HomeTerraform in 5 DaysDay 2
Day 2 of 5
⏱ ~60 minutes
Terraform in 5 Days — Day 2

Variables, Outputs, and State

Parameterize configurations with variables, expose values with outputs, and understand what Terraform state is.

Variables

variables.tf
variable "region" {
  description = "AWS region"
  type        = string
  default     = "us-east-1"
}

variable "environment" {
  description = "Deployment environment"
  type        = string
  # No default = required. Must be supplied.
}

variable "allowed_ips" {
  description = "IPs allowed to access the server"
  type        = list(string)
  default     = ["0.0.0.0/0"]
}
Using variables
# In main.tf
provider "aws" {
  region = var.region
}

resource "aws_s3_bucket" "main" {
  bucket = "my-bucket-${var.environment}"
}
terraform.tfvars
# Values for required variables
environment = "staging"
allowed_ips = ["192.168.1.0/24", "10.0.0.0/8"]

# Never commit sensitive values — use env vars instead:
# TF_VAR_environment=staging terraform apply
outputs.tf
output "bucket_name" {
  description = "Name of the created bucket"
  value       = aws_s3_bucket.main.bucket
}

output "bucket_arn" {
  value = aws_s3_bucket.main.arn
}

# After apply:
# Outputs:
# bucket_name = "my-bucket-staging"
# bucket_arn = "arn:aws:s3:::my-bucket-staging"
Terraform State
# terraform.tfstate is created after first apply
# It maps your config to real resources
# NEVER edit it manually
# NEVER commit it to git (may contain secrets)
# Add to .gitignore:
echo 'terraform.tfstate*' >> .gitignore
echo '.terraform/' >> .gitignore

# Remote state (team-friendly)
# terraform { backend "s3" { bucket = "my-tf-state" ... } }
⚠️
Terraform state is the source of truth. If you manually delete a resource in the console, Terraform doesn't know until the next plan. It will try to recreate it. Always use Terraform to manage resources that Terraform created.
📝 Day 2 Exercise
Parameterize Your Config
  1. A
  2. d
  3. d
  5. v
  6. a
  7. r
  8. i
  9. a
  10. b
  11. l
  12. e
  13. s
  15. f
  16. o
  17. r
  19. r
  20. e
  21. g
  22. i
  23. o
  24. n
  25. ,
  27. e
  28. n
  29. v
  30. i
  31. r
  32. o
  33. n
  34. m
  35. e
  36. n
  37. t
  38. ,
  40. a
  41. n
  42. d
  44. a
  46. l
  47. i
  48. s
  49. t
  51. o
  52. f
  54. t
  55. a
  56. g
  57. s
  58. .
  60. C
  61. r
  62. e
  63. a
  64. t
  65. e
  67. a
  69. t
  70. e
  71. r
  72. r
  73. a
  74. f
  75. o
  76. r
  77. m
  78. .
  79. t
  80. f
  81. v
  82. a
  83. r
  84. s
  86. f
  87. i
  88. l
  89. e
  90. .
  92. A
  93. d
  94. d
  96. o
  97. u
  98. t
  99. p
  100. u
  101. t
  102. s
  104. f
  105. o
  106. r
  108. a
  109. l
  110. l
  112. r
  113. e
  114. s
  115. o
  116. u
  117. r
  118. c
  119. e
  121. I
  122. D
  123. s
  124. /
  125. A
  126. R
  127. N
  128. s
  129. .
  131. R
  132. u
  133. n
  135. a
  136. p
  137. p
  138. l
  139. y
  141. a
  142. n
  143. d
  145. v
  146. e
  147. r
  148. i
  149. f
  150. y
  152. o
  153. u
  154. t
  155. p
  156. u
  157. t
  158. s
  160. a
  161. r
  162. e
  164. p
  165. r
  166. i
  167. n
  168. t
  169. e
  170. d
  171. .

Day 2 Summary

  • Variables make configs reusable. Types: string, number, bool, list, map, object.
  • terraform.tfvars supplies values. TF_VAR_name env vars work too — good for secrets.
  • Outputs expose values after apply. Use them to pass info between modules.
  • State maps config to real resources. Use remote state (S3, Terraform Cloud) for teams.
← Previous
Day 1: HCL Basics and Your First Resource
Next →
Day 3: Resources and Data Sources
Finished this lesson?