource (a NULL resource) definition as shown below:

(Say you created a scripts folder that contained hello.sh . Keeping it simple, hello.sh just has echo “Hello Terraform”)

resource "null_resource" "execfile" 
{ provisioner "local-scripts" 
  { 
    command = "${path.module}/hello.sh" interpreter = ["/bin/bash"] 
  }
}

Tip 1 – Note the interpreter (bash). You could also do powershell in there or python.

Tip 2 – To configure the path relative to your shell file, we use path.module

Step 2 – Call the execfile resource module from your terraform config

module "execfile" {
  source = "../Modules/scripts"
}

Step 3 – Run the terraform (after editing the configuration as shown above).

terraform init
terraform plan -out="app.tfplan"
terraform apply app.tfplan

Summary

That’s it. It is straightforward to run a custom script from within a module. Also, keep in mind that this is a different use case than executing VM startup scripts (bash or powershell).

This use case is used to perform one-off tasks – for e.g. – you may want to reach out and fetch credentials from an external system, before running your terraform module. That fetching code would go into your shell script and called using the technique above.

Need Assistance with your DevSecOps Projects?

Need an experienced Cloud Security Expert? Anuj has successfully delivered over a dozen deployments on each of the public clouds (AWS/GCP/Azure) including several DevSecOps engagements. Set up a time with Anuj Varma.

Set up a consultation – Start the conversation today.

1 Comment Already

Leave a Reply Cancel reply