In Terraform, both locals and variables are essential tools for creating flexible and maintainable Infrastructure as Code (IaC) configurations. While they may seem similar at first glance, they serve different purposes and are best used in different scenarios. This blog post will dive deep into when you should use locals versus variables in your Terraform projects.
Quick Recap
Before we delve into the specifics, let’s quickly recap what locals and variables are in Terraform:
- Variables: Defined using the
variableblock, they allow you to parameterize your configurations and accept input values. - Locals: Defined using the
localsblock, they let you assign a name to an expression for reuse within a module.
When to Use Variables
- External Input
Use variables when you need to accept input from outside the module. This could be from:
- Command-line arguments
- Environment variables
- Terraform Cloud/Enterprise variables
- Parent modules
variable "environment" {
type = string
default = "development"
}
- Configuration Across Environments
Variables are ideal when you need to change values across different environments (dev, staging, prod).
variable "instance_type" {
type = string
default = "t2.micro"
}
- Reusable Modules
When creating reusable modules, use variables to make the module flexible and adaptable to different use cases.
variable "vpc_cidr" {
type = string
default = "10.0.0.0/16"
}
- Sensitive Information
Use variables for sensitive information, as Terraform can mark them as sensitive and handle them more securely.
variable "db_password" {
type = string
sensitive = true
}
When to Use Locals
- Complex Expressions
Use locals when you have complex expressions that you want to simplify or reuse within your configuration.
locals {
common_tags = {
Environment = var.environment
Project = var.project_name
ManagedBy = "Terraform"
}
}
- Computed Values
Locals are great for computed values that depend on other resources or variables.
locals {
instance_name = "${var.project_name}-${var.environment}-instance"
}
- DRY Principle
Use locals to adhere to the Don’t Repeat Yourself (DRY) principle by defining a value once and reusing it.
locals {
s3_origin_id = "myS3Origin"
}
- Improving Readability
Locals can make your code more readable by giving meaningful names to complex expressions.
locals {
is_production = var.environment == "prod"
}
- Module-Specific Constants
Use locals for values that are constant within a module but don’t need to be configured from outside.
locals {
max_retries = 3
timeout = 30
}
Comparison and Decision Making
To decide between locals and variables, ask yourself these questions:
- Does the value need to be set from outside the module?
- Yes: Use a variable
- No: Consider a local
- Will the value change between different environments or deployments?
- Yes: Use a variable
- No: Consider a local
- Is it a computed value based on other resources or inputs?
- Yes: Use a local
- No: It could be either, depending on other factors
- Is it a complex expression that will be reused multiple times?
- Yes: Use a local
- No: It could be either, depending on other factors
Best Practices
- Use variables for any value that might need to change between deployments or environments.
- Use locals for computed values, especially if they’re used in multiple places within your configuration.
- If a value is truly constant and won’t change, consider using a hardcoded value instead of a local or variable.
- Use descriptive names for both variables and locals to improve code readability.
- Group related locals together to improve organization.
Conclusion
Both variables and locals have their place in Terraform configurations. Variables provide flexibility and allow for external input, making your modules more reusable and your configurations more adaptable to different environments. Locals, on the other hand, help improve readability, reduce repetition, and simplify complex expressions within a module.
By understanding when to use each, you can create more maintainable, flexible, and readable Terraform code. As you work on your next Terraform project, consider carefully whether each value should be a variable or a local, and you’ll be on your way to creating more robust Infrastructure as Code.