I am trying to deploy hundreds of resources in two different regions (us-east-2, eu-central-1).
I had all my code written to have a separate module block for the resources in each region. For example here are snippets of my Cognito portion:
.
├── Modules
│ ├── Cognito
│ │ ├── Scripts
│ │ │ ├── cognito-generate-token.js
│ │ │ └── cognito-message.js
│ │ ├── cognito.tf
│ │ ├── lambda.tf
│ │ ├── main.tf
│ │ ├── sg.tf
│ │ └── var.tf
├── main.tf
└── var.tf
./main.tf:
################################################################################
# Terraform
################################################################################
terraform {
required_version = ">= 1.5"
backend "s3" {
bucket = "projectcanary-terraform-state"
key = "utilities-v2.tfstate"
region = "us-east-2"
}
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
}
}
provider "aws" {
alias = "eu-central-1"
region = "eu-central-1"
}
provider "aws" {
alias = "us-east-2"
region = "us-east-2"
}
################################################################################
# Modules
################################################################################
module "cognito_eu" {
source = "./Modules/Cognito"
contact = var.contact
region_mapping = var.region_mapping
service = var.service
providers = {
aws = aws.eu-central-1
}
}
module "cognito_us" {
source = "./Modules/Cognito"
contact = var.contact
region_mapping = var.region_mapping
service = var.service
providers = {
aws = aws.us-east-2
}
}
./Modules/Cognito.main.tf:
################################################################################
# Terraform
################################################################################
terraform {
required_providers {
archive = {
source = "hashicorp/archive"
version = "~> 2.0"
}
aws = {
source = "hashicorp/aws"
configuration_aliases = [
aws
]
}
}
}
provider "aws" {
alias = "eu-central-1"
region = "eu-central-1"
}
provider "aws" {
alias = "us-east-2"
region = "us-east-2"
}
This worked as expected. Adding Cognito resources (as well as hundreds of others from different modules) in the two regions.
However, now I need to make a conditional in the module to only create the Cognito resources in the dev
and prod
workspaces. So I added the following:
./main.tf:
module "cognito_eu" {
count = contains(["dev", "prod"], local.environment) ? 1 : 0
source = "./Modules/Cognito"
contact = var.contact
region_mapping = var.region_mapping
service = var.service
providers = {
aws = aws.eu-central-1
}
}
module "cognito_us" {
count = contains(["dev", "prod"], local.environment) ? 1 : 0
source = "./Modules/Cognito"
contact = var.contact
region_mapping = var.region_mapping
service = var.service
providers = {
aws = aws.us-east-2
}
}
But I get the following:
│ The module at module.cognito_us is a legacy module which contains its own local provider configurations, and so calls to it may not use the count, for_each, or depends_on arguments.
│
│ If you also control the module "./Modules/Cognito", consider updating this module to instead expect provider configurations to be passed by its caller.
I tried going down to one Cognito module in main.tf
with multiple configuration aliases declared in ./Modules/Cognito/main.tf
. But doing that only wants to deploy in one region.
What am I doing wrong? I need to conditionally create multiple resources in different environments.