Variables used with Terraform configurations can be defined in and receive values from numerous sources. Configuration files, variable files, command line flags, and Terraform Enterprise can all specify variables and their values.
Variables in Terraform configuration files
Typically, Terraform configuration files are the most frequently used sources for defining variable values, namely the default values which can be overridden by other sources. This is performed using the variable configuration block together with the default parameter.
The following configuration is an example of a variable declared with no default. When no default is provided the value must be provided using another source. All variables that are used in Terraform configurations must at least be declared, whether or not a default value is supplied.
variable "foo" { }The following configuration shows how to provide a default value for a variable. Frequently, default values are not overridden at all, but represent the only value intended for the variable.
variable "foo" {
default = "bar"
}When using the terraform command at the command line, it is possible to override these default values with a file named terraform.tfvars, specify the values at the command line using -var, and/or specify a differently named tfvars file using -var-file.
Variables in Terraform Enterprise
When Terraform is used with Terraform Enterprise, the variables declared with default values in tf files will receive their specified default values. In contrast, tfvars files are not used by Terraform Enterprise, even if a terraform.tfvars or .auto.tfvars file is present in a set of configuration files.
Instead, when using tfvars files with Terraform enterprise, variables and their values should be pushed into the Terraform Enterprise environment using terraform push. Following the initial push, variable values can be managed in Terraform Enterprise using either the “Variables” section of the environment online, or using terraform push with the -overwrite parameter (and optionally specifying the tfvars file if it is not one of the automatically loaded file names).
Recommendations - push, tfvars, Terraform Enterprise
The use of tfvars files is more directed at running terraform at the command line than using Terraform Enterprise. Terraform Enterprise enables teams to collaborate on environments and therefore the Variables section of the Terraform Enterprise environment provides a central place to have a definitive source of truth for variable values in a collaborative way. Also, Terraform Enterprise provides a place to keep sensitive variables.
So tfvars files are rarely used with Terraform Enterprise. The one exception is typically the use of push to update variable values.
At the command line, the automatically loaded terraform.tfvars provides a convenient place to override all variable values where the values can be recorded (verses specifying the values at the command line). This is good for teams collaborating on configurations using just the open source terraform tool. If there is a desire to have multiple sets of variables, for example, for using the one configuration for multiple infrastructure environments such as test, stage, and prod, then you can use multiple tfvars files, one per environment.
The equivalent of using a terraform.tfvars file as described (at the command line when collaborating with the open source terraform tool) with Terraform Enterprise is to use the Variables section in Terraform Enterprise. So that feature is intended to replace the functionality rather than complement it.
Therefore, Terraform Enterprise users are advised to store variable values in variables defined in the Terraform Enterprise UI and/or tf files using the default parameter. Variables can still be managed using push, but be aware that anything that exists in the UI overrides the defaults in the tf files.
Variables in Terraform Enterprise beta
Using tfvars files are not recommended for the management the test, stage, prod workflow. A first class method of managing infrastructure environments is available in Terraform called Workspaces, which is fully integrated into Terraform Enterprise Beta Workspaces. Terraform Enterprise beta also has, in related features, the concept of variable sets, and also the idea of promoting workspaces from target to target (deploy to test, then migrate to stage, then to prod).