How-to: terraform-cloud for dynamic variables

Hi I was attempting to follow Plugin: Terraform Cloud | Waypoint | HashiCorp Developer to get a waypoint up run to use terraform-cloud outputs for my app, but I’m receiving:

! /kaniko/tmp/waypoint1443402469/node/express/waypoint.hcl:127,1-19: Unset
  variable "DB_USER"; A variable must be set or have a default value; see
  https://www.waypointproject.io/docs/waypoint-hcl/variables/input for details.,
  and 3 other diagnostic(s)

This is using waypoint on K8s, with the following waypoint.hcl:

project = "node"

config {
  env = {
    "WP_VAR_DB_HOST" = dynamic("terraform-cloud", {
      organization = "waypoint"
      workspace    = "node-express"
      output       = "aurora_postgresql_serverlessv2_cluster_endpoint"
    })

    "WP_VAR_DB_USER" = dynamic("terraform-cloud", {
      organization = "waypoint"
      workspace    = "node-express"
      output       = "aurora_postgresql_serverlessv2_cluster_username"
    })

    "WP_VAR_DB_PASSWORD" = dynamic("terraform-cloud", {
      organization = "waypoint"
      workspace    = "node-express"
      output       = "aurora_postgresql_serverlessv2_cluster_password"
    })

    "WP_VAR_DB_PORT" = dynamic("terraform-cloud", {
      organization = "waypoint"
      workspace    = "node-express"
      output       = "aurora_postgresql_serverlessv2_cluster_port"
    })
  }
}

app "express" {
  build {
    use "docker" {
      buildkit           = true
      platform           = "amd64"
      dockerfile         = "${path.app}/Dockerfile"
      disable_entrypoint = false
    }

    hook {
      when = "before"
      // command    = ["sh", "hooks/prebuild.sh", var.gitrefname]
      command = ["echo", "$PATH"]
      // on_failure = "fail"
    }

    registry {
      use "aws-ecr" {
        region     = var.region
        repository = var.repository
        tag        = var.tag
      }
    }
  }

  deploy {
    use "aws-lambda" {
      region = var.region
      memory = 512
      static_environment = {
        "PORT"                 = "8080"
        "READINESS_CHECK_PORT" = "8080"
        "DB_HOST"              = var.DB_HOST
        "DB_USER"              = var.DB_USER
        "DB_PASSWORD"          = var.DB_PASSWORD
        "DB_PORT"              = var.DB_PORT

        # This needs to be dynamic
        "DB_DATABASE" = var.gitrefname
      }
    }
  }

  release {
    use "lambda-function-url" {

    }
  }
}

variable "region" {
  default     = "us-east-1"
  type        = string
  description = "AWS Region"
}
variable "repository" {
  default     = "nodejs-express"
  type        = string
  description = "AWS ECR Repository Name"
}
variable "tag" {
  default     = "latest"
  type        = string
  description = "A tag"
}
########################
# INPUT
########################
variable "gitrefname" {
  default     = "main"
  type        = string
  description = "Git Ref Name"
}

// variable "tfc_organization" {
//   default = "waypoint"
//   type    = string
// }
// variable "tfc_workspace" {
//   default = "node-express"
//   type    = string
// }

########################################################
# Map terraform cloud outputs to waypoint variables
########################################################
variable "DB_HOST" {
  type = string
  env = ["DB_HOST"]
  default = dynamic("terraform-cloud", {
    organization = "waypoint"
    workspace    = "node-express"
    output       = "aurora_postgresql_serverlessv2_cluster_endpoint"
  })
}

variable "DB_USER" {
  type = string
  env = ["DB_USER"]
  default = dynamic("terraform-cloud", {
    organization = "waypoint"
    workspace    = "node-express"
    output       = "aurora_postgresql_serverlessv2_cluster_master_username"
  })
}

variable "DB_PASSWORD" {
  type = string
  env = ["DB_PASSWORD"]
  default = dynamic("terraform-cloud", {
    organization = "waypoint"
    workspace    = "node-express"
    output       = "aurora_postgresql_serverlessv2_cluster_master_password"
  })
}
variable "DB_PORT" {
  type = string
  env = ["DB_PORT"]
  default = dynamic("terraform-cloud", {
    organization = "waypoint"
    workspace    = "node-express"
    output       = "aurora_postgresql_serverlessv2_cluster_endpoint_port"
  })
}

Are there any steps I’m missing?

Looks like this just works now that I’m using v0.9.1.
For anyone else, I had to also push a TFC token like so

waypoint config source-set \
	-type=terraform-cloud \
	-config="token=$(cat /Users/kevin/.terraform.d/credentials.tfrc.json | jq -r '.credentials["app.terraform.io"].token')" \
	-config="refresh_interval=60s"