Variables and id's, and uniqueness?

I am new to Terraform, and have inherited a terraform set of files “aka Person” that creates a few containers, an a load balancer and places them on subnets in a vnet. The terrafom uses a remote state for each env from a cloud based storage account. The containers are setup as blue/green, with the loadbalancer pointing to the live color

Terraform is how code is deployed to the environment. Terraform is ran with some extra vars denoting which env, and color should be live, and what versions from the container registry should be in each color. (run terraform with vars that update the non live color version #, then run it again with vars that change the live color)

I’ve now been asked to set this up for 6 more ‘instances’ of the above (Person, Account, Org, etc.). These setups are all the same architecturally speaking. Really the only differences are in subnet/vnets, naming of containers/load balancer, and which repository on the registry to pull images from.

Being new to terraform I spent about 30 minutes pulling the above hardcoded values out into variables. My plan was to just have the values above be additional variables I could pass in from an env file, prior to running the terraform.

To test things, I re-ran my now parameterized terraform with the “person” values in a new env file. The terraform plan came straight back with no changes.

Success! or so I thought.

I cloned the ‘person’ env file, and swapped out the ‘person’ values, for ‘account’ values.

I reran a terraform plan and was disappointed to see that terraform wants to now rename everything from person to account.

I think this is due to ‘overusing’ the state. In the .TF files, the resource entry (resource “azurerm_container_group” “blue”) is not getting the ‘person’ vs ‘account’ vs ‘org’ etc uniqueness, so I’m confusing terraform…

What’s the right way to do this? i do want to have the ability to deploy code individually to a given container group (person, or account, etc), but I don’t want to have 5 copies of the terraform files with the only difference being the names… I think using a terraform for loop inside of the terraform to create/manage this infrastructure would also make it difficult to deploy only one, but I’m not sure. (I’m new)

One of the incoming vars into this terraform is the state file location. (the env (dev,qa,prod))

I was thinking one way would be to just split these off into multiple state files. I.e. where I just now have a dev statefile, I could have a devperson, devaccount, etc.

Is there a different of better way to get uniqueness? can I use a variable in a ("resource “azurerm_container_group” “blue”) reference so terraform understands that incoming env var is account, and not person?

Thanks for your advice. I’m really liking terraform… I’ve used a plan to catch someone hand configuring some bad configuration data into some resources already with it!

How are you wanting to do a deployment? Everything all at once, or each container group separately?

If all at once a common way would be to move everything you’ve done so far into a module and then in your root module have an instance of that module for each container group.

each container group separately. I will be getting requests to put new versions of the container images up one by one.

I have looked through the code and I do see a reference to a module created by the previous developer. it was for something simpler (creation of a service principal) but I think I can follow it.

if I make this a separate module, it would then be some super light weight terraform ‘wrapping’ a more core ‘heavy’ terraform module?

I am going to go try this out. Thanks very much for the suggestion… I was stuck in a single perspective, and completely missed the module aspect!