Skip to main content

Custom Variable Validation in Terraform 0.13

Jul 07 2020Martin Atkins & Petros Kolyvas

We’re excited to announce that custom variable validation is being released as a production-ready feature in Terraform 0.13. Custom Variable Validation was introduced as a language experiment in Terraform 0.12.20 and builds upon the type system introduced in Terraform 0.12 by allowing configurations to contain validation conditions for a given variable.

In the example below, we define a condition for the variable ami_id which requires the id to begin with the string ami:

variable "ami_id" {
    type = string

    validation {
    condition = (
        length(var.ami_id) > 4 &&
        substr(var.ami_id, 0, 4) == "ami-"
    )
    error_message = "The ami_id value must start with \"ami-\"."
    }
}

Each variable block can have zero or more validation blocks, allowing an author to potentially write a specific error message associated with each distinct check.

The condition expression is evaluated in a reduced evaluation context that supports all of Terraform's built-in functions but allows referring only to the variable being validated — in this case, var.ami_id — which evaluates to the value given by the caller after any automatic conversion to the given type constraint string. The expression can therefore safely assume var.ami_id is a string in this case.

If the expression returns true then the validation is considered to have succeeded. If it returns false then validation has failed and Terraform will return an error at the module call site, using the text given in error_message:

Error: Invalid value for variable

    on variable-validation-rfc.tf line 4, in module "example":
    4:   ami_id = "amo-abc123"

The ami_id value must start with "ami-".

This was checked by the validation rule at example/variables.tf:4,3-13.

Terraform’s custom variable validation takes the ergonomics of this feature one step further and will distinguish between an error produced by validation of the variable itself or an error with the expression used as the condition for validation. More information is available in the Terraform documentation.

Download the latest Terraform 0.13 pre-release today and give custom variable validation a try. Don’t forget to join us on our community forums for questions and discussion about this and the other new features of Terraform 0.13.

Sign up for the latest HashiCorp news

By submitting this form, you acknowledge and agree that HashiCorp will process your personal information in accordance with the Privacy Policy.

More blog posts like this one

Terraform now supports multiple team tokens
April 28 2025 | Products & Technology
Terraform now supports multiple team tokens

Teams in HCP Terraform can now generate multiple API tokens per team, making multi-pipeline management easier and more secure.

AWS and AWSCC Terraform providers: Better together
April 24 2025 | Products & Technology
AWS and AWSCC Terraform providers: Better together

Manage your cloud infrastructure with the AWS and AWSCC Terraform providers and view strategies on how to move state between providers.

Protect data privacy in Amazon Bedrock with Vault
April 01 2025 | Products & Technology
Protect data privacy in Amazon Bedrock with Vault

This demo shows how Vault transit secrets engine protects data used for RAG in an Amazon Bedrock Knowledge Base created by Terraform.