How can I read environment variables from a .env file into a terraform script?

Question

I'm building a lambda function on aws with terraform. The syntax within the terraform script for uploading an env var is:

resource "aws_lambda_function" "name_of_function" {

  ...

  environment {
    variables = {
      foo     = "bar"
    }
  }
}

Now I have a .env file in my repo with a bunch of variables, e.g. email='[email protected]', and I'd like terraform to read (some of) them from that file and inject them into the space for env vars to be uploaded and available to the lambda function. How can this be done?

Answer 1

This is a pure TerraForm-only solution that parses the .env file into a native TerraForm map.

output "foo" {
  value = { for tuple in regexall("(.*)=(.*)", file("/path/to/.env")) : tuple[0] => tuple[1] }
}

I have defined it as an output to do quick tests via CLI but you can always define it as a local or directly on an argument.

Answer 2

My solution for now involves 3 steps.

1. Place your variables in a .env file like so:

export TF_VAR_FOO=bar

Yes, it's slightly annoying that you HAVE TO prefix your vars with TF_VAR_, but I've learned to live with it (at least it makes it clear in your .env what vars will be used by terraform, and which will not.)

2. In your TF script, you have to declare any such variable without the TF_VAR_ prefix. E.g.

variable "FOO" {
  description = "Optionally say something about this variable"
}

3. Before you run terraform, you need to source your .env file (. .env) so that any such variable is available to processes you want to launch in your present shell environment (viz. terraform here). Adding this step doesn't bother me since I always operate my repo with bash scripts anyway.

Note: I put in a request for a better way to handle .env files here though I'm actually now quite happy with things as is (it was just poorly described in the official documentation how TF relates to .env files IMO).