Introduction

The ability to conditionally raise errors is very useful if we are introducing logic and rules in our deployment. Say for example we need to validate input then we can use the newly introduced variable validation feature in Terraform 0.13. But there could be a specific case where you’d want to raise an error or you’ve used a workaround for this validation in 0.11 which no longer works after the upgrade. More on this in a bit, and that is the case I hit recently.

Workaround

In Terraform 0.11, there was no ability to validate input variables. So we used a workaround with null_resource

resource "null_resource" "throw_error" {
      count = 1
      "An error has occured." = true
}

But unfortunately and possibly rightly so, HCL became stricter from 0.12 onwards and would not allow incorrect syntax such as "string" = true and fail. There is a stackoverflow question regarding this. Along with the StackOverflow question, there are lots of requests and suggested workarounds on GitHub such as Ability to raise an error & conditionally raise a configuration error.

So the workaround we went for in my my team, suggested on github is:

data "external" "throw_error" {
    count = 1 # 0 means no error is thrown, else throw error
    program = ["powershell.exe", "throw 'An error has ocurred.'"]
}

Explanation

The workaround uses external data source which allows an external program to act as a data source. So essentially it is a hack, saying PowerShell will be our data source but instead, it throws an error. This happens conditionally only if we set the count to greater than 0. If set to 0, this data block is not executed.

Conclusion

Hope this was useful and saves you some time. Please do share your learnings. If you have any thoughts or comments please do get in touch with me on twitter @rubberduckdev. Or use the Disqus plugin below.