TF: Count

7 minute read

Description

Here is a basic example of using the count meta argument to deploy multiple resources. Note that it is generally preferred (see the ‘When to Use’ section) to use for_each which I will cover in a different post.

To Resolve:

  1. So I have main.tf with the following:

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    
    terraform {
       required_providers {
    
          random = {
             source  = "hashicorp/random"
             version = "~>3.3.2"
          }
    
          azurerm = {
             source  = "hashicorp/azurerm"
             version = "~>3.10.0"
          }
    
       }
       required_version = "~>1.1.0"
    }
    
    provider "random" {
    }
    
    provider "azurerm" {
    client_id                  = var.client_id
    client_secret              = var.client_secret
    subscription_id            = var.subscription_id
    tenant_id                  = var.tenant_id
    skip_provider_registration = true
    features {}
    }
    
    variable "rg_count" {
       description = "(Optional) Number of Resource Groups to deploy."
       type        = number
       default     = 2
    }
    
    variable "tenant_id" {
       description = "(Required) Service Principal AD Tenant ID - Azure AD for terraform authentication."
       type        = string
    }
    
    variable "subscription_id" {
       description = "(Required) Azure Subscription Id used to connect to AzureRM provider."
       type        = string
    }
    
    variable "client_id" {
       description = "(Required) Service Principal App ID - Azure AD for terraform authentication."
       type        = string
    }
    
    variable "client_secret" {
       description = "(Required) Service Principal Client Secret - Azure AD for terraform authentication."
       type        = string
    }
    
    resource "random_string" "naming_convention_unique" {
       count   = var.rg_count
       length  = 5
       upper   = false
       lower   = true
       numeric = true
       special = false
    }
    
    resource "azurerm_resource_group" "rg" {
       count    = var.rg_count
       name     = "aa-dev-tx-test-${random_string.naming_convention_unique[count.index].result}"
       location = "westus"
       tags = {
          Owner       = "Automation Admin"
          CostCenter  = "100"
          EntAppname  = "Automation Admin Terraform POC"
          Environment = "tst"
          Contact     = "gerry@automationadmin.com"
       }
    }
    
    output "res_out_rg_name" {
       value = azurerm_resource_group.rg.*.name
    }
    
    output "res_out_rg_id" {
       value = azurerm_resource_group.rg.*.id
    }
       
    output "ids" {
       value = random_string.naming_convention_unique.*.result
    }
    
  2. Running our regular:

    1
    2
    3
    
    terraform init
    terraform plan -var-file="env.tfvars" -out="tf.plan"
    terraform apply -auto-approve -input=false ./tf.plan
    
    • I get the following output:
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    
    Apply complete! Resources: 4 added, 0 changed, 0 destroyed.
    
    Outputs:
    
    ids = [
    "kxu7e",
    "tqoxw",
    ]
    res_out_rg_id = [
    "/subscriptions/my-subscription-guid/resourceGroups/aa-dev-tx-test-kxu7e",
    "/subscriptions/my-subscription-guid/resourceGroups/aa-dev-tx-test-tqoxw",
    ]
    res_out_rg_name = [
    "aa-dev-tx-test-kxu7e",
    "aa-dev-tx-test-tqoxw",
    ]
    
  3. So count works good with an integer, no surprise. Let’s see how it handles a list:

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    
    # replace
    # variable "rg_count" {
    #    description = "(Optional) Number of Resource Groups to deploy."
    #    type        = number
    #    default     = 2
    # }
    
    # with:
    
    variable "rgs_to_create" {
    description = "(Optional) List of Resource Groups to deploy."
    type        = list(string)
    default     = ["management", "organization"]
    }
    
    # Then down in the resources, do:
    
    count = length(var.rgs_to_create)
    
  4. As expected, this shows that we will create 2 resource groups since the length of the rgs_to_create is 2.

  5. Lastly, I wanted to create a more advanced example, so I created this main.tf:

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    95
    96
    97
    98
    99
    100
    101
    102
    
    terraform {
    required_providers {
    
       random = {
          source  = "hashicorp/random"
          version = "~>3.3.2"
       }
    
       azurerm = {
          source  = "hashicorp/azurerm"
          version = "~>3.10.0"
       }
    
    }
    required_version = "~>1.1.0"
    }
    
    provider "random" {
    }
    
    provider "azurerm" {
    client_id                  = var.client_id
    client_secret              = var.client_secret
    subscription_id            = var.subscription_id
    tenant_id                  = var.tenant_id
    skip_provider_registration = true
    features {}
    }
    
    variable "resource_group_name" {
    description = "(Optional) The name of a Resource Group"
    type        = string
    default     = "aa-dev-tx-test-2"
    }
    
    variable "tenant_id" {
    description = "(Required) Service Principal AD Tenant ID - Azure AD for terraform authentication."
    type        = string
    }
    
    variable "subscription_id" {
    description = "(Required) Azure Subscription Id used to connect to AzureRM provider."
    type        = string
    }
    
    variable "client_id" {
    description = "(Required) Service Principal App ID - Azure AD for terraform authentication."
    type        = string
    }
    
    variable "client_secret" {
    description = "(Required) Service Principal Client Secret - Azure AD for terraform authentication."
    type        = string
    }
    
    
    locals {
    resource_groups = [
       "aa-dev-tx-test-2",
       "aa-dev-tx-test-3",
       "aa-dev-tx-test-4"
    
    ]
    aa_config = [
       ["automation-1", "Basic", "some-value"],
       ["automation-2", "Basic", "some-value"],
       ["automation-3", "Basic", "some-value"]
    ]
    
    tst_tags = {
          Owner       = "Automation Admin"
          CostCenter  = "100"
          EntAppname  = "Automation Admin Terraform POC"
          Environment = "tst"
          Contact     = "gerry@automationadmin.com"
       }
    }
    
    resource "azurerm_resource_group" "rg" {
    count    = length(local.resource_groups)
    name     = local.resource_groups[count.index]
    location = "westus"
    tags     = local.tst_tags
    }
    
    resource "azurerm_automation_account" "example" {
    count               = length(local.resource_groups)
    name                = local.aa_config[count.index][0]
    location            = "westus"
    resource_group_name = local.resource_groups[count.index]
    sku_name            = local.aa_config[count.index][1]
    
    tags = local.tst_tags
    }
    
    output "rg_names" {
    value = azurerm_resource_group.rg.*.name
    }
    
    output "aa_names" {
    value = azurerm_automation_account.example.*.name
    }
    
  6. Which resulted in:

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    
    Plan: 6 to add, 0 to change, 0 to destroy.
    
    Changes to Outputs:
    + aa_names = [
          + "automation-1",
          + "automation-2",
          + "automation-3",
       ]
    + rg_names = [
          + "aa-dev-tx-test-2",
          + "aa-dev-tx-test-3",
          + "aa-dev-tx-test-4",
       ]
    
  7. So this is not how I would do this in real life since it is almost always better to use for_each, but it does show how the count meta-argument works.

    • So what it does is creates a list object local.resource_groups which is a list of strings (type list(string)) with a length of 3.
    • It then creates a local.aa_config which is a list of lists ( type list(list(string)) ) with the same length of 3.
    • Since these happen to match up, what will happen is that local.resource_groups[0] will match up with local.aa_config[count.index][0] and local.aa_config[count.index][1] perfectly.
    • This works because both have the same amounts of elements. But again, I would use for_each as mentioned in the top description for the reason that it is hard to modify this. If you add a new element it will force you to destroy and recreate all of it instead of just adding that one element!
  8. If you noticed that local.aa_config[count.index][2] with the value of "some-value" was never used, good catch! This was on purpose to demonstrate that you don’t have to reference every value in a list if you don’t want to.

    • For example, you could have skipped local.aa_config[count.index][1] and referenced local.aa_config[count.index][2] if the values were switched like:
    1
    2
    3
    4
    5
    6
    7
    8
    9
    
    aa_config = [
       ["automation-1", "some-value", "Basic"],
       ["automation-2", "some-value", "Basic"],
       ["automation-3", "some-value", "Basic"]
    ]
    
    # Then update sku name to be the third element [2] instead of the second [1]
    
    # sku_name            = local.aa_config[count.index][2]
    
    • It is real important with any language that you understand that they almost always start with [0] as the first element and then move on. So if something is in n position in a list, just internally think “to reference this I will use n - 1”. Example, to reference bob in list names = [ "jim", "bob", "anna"] you would do names[1] even though bob is in position 2.

    • Likewise, you can usually do backwards references like to reference anna it would be names[-1] which is always the last element in the array. You can step backwards and say names[-3] and that would get you jim but if you do names[-4] you would get an out of bounds type error which means you tried referencing something that doesn’t exist. Definitely play around with lists as they are used in many languages!

    • Also, a list of lists just takes it one step further so you when you reference local.aa_config[0] for example you end up with value ["automation-1", "some-value", "Basic"] so you then have to reference one step further to get the one you want. For example, if I want to get some-value in the middle then I would target local.aa_config[0][1] since [1] would be the second value in the list that was returned.

    • Again, spend some time working on learning this, it is used in many languages and is usually at the heart of most leet-code challenges used in interviews. See some python examples on my Github for example.

Comments