Add variable validation rules for variables that are sensitive to unusual/non-intuitive requirements for the accepted format of string.
For example, essential_contacts_domains_to_allow is unusual in that it requires an ampersand, "@example.com". A string that doesn't exactly match this format will pass the plan stage but fail the apply stage. Catching these types of mistakes earlier can help reduce friction.
This is particularly disruptive for variables set in the global.tfvars file for the helper script, because correcting the global variables requires deleting everything and starting from a fresh deployment,
Terraform Resources
No response
Detailed design
No response
Additional information
anecdotally, I've seen a similar issue with project labels.
TL;DR
Add variable validation rules for variables that are sensitive to unusual/non-intuitive requirements for the accepted format of string.
For example,
essential_contacts_domains_to_allowis unusual in that it requires an ampersand, "@example.com". A string that doesn't exactly match this format will pass the plan stage but fail the apply stage. Catching these types of mistakes earlier can help reduce friction.This is particularly disruptive for variables set in the global.tfvars file for the helper script, because correcting the global variables requires deleting everything and starting from a fresh deployment,
Terraform Resources
No response
Detailed design
No response
Additional information
anecdotally, I've seen a similar issue with project labels.