Terraform is a great tool. I love it! But when the resource you want to manage is only partially covered, it can get tricky. Today I share a tip on how not to get stuck when Terraform lacks a datasource you wish was there.
A real life use case: list images in an ECR repository.
For a customer project, I needed to list images in an ECR repository (to declare those images as SageMaker custom images). But Terraform, as of today, doesn't have an aws_ecr_images (that would call ListImages) datasource, only aws_ecr_image (that calls DescribeImage if you already know which tag you're looking for).
Being a good Boy Scout, I raised a Pull Request on the Terraform AWS Provider. But as dedicated and nice as the provider's maintainers can be, it might be a while before my PR gets reviewed and merged.
A quick fix: using aws_lambda_invocation!
In the Terraform AWS provider, there is a very convient construct, aws_lambda_invocation, available either as a resource or a datasource, that can actually invoke an AWS Lambda with a user-defined input and collect the output of the Request-Response invocation, so that you can use the response in other resources in your stack.
The code snippet provided below is a fully functional example of how to use it.
The datasource is triggered at every plan, while the resource only performs a single invocation, then is never triggered again. The trigger block makes it possible to run it based on a custom condition. The plan will then contain a resource destruction+creation.
That's all, folks!
Top comments (0)