14 KiB
layout | page_title | sidebar_current | description |
---|---|---|---|
docs | JSON Configuration Syntax | docs-config-json-syntax | In addition to the native syntax that is most commonly used with Terraform, the Terraform language can also be expressed in a JSON-compatible syntax. |
JSON Configuration Syntax
Most Terraform configurations are written in the native Terraform language syntax, which is designed to be easy for humans to read and update.
Terraform also supports an alternative syntax that is JSON-compatible. This syntax is useful when generating portions of a configuration programmatically, since existing JSON libraries can be used to prepare the generated configuration files.
The JSON syntax is defined in terms of the native syntax. Everything that can be expressed in native syntax can also be expressed in JSON syntax, but some constructs are more complex to represent in JSON due to limitations of the JSON grammar.
Terraform expects native syntax for files named with a .tf
suffix, and
JSON syntax for files named with a .tf.json
suffix.
The low-level JSON syntax, just as with the native syntax, is defined in terms of a specification called HCL. It is not necessary to know all of the details of HCL syntax or its JSON mapping in order to use Terraform, and so this page summarizes the most important differences between native and JSON syntax. If you are interested, you can find a full definition of HCL's JSON syntax in its specification.
JSON File Structure
At the root of any JSON-based Terraform configuration is a JSON object. The properties of this object correspond to the top-level block types of the Terraform language. For example:
{
"variable": {
"example": {
"default": "hello"
}
}
}
Each top-level object property must match the name of one of the expected
top-level block types. Block types that expect labels, such as variable
shown above, are represented by one nested object value for each level
of label. resource
blocks expect two labels, so two levels of nesting
are required:
{
"resource": {
"aws_instance": {
"example": {
"instance_type": "t2.micro",
"ami": "ami-abc123"
}
}
}
}
After any nested objects representing the labels, finally one more nested
object represents the body of the block itself. In the above examples, the
default
argument for variable "example"
and the instance_type
and
ami
arguments for resource "aws_instance" "example"
are specified.
Taken together, the above two configuration files are equivalent to the following blocks in the native syntax:
variable "example" {
default = "hello"
}
resource "aws_instance" "example" {
instance_type = "t2.micro"
ami = "ami-abc123"
}
Within each top-level block type the rules for mapping to JSON are slightly different, but the following general rules apply in most cases:
-
The JSON object representing the block body contains properties that correspond either to attribute arguments names or to nested block type names.
-
Where a property corresponds to an attribute argument that accepts arbitrary expressions in the native syntax, the property value is mapped to an expression as described under Expression Mapping below. For arguments that do not accept arbitrary expressions, the interpretation of the property value depends on the argument, as described in the block-type-specific exceptions given later in this page.
-
Where a property name corresponds to an expected nested block type name, the value is interpreted as described under Nested Block Mapping below, unless otherwise stated in the block-type-specific exceptions given later in this page.
Expression Mapping
Since JSON grammar is not able to represent all of the Terraform language expression syntax, JSON values interpreted as expressions are mapped as follows:
JSON | Terraform Language Interpretation |
---|---|
Boolean | A literal bool value. |
Number | A literal number value. |
String | Parsed as a string template and then evaluated as described below. |
Object | Each property value is mapped per this table, producing an object(...) value with suitable attribute types. |
Array | Each element is mapped per this table, producing a tuple(...) value with suitable element types. |
Null | A literal null . |
When a JSON string is encountered in a location where arbitrary expressions are expected, its value is first parsed as a string template and then it is evaluated to produce the final result.
If the given template consists only of a single interpolation sequence, the result of its expression is taken directly, without first converting it to a string. This allows non-string expressions to be used within the JSON syntax:
{
"output": {
"example": {
"value": "${aws_instance.example}"
}
}
}
The output "example"
declared above has the object value representing the
given aws_instance
resource block as its value, rather than a string value.
This special behavior does not apply if any literal or control sequences appear
in the template; in these other situations, a string value is always produced.
Nested Block Mapping
When a JSON object property is named after a nested block type, the value of this property represents one or more blocks of that type. The value of the property must be either a JSON object or a JSON array.
The simplest situation is representing only a single block of the given type
when that type expects no labels, as with the lifecycle
nested block used
within resource
blocks:
{
"resource": {
"aws_instance": {
"example": {
"lifecycle": {
"create_before_destroy": true
}
}
}
}
}
The above is equivalent to the following native syntax configuration:
resource "aws_instance" "example" {
lifecycle {
create_before_destroy = true
}
}
When the nested block type requires one or more labels, or when multiple
blocks of the same type must be given, the mapping gets a little more
complicated. For example, the provisioner
nested block type used
within resource
blocks expects a label giving the provisioner to use,
and the ordering of provisioner blocks is significant to decide the order
of operations.
The following native syntax example shows a resource
block with a number
of provisioners of different types:
resource "aws_instance" "example" {
# (resource configuration omitted for brevity)
provisioner "local-exec" {
command = "echo 'Hello World' >example.txt"
}
provisioner "file" {
source = "example.txt"
destination = "/tmp/example.txt"
}
provisioner "remote-exec" {
inline = [
"sudo install-something -f /tmp/example.txt",
]
}
}
In order to preserve the order of these blocks, you must use a JSON array as the direct value of the property representing this block type, as in this JSON equivalent of the above:
{
"resource": {
"aws_instance": {
"example": {
"provisioner": [
{
"local-exec": {
"command": "echo 'Hello World' >example.txt"
}
},
{
"file": {
"source": "example.txt",
"destination": "/tmp/example.txt"
}
},
{
"remote-exec": {
"inline": ["sudo install-something -f /tmp/example.txt"]
}
}
]
}
}
}
}
Each element of the provisioner
array is an object with a single property
whose name represents the label for each provisioner
block. For block types
that expect multiple labels, this pattern of alternating array and object
nesting can be used for each additional level.
If a nested block type requires labels but the order does not matter, you may omit the array and provide just a single object whose property names correspond to unique block labels. This is allowed as a shorthand for the above for simple cases, but the alternating array and object approach is the most general. We recommend using the most general form if systematically converting from native syntax to JSON, to ensure that the meaning of the configuration is preserved exactly.
Comment Properties
Although we do not recommend hand-editing of JSON syntax configuration files -- this format is primarily intended for programmatic generation and consumption -- a limited form of comments are allowed inside JSON objects that represent block bodies using a special property name:
{
"resource": {
"aws_instance": {
"example": {
"//": "This instance runs the scheduled tasks for backup",
"instance_type": "t2.micro",
"ami": "ami-abc123"
}
}
}
}
In any object that represents a block body, properties named "//"
are
ignored by Terraform entirely. This exception does not apply to objects
that are being interpreted as expressions, where this
would be interpreted as an object type attribute named "//"
.
This special property name can also be used at the root of a JSON-based configuration file. This can be useful to note which program created the file.
{
"//": "This file is generated by generate-outputs.py. DO NOT HAND-EDIT!",
"output": {
"example": {
"value": "${aws_instance.example}"
}
}
}
Block-type-specific Exceptions
Certain arguments within specific block types are processed in a special way by Terraform, and so their mapping to the JSON syntax does not follow the general rules described above. The following sub-sections describe the special mapping rules that apply to each top-level block type.
resource
and data
blocks
Some meta-arguments for the resource
and data
block types take direct
references to objects, or literal keywords. When represented in JSON, the
reference or keyword is given as a JSON string with no additonal surrounding
spaces or symbols.
For example, the provider
meta-argument takes a special compact provider
configuration reference, which appears directly in the native syntax but must
be presented as a string in the JSON syntax:
{
"resource": {
"aws_instance": {
"example": {
"provider": "aws.foo"
}
}
}
}
This special processing applies to the following meta-arguments:
provider
: a single string, as shown abovedepends_on
: an array of strings containing object references, like["aws_instance.example"]
.ignore_changes
within thelifecycle
block: if set toall
, a single string"all"
must be given. Otherwise, an array of JSON strings containing property references must be used, like["ami"]
.
Special processing also applies to the type
argument of any connection
blocks, whether directly inside the resource
block or nested inside
provisioner
blocks: the given string is interpreted literally, and not
parsed and evaluated as a string template.
variable
blocks
All arguments inside variable
blocks have non-standard mappings to JSON:
type
: a string containing a type expression, like"string"
or"list(string)"
.default
: a literal JSON value that can be converted to the given type. Strings within this value are taken literally and not interpreted as string templates.description
: a literal JSON string, not interpreted as a template.
{
"variable": {
"example": {
"type": "string",
"default": "hello"
}
}
}
output
blocks
The description
and sensitive
arguments are interpreted as literal JSON
values. The description
string is not interpreted as a string template.
The value
argument is interpreted as an expression.
{
"output": {
"example": {
"value": "${aws_instance.example}"
}
}
}
locals
blocks
The value of the JSON object property representing the locals block type must be a JSON object whose property names are the local value names to declare:
{
"locals": {
"greeting": "Hello, ${var.name}"
}
}
The value of each of these nested properties is interpreted as an expression.
module
blocks
The source
and version
meta-arguments must be given as literal strings. The
values are not interpreted as string templates.
The providers
meta-argument must be given as a JSON object whose properties
are the compact provider addresses to expose into the child module and whose
values are the provider addresses to use from the current module, both
given as literal strings:
{
"module": {
"example": {
"source": "hashicorp/consul/azurerm",
"version": "= 1.0.0",
"providers": {
"aws": "aws.usw1"
}
}
}
}
provider
blocks
The alias
and version
meta-arguments must be given as literal strings. The
values are not interpreted as string templates.
{
"provider": {
"aws": {
"alias": "usw1",
"region": "us-west-1"
}
}
}
terraform
blocks
Since no settings within terraform
blocks accept named object references or
function calls, all setting values are taken literally. String values are not
interpreted as string templates.
Since only one backend
block is allowed per terraform
block, the compact
block mapping can be used to represent it, with a nested object containing
a single property whose name represents the backend type.
{
"terraform": {
"required_version": ">= 0.12.0",
"backend": {
"s3": {
"region": "us-west-2",
"bucket": "acme-terraform-states"
}
}
}
}