How to skip/ignore specific module in terraform if var is null or empty

Question

Is there any way to skip the terraform block/file if defined variable is empty or null. Instead of throwing error.

I have created tow terraform script for azure.

1. For azure automation creation, runbook creation.
2. For event grid creation.

After executing the first step I have to generate a webhook URL manually (there no such automation support for webhook generation). after generating of webhook URL I need to define it in second resource. If I defined empty/null or invalid URL then terraform throw the error.

below is the terraform code.

data "local_file" "runbook_script" {
  filename = "${path.module}/envent-grid-runbook.ps1"
}
resource "azurerm_automation_runbook" "runbook" {
  name                    = "event-gird-notification"
  location                = var.location
  resource_group_name     = var.resource_group_name
  automation_account_name = azurerm_automation_account.CreateAutomation.name
  log_verbose             = true
  log_progress            = true
  description             = "This runbook is creted for event grid notification"
  runbook_type            = "PowerShell"

  content = data.local_file.runbook_script.content
  publish_content_link {
    uri = ""
  }
}

resource "azurerm_eventgrid_event_subscription" "key-vault" {
  name  = "test"
  scope = "/subscriptions/xxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxx/name"
  topic_name = "/subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxx/vault"
  webhook_endpoint  {
        url = var.webhook_url
  }

  included_event_types = [
                                "Microsoft.KeyVault.SecretNewVersionCreated",
                                "Microsoft.KeyVault.SecretNearExpiry",
                                "Microsoft.KeyVault.SecretExpired"
                        ]
  event_delivery_schema = "EventGridSchema"

}

If I defined null/empty var for webhook ULR variable. then getting below error.

Error: "webhook_endpoint.0.url": required field is not set

I have created a Jenkins job, where all terraform code to run in a single job. if the code fails, then entire job is getting failed. That's why looking for a solution to skip the specific block/file if var is empty or null.

Answer 1

I assume that you want to make entire azurerm_eventgrid_event_subscription resource optional, based on var.webhook_url you can use count .

For example:

resource "azurerm_eventgrid_event_subscription" "key-vault" {

  count = var.webhook_url == "" ? 0 : 1

  name  = "test"
  scope = "/subscriptions/xxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxx/name"
  topic_name = "/subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxx/vault"

  webhook_endpoint" {
        url = var.webhook_url
  } 

  included_event_types = [
                                "Microsoft.KeyVault.SecretNewVersionCreated",
                                "Microsoft.KeyVault.SecretNearExpiry",
                                "Microsoft.KeyVault.SecretExpired"
                        ]
  event_delivery_schema = "EventGridSchema"

}

In the above example, you may need to adjust the condition based on what values var.webhook_url can actually have to be consider correct or incorrect.