Getting started
To use the Chronosphere Terraform provider, you must install Terraform, and then you can install the provider and ensure you’re authenticated for its use. For information, see Install the Chronosphere Terraform provider. After installing the provider, see the documentation in the Terraform registry to understand the schema and resource definitions.Prevent changes to managed resources
When you use Terraform to manage service account, notifier, dashboard, monitor, or drop rules resources, Terraform overrides any changes to these resources that users try to make elsewhere. To avoid confusion and configuration conflicts, Observability Platform prevents users from modifying such resources outside of Terraform. When you attempt to modify a Terraform-managed resource in Observability Platform, the app displays a banner that explains the required use of Terraform. It also prevents you from saving any attempted changes from the user interface. Observability Platform also prevents any attempts to modify these resources with Chronoctl or the Chronosphere API.Validate plans with dry runs
When you run
terraform plan to generate an execution plan, Chronosphere automatically
tests configurations that include notification policies by submitting them as dry runs.
For details, see the
Terraform provider
documentation.| Terraform provider version | Supported types for dry-run validations |
|---|---|
| 0.34 or later | All resources |
| 0.33 | All resources except notifiers |
| 0.29 through 0.32 | Monitors, mapping rules, rollup rules, and notification policies |
| 0.28 and earlier | Monitors |
Dry runs can’t validate resources or configurations that rely on uniqueness or the
existence of other objects, because those traits can change during the dry run or
before Terraform applies the configuration. For example, a dry run can’t validate
whether referencing another entity’s ID is valid because that ID’s existence isn’t
guaranteed.Dry runs can therefore provide only a best-effort attempt to confirm a resource’s
validity.
Disable dry run validation
To prevent the dry-run validation step, set theCHRONOSPHERE_DRY_RUN_VALIDATION_DISABLED
environment variable to 1 when running terraform plan:
Troubleshooting
Use the following information to help troubleshoot common issues with the Chronosphere Terraform provider.Unable to remove resources referenced elsewhere in a manifest
By design, Terraform prevents providers from defining the order of resources managed by the provider, or the order of actions it takes on them. This is a known limitation of Terraform on all Terraform providers, including the Chronosphere Terraform provider. When you remove a resources from a Terraform manifest or make modifications that require the resource to be recreated, Terraform attempts to remove the resource before updating its references. This behavior can lead to errors, including timeouts that don’t report an error message. In some affected resources, you can set thecreate_before_destroy lifecycle meta-argument
to mitigate the issue by forcing Terraform to create a new resource before destroying
the old resource. However, resources that require a unique field (such as the
Chronosphere Terraform provider’s name field) that also enforce ForceNew on the
resource are incompatible with this meta-argument. This includes many Chronosphere
Terraform provider resources.
Because of this behavior, you might need to remove references to a resource you
intend to destroy. After that point, Terraform should let you remove the referenced
resources.
