To declare variables, we will need to create a vars.tf file with the following data:
variable “subscription_id” {
type = string
description = “The azure subscription id”
}
variable “app_id” {
type = string
description = “The azure service principal appId”
}
variable “password” {
type = string
description = “The azure service principal password”
sensitive = true
}
variable “tenant” {
type = string
description = “The azure tenant id”
}
So, we’ve defined four variables here using variable blocks. Variable blocks typically have a type and a description. The type attribute defines the data type of the variable we declare and defaults to the string data type. It can be a primitive data type such as string , number, or bool, or a complex data structure such as list, set, map, object, or tuple. We will look at types in detail when we use them later in the exercises. The description attribute provides more information regarding the variable so users can refer to it for better understanding.
Tip
Always set the description attribute right from the beginning, as it is user-friendly and promotes the reuse of your template.
The client_secret variable also contains a third attribute called sensitive, a Boolean attribute set to true. When the sensitive attribute is true, the Terraform CLI does not display it in the screen’s output. This attribute is highly recommended for sensitive variables such as passwords and secrets.
Tip
Always declare a sensitive variable as sensitive. This is because if you use Terraform within your CI/CD pipelines, unprivileged users might access sensitive information by looking at the logs.
Apart from the other three, an attribute called default will help you specify default variable values. The default values help you provide the best possible value for a variable, which your users can override if necessary.
Tip
Always use default values where possible, as they allow you to provide users with soft guidance about your enterprise standard and save them time.
The next step would be to provide variable values. Let’s have a look at that.
