'Terraform check if resource exists before creating it

Is there a way in Terraform to check if a resource in Google Cloud exists prior to trying to create it?

I want to check if the following resources below exist in my CircleCI CI/CD pipeline during a job. I have access to terminal commands, bash, and gcloud commands. If the resources do exist, I want to use them. If they do not exist, I want to create them. I am doing this logic in CircleCI's config.yml as steps where I have access to terminal commands and bash. My goal is to create my necessary infrastructure (resources) in GCP when they are needed, otherwise use them if they are created, without getting Terraform errors in my CI/CD builds.

If I try to create a resource that already exists, Terraform apply will result in an error saying something like, "you already own this resource," and now my CI/CD job fails.

Below is pseudo code describing the resources I am trying to get.

resource "google_artifact_registry_repository" "main" {
  # this is the repo for hosting my Docker images
  # it does not have a data source afaik because it is beta
}

For my google_artifact_registry_repository resource. One approach I have is to do a Terraform apply using a data source block and see if a value is returned. The problem with this is that the google_artifact_registry_repository does not have a data source block. Therefore, I must create this resource once using a resource block and every CI/CD build thereafter can rely on it being there. Is there a work-around to read that it exists?

resource "google_storage_bucket" "bucket" {
  # bucket containing the folder below
}

resource "google_storage_bucket_object" "content_folder" {
  # folder containing Terraform default.tfstate for my Cloud Run Service
}

For my google_storage_bucket and google_storage_bucket_object resources. If I do a Terraform apply using a data source block to see if these exist, one issue I run into is when the resources are not found, Terraform takes forever to return that status. It would be great if I could determine if a resource exists within like 10-15 seconds or something, and if not assume these resources do not exist.

data "google_storage_bucket" "bucket" {
  # bucket containing the folder below
}

output bucket {
  value = data.google_storage_bucket.bucket
}

When the resource exists, I can use Terraform output bucket to get that value. If it does not exist, Terraform takes too long to return a response. Any ideas on this?

terraformterraform-provider-gcp


Solution 1:[1]

TF does not have any build in tools for checking if there are pre-existing resources, as this is not what TF is meant to do. However, you can create your own custom data source.

Using the custom data source you can program any logic you want, including checking for pre-existing resources and return that information to TF for future use.

Solution 2:[2]

This work for me:

  1. Create data
data "gitlab_user" "user" {
  for_each = local.users
  username = each.value.user_name 
}
  1. Create resource
resource "gitlab_user" "user" {
  for_each       = local.users
  name           = each.key
  username       = data.gitlab_user.user[each.key].username != null ? data.gitlab_user.user[each.key].username : split("@", each.value.user_email)[0]
  email          = each.value.user_email
  reset_password = data.gitlab_user.user[each.key].username != null ? false : true
}

P.S.

Variable

variable "users_info" {
  type = list(
    object(
      {
        name         = string
        user_name    = string
        user_email   = string
        access_level = string
        expires_at   = string
        group_name   = string
      }
    )
  )
  description = "List of users and their access to team's groups for newcommers"
}

Locals

locals {
  users  = { for user in var.users_info : user.name => user }
}

Solution 3:[3]

Thanks to the advice of Marcin, I have a working example of how to solve my problem of checking if a resource exists in GCP using Terraform's external data sources. This is one way that works. I am sure there are other approaches.

I have a CircleCI config.yml where I have a job that uses run commands and bash. From bash, I will init/apply a Terraform script that checks if my resource exists, like so below.

data "external" "get_bucket" {
  program = ["bash","gcp.sh"]
  query = {
    bucket_name = var.bucket_name
  }
}

output "bucket" {
  value = data.external.get_bucket.result.name
}

Then in my gcp.sh, I use gsutil to get my bucket if it exists.

#!/bin/bash

eval "$(jq -r '@sh "BUCKET_NAME=\(.bucket_name)"')"
bucket=$(gsutil ls gs://$BUCKET_NAME)

if [[ ${#bucket} -gt 0 ]]; then
  jq -n --arg name "" '{name:"'$BUCKET_NAME'"}'
else
  jq -n --arg name "" '{name:""}'
fi

Then in my CircleCI config.yml, I put it all together.

terraform init
terraform apply -auto-approve -var bucket_name=my-bucket
bucket=$(terraform output bucket)

At this point I check if the bucket name is returned and determine how to proceed based on that.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Marcin
Solution 2
Solution 3 Mule

Related Questions

Terraform update Route53 DOMAIN NameServers

Terraform update Route53 DOMAIN NameServers

Terraform update Route53 DOMAIN NameServers

How to enable terraform module only with a specific workspace

Use terraform to set up a lambda function triggered by a scheduled event source

Use terraform to set up a lambda function triggered by a scheduled event source

Terragrunt ignores newly added outputs in a project

tls unsigned certificate when using terraform

What is the best way to solve `EntityAlreadyExists` error in terraform?

Terraform: How to create API Gateway endpoints and methods from a list of objects?

Terraform - refactoring modules: Error: Provider configuration not present

Passing multiple provider aliases to a module in terraform 0.12.13

What is the AWS Service Principal value for stepfunction?

Terraform - Use of environment variables in TF files

Terraform : Init