Feature Request - Usable outputs

cveld commented 1 year ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Is your feature request related to a problem?

We would like to deploy additional resources to resource groups the module creates. Ideally we would like to reuse the outputs that are provided by the module. But unfortunately the outputs are indexed by the resourceids which we can't know upfront.

Describe the solution you'd like

The current workaround we have is:

data "azurerm_resource_group" "rg_management" {
  provider = azurerm.management
  name     = "rg-platform-management-prd-weu-001" # we defined a custom name
  depends_on = [
    module.enterprise_scale
  ]
}

We would like to see something like

data "azurerm_resource_group" "rg_management" {
  provider = azurerm.management
  name     = module.enterprise_scale.azure_resource_group.management.management.name
}

Current output of the module:

"azurerm_resource_group" = {
      "connectivity" = {
        "/subscriptions/mysubscription/resourceGroups/mylz-connectivity-westeurope" = {
...
          })        
        }
        "/subscriptions/mysubscription/resourceGroups/mylz-dns" = {
...
        }
      }
      "management" = {
        "/subscriptions/mysubscription/resourceGroups/rg-platform-management-prd-weu-001" = {
...
       }
      }
     ...
    }

Desired output of the module something along these lines:

"azurerm_resource_group" = {
      "connectivity" = {
        "connectivity" = {
...
          })        
        }
        "dns" = {
...
        }
      }
      "management" = {
        "management" = {
...
       }
      }
     ...
    }

krowlandson commented 1 year ago

@cveld, I was trying to find another issue where this was discussed previously, but unfortunately cannot find it.

The construct of our outputs was something we deliberated over for some time when first creating the module (just like the resource instance naming). We were initially wanting to create a structure similar to your proposal, but then we realised that so many different resources had different levels of uniqueness needed. You can see this at play if you study the module code for the advanced inputs on management and connectivity resources.

Because of this, we decided that all instances of a given resource would be named according to the Azure resource ID. This guarantees uniqueness, whilst also being something you can determine. It also makes importing resources easier as you need to know this value to import the resource anyway.

This decision impacts the outputs, as the outputs are just the output of each resource type copy loop, as created by Terraform.

This is also why we recommend using the approach you are already following (dependency inversion), although we typically suggest adding resources within a new Terraform workspace, rather than extending the one you are using to deploy the module. This approach helps to prevent the Terraform workspace becoming increasingly large and complex.

Also, you could use the approach you are wanting, but it would need to look like:

data "azurerm_resource_group" "rg_management" {
  provider = azurerm.management
  name     = module.enterprise_scale.azurerm_resource_group["/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-platform-management-prd-weu-001"].name
}

Which of course I appreciate is defeating the point of what you are trying to achieve.

@matt-FFFFFF - this is definitely something to consider if we go ahead with a module refactor 👍🏻

dkooll commented 1 year ago

In my use case a customer just wants a storage account added to the management subscription for diagnostics log archiving purposes. Since i cannot use the enterprise scale outputs in another module this way, what would be the right approach?

matt-FFFFFF commented 1 year ago

@cveld adding to features for v.next, locking for now

matt-FFFFFF commented 1 year ago

See new wiki page for guidance https://github.com/Azure/terraform-azurerm-caf-enterprise-scale/wiki/%5BUser-Guide%5D-Module-Outputs

Azure / terraform-azurerm-caf-enterprise-scale