Loading source
Pulling the file list, source metadata, and syntax-aware rendering for this listing.
Source from repo
Validate Azure configurations, ARM/Bicep templates, and resource settings before deployment
Files
Skill
Size
Entrypoint
Format
Open file
Syntax-highlighted preview of this file as included in the skill package.
references/recipes/terraform/README.md
1# Terraform Validation2Validation steps for Terraform deployments.4## Prerequisites6- `./infra/main.tf` exists8- State backend accessible9## Validation Steps11- [ ] 1. Terraform Installation13- [ ] 2. Azure CLI Installation14- [ ] 3. Authentication15- [ ] 4. Initialize16- [ ] 5. Format Check17- [ ] 6. Validate Syntax18- [ ] 7. Plan Preview19- [ ] 8. State Backend20- [ ] 9. Azure Policy Validation21- [ ] 10. Template Variable Resolution Check (AZD+Terraform)22## Validation Details24### 1. Terraform Installation26Verify Terraform is installed:28```bash30terraform version31```32**If not installed:** See https://developer.hashicorp.com/terraform/install34### 2. Azure CLI Installation36Verify Azure CLI is installed:38```bash40az version41```42**If not installed:**44```45mcp_azure_mcp_extension_cli_install(cli-type: "az")46```47### 3. Authentication49```bash51az account show52```53**If not logged in:**55```bash56az login57az account set --subscription <subscription-id>58```59### 4. Initialize61```bash63cd infra64terraform init65```66### 5. Format Check68```bash70terraform fmt -check -recursive71```72**Fix if needed:**74```bash75terraform fmt -recursive76```77### 6. Validate Syntax79```bash81terraform validate82```83### 7. Plan Preview85```bash87terraform plan -out=tfplan88```89### 8. State Backend91Verify state is accessible:93```bash95terraform state list96```97### 9. Azure Policy Validation99See [Policy Validation Guide](../../policy-validation.md) for instructions on retrieving and validating Azure policies for your subscription.101### 10. Template Variable Resolution Check (AZD+Terraform)103> ⚠️ **CRITICAL for azd+Terraform projects.** azd substitutes `${VAR}` references in105> `main.tfvars.json` via envsubst, but does NOT interpolate Go-style template variables106> (`{{ .Env.* }}`). Unresolved Go-style template strings passed to Terraform cause107> cascading deployment failures, state conflicts, and timeouts.108**Check for Go-style template variables:**110```bash112# Check for Go-style template variables in Terraform files113grep -rn '{{ *\.Env\.' infra/ --include='*.tf' --include='*.tfvars.json' || echo "OK: No Go-style template variables found"114# Check main.tfvars.json uses correct ${VAR} syntax116if test -f infra/main.tfvars.json; then117grep -n '{{ *\.Env\.' infra/main.tfvars.json && echo "WARNING: Use \${VAR} syntax instead of {{ .Env.* }}" || echo "OK: main.tfvars.json syntax is correct"118fi119```120**If Go-style template variables are found:**1221. **Fix the syntax** in `main.tfvars.json` — replace `{{ .Env.VAR }}` with `${VAR}`:123```json124{125"environment_name": "${AZURE_ENV_NAME}",126"location": "${AZURE_LOCATION}"127}128```1292. For additional variables, use **`TF_VAR_*` environment variables**:130```bash131azd env set TF_VAR_environment_name "$(azd env get-value AZURE_ENV_NAME)"132```1333. **Verify** that `variables.tf` declares all required variables1344. **Re-run** `terraform validate` and `terraform plan` to confirm135**If `.tfvars.json` uses wrong syntax:**137- Replace Go-style `{{ .Env.* }}` with `${VAR}` (azd's envsubst format)138- Prefer putting static defaults in `variables.tf` `default` values. Using `terraform.tfvars` (HCL) for static defaults is acceptable if your team prefers it; this restriction is specifically about avoiding Go-style template expressions in `.tfvars.json` files.139## References141- [Error handling](./errors.md)143## Next145All checks pass → **azure-deploy**147