Provisioners
Les provisioners executent des scripts apres la creation d'une ressource.
resource "aws_instance" "web" {
ami = "ami-0c55b159cbfafe1f0"
instance_type = "t2.micro"
# Executer un script local apres creation
provisioner "local-exec" {
command = "echo ${self.public_ip} >> hosts.txt"
}
# Executer un script sur la machine distante
provisioner "remote-exec" {
inline = [
"sudo apt update",
"sudo apt install -y nginx",
"sudo systemctl start nginx"
]
connection {
type = "ssh"
user = "ubuntu"
private_key = file("~/.ssh/id_rsa")
host = self.public_ip
}
}
}Lifecycle — Controler le cycle de vie
resource "aws_instance" "web" {
# ...
lifecycle {
# Creer la nouvelle avant de detruire l'ancienne
create_before_destroy = true
# Empecher la destruction accidentelle
prevent_destroy = true
# Ignorer certains changements (ex: tags manuels)
ignore_changes = [tags]
# Remplacer la ressource si une condition change
replace_triggered_by = [
aws_security_group.web_sg.id
]
}
}Depends_on — Dependances explicites
resource "aws_instance" "web" {
# ...
depends_on = [aws_security_group.web_sg]
}Attention : Les provisioners sont un dernier recours. Preferez des outils dedies (Ansible, cloud-init) pour la configuration. Les provisioners rendent le code moins predictible.