Seems like this would be an easy one to cover, but I can’t find a good way to simply check if a resource will be created.
For instance, I have iam policy attachments that are conditionally created, but there are no attributes to test for, as in, it doesn’t have a name, or id or what have you.
So how could I check if a resource will be created? Something like:
exists(aws_iam_role_policy_attachment.ssm_vss)
Hi @tschmidt,
The presence or absence of a resource block is a static thing rather than a dynamic thing, and so there’s no way to ask Terraform whether a resource is declared as an expression.
However, if you refer to a resource that isn’t declared in any way then it should fail in the sense of reporting that the test configuration is invalid, similar to what you might expect to happen if you referred to an undeclared variable in a general-purpose programming language. You could think of it as being a “compile-time error” rather than a test failure, though of course Terraform doesn’t really have a “compiler” in the usual sense, so that’s just an analogy in the hope it clarifies the distinction I’m trying to make.
Concretely then, you could potentially write something like this:
aws_iam_role_policy_attachment.ssm_vss != null
…but this expression wouldn’t really be testing that the resource value is different from null, because in practice it will always be different from null if it’s declared, and if it isn’t declared then Terraform will fail before it even tries to evaluate that expression due to it referring to something that doesn’t exist at all.