Add provider-defined custom functions

[rileykarson]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment. If the issue is assigned to the "modular-magician" user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If the issue is assigned to a user, that user is claiming responsibility for the issue. If the issue is assigned to "hashibot", a community member has claimed the issue already.

Description

These seem to have been announced at HashiConf, as covered in hashicorp/terraform#27696 (comment).

I don't know much more than that yet, but may as well file a tracking issue to gather feedback / record plans!

Current ideas:

• Utility functions to retrieve project, zone, region, location, short resource name from a .id field
• Region from zone

New or Affected Resource(s)

• N/A

Potential Terraform Configuration

# Propose what you think the configuration to take advantage of this feature should look like.
# We may not use it verbatim, but it's helpful in understanding your intent.

References

• #0000

[bharathkkb]

Region from zone might another useful one https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/blob/47477d60324a4b0045699e518251b4d4a0c53c08/main.tf#L44C52-L44C57

[SarahFrench]

Here's an idea I had when I heard about this new feature:

Functions may also help users with prefixes required by member list entries in IAM resources, for example see how in this example user: is needed when setting the member argument. If the email corresponded to a service account it would need to be serviceAccount: , and if the email was for a Google group, then it'd be group:.

Below is an example of how a fictional createIamMember function could help users add those prefixes automatically when iterating through a list of emails.
This would reduce a lot of work for user to provide these prefixes themselves, and avoid that manual work resulting in typos like the one in this GitHub issue

locals{
   emails = toset([
      "person.mcperson@example.com",                      # a single-person user
      "all-company@example.com,                          # a multi-user Google group
      "123456789-compute@developer.gserviceaccount.com", # a GCP service account
   ])
}

resource "google_bigquery_dataset_iam_member" "editor" {
  for_each   = local.emails
  dataset_id = google_bigquery_dataset.dataset.dataset_id
  role       = "roles/bigquery.dataEditor"
  member     = createIamMember(each.key)
}

UPDATE: this wouldn't be possible as determining whether an email was for a user or group would rely on API calls and API calls aren't recommended in provider functions.

[schollii]

Are these user-defined functions that can get created by the provider.

Or, are they new functions provided exposed by the provider using a new mechanism that would be available to all providers? So technically someone who wants a new user-defined function could write a provider and create a resource that defines the function, then the user could use that function as any other function as long as the provider has been installed locally. Eg if the GCP provider has a gcp_udf resource e (that creates a user defined function in the provider) like this

resource "gcp_udf" "foo" {
  funcname = "foo" 
  arg1 = {
     type = int
     description = "..." 
   } 
   return = {
     type = int
     description = "..." 
   } 
}

Then the tf code could use gcp_foo(123) in an expression that expects an int.

[bharathkkb]

Another usecase - extract elements from OP style resource names //api.googleapis.com/locations/l/projects/p/collection/c. Example terraform-google-modules/terraform-google-kubernetes-engine#1824

[SarahFrench]

v5.23.0 of the google (and google-beta) provider introduced our first provider-defined functions.

For more information on provider-defined functions please see the Terraform 1.8 announcement blog, and a blog about the provider-defined functions released so far in major providers.

There is also the official documentation for creating provider-defined functions.

---

Closing as complete. Any future requests or bug reports related to provider-defined functions should be created as separate issues.

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.