Supported resource types for the HCP Terraform run task

This topic provides reference information about resource types that the HCP Terraform run task for HCP Packer supports when used to validate hard-coded machine artifacts. Refer to Validate artifact builds for information about using the run task.

Run task blocking behavior

The HCP Packer run task determines if it should fail and block a run, or pass with a warning, depending on how Terraform plan handles the resource you are updating.

If a Terraform plan creates or recreates a resource with a hardcoded reference to a revoked Packer artifact, the run task fails and blocks the run.

If a Terraform plan performs an in-place update on a resource with a hardcoded reference to a revoked Packer artifact, the run task passes with a warning but does not block the run. The run task passes even if your plan changes the artifact reference.

This behavior prevents unrelated changes to your Terraform configuration, such as updating tags on a compute resource, from blocking your run.

The following are examples of resources that Terraform updates in-place even when you replace the artifact they reference:

• aws_launch_template
• azurerm_linux_virtual_machine_scale_set
• azurerm_windows_virtual_machine_scale_set
• azurerm_virtual_machine_scale_set

To prevent Terraform operations from using a revoked artifact even when performing an in-place update, we recommend that you do the following:

• Avoid hardcoding HCP Packer artifact references in your resources. Instead, use the hcp_packer_version and hcp_packer_artifact data sources to look up the artifacts in HCP Packer.
• Use the replace_triggered_by Terraform lifecycle rule to force Terraform to recreate the resource when you update the artifact reference.

Amazon Web Services (AWS) provider

The run task supports the following AWS provider resources. Refer to the AWS provider documentation for details about how to configure its resources:

• aws_instance
• aws_spot_instance_request
• aws_launch_template
• aws_launch_configuration
• aws_ami_launch_permission
• aws_emr_cluster
• aws_batch_compute_environment

Azure provider

The run task supports the following Azure provider resources. Refer to the Azure provider documentation for details about how to configure its resources:

• azurerm_virtual_machine_scale_set
• azurerm_linux_virtual_machine_scale_set
• azurerm_windows_virtual_machine_scale_set
• azurerm_linux_virtual_machine
• azurerm_windows_virtual_machine
• azurerm_managed_disk

Google Cloud Platform (GCP) provider

The run task supports the following GCP provider resources. Refer to the GCP provider documentation for details about how to configure its resources:

• google_compute_instance
• google_compute_machine_image_iam_binding
• google_compute_machine_image_iam_member
• google_compute_machine_image_iam_policy
• google_compute_image_iam_binding
• google_compute_image_iam_member
• google_compute_image_iam_policy
• google_compute_disk