Let failed validation checks result in warnings (variable validation and lifecycle validation)

tiwood commented 6 months ago

Terraform Version

1.7.2

Use Cases

We maintain internal Terraform modules that allow specific configurations that should not be used by default and only in specific cases.

Say we have a module that allows to deploy confidential computing VMs, but this should only be used if actually required.

We would like to emit a warning to the user, if such a VM type is deployed.

Attempted Solutions

N/A

Proposal

Extend the validation rule with a new property error_type:

error (default) will return an error to the caller. warning will return a warning to the caller.

Example:

variable "sku" {
  type        = string

  validation {
    condition = strcontains(var.sku, "confidential")
    error_message = "Please only use confidential VMs if required. Please refer to https://somedocs/info."
    error_type = "warning"
  }
}

References

No response

crw commented 6 months ago

Thanks for this feature request! If you are viewing this issue and would like to indicate your interest, please use the 👍 reaction on the issue description to upvote this issue. We also welcome additional use case descriptions. Thanks again!

liamcervante commented 6 months ago

Hi @tiwood, you can approximate something like this already with the check block construct. Check blocks can refer to other resources, and will only produce warnings. Might be helpful for you in the absence of the requested feature.

variable "sku" {
  type = string
}

check "variable_sku" {
  assert {
    condition = strcontains(var.sku, "confidential")
    error_message = "Please only use confidential VMs if required. Please refer to https://somedocs/info."
  }
}

hashicorp / terraform