AWS with Terraform (Day 10)

Conditional Expressions, Dynamic Blocks & Splat Expressions Explained

Today’s learning in #30DaysOfAWSTerraform was a complete game-changer in how I think about writing Terraform code. I explored three powerful expression techniques that transform Terraform from repetitive configuration to clean, automated, and scalable Infrastructure-as-Code:

1. Conditional Expressions
2. Dynamic Blocks
3. Splat Expressions

These expressions solve real-world DevOps challenges—avoiding repetitive blocks of code, enabling smart decision-making, and extracting values from multiple resources effortlessly.

Why Terraform Expressions Matter

Many beginners (including me earlier) start by hardcoding values and copy-pasting blocks repeatedly.
This quickly creates problems:

  • Manual edits = mistakes

  • Huge files = hard to read & maintain

  • Different environments = inconsistent results

Expressions fix all of this by making Terraform:

  • More concise

  • More efficient

  • More reusable

  • More scalable for Dev, Staging & Production

1. Conditional Expressions

Used when selecting values based on conditions (similar to if-else).

Example

instance_type = var.environment == "dev" ? "t2.micro" : "t3.micro"

How it works

  • If environment is dev → use t2.micro

  • Else → use t3.micro

Best practice
Store environment input in variables.tf and use conditionals inside resources—not hardcoded values.

2. Dynamic Blocks

Used to dynamically generate nested repeatable resource blocks—especially useful in security groups, IAM policies, scaling rules, etc.

Variable definition

variable "ingress_rule_dynamic_block" {
  description = "List of ingress rules for testing dynamic block expression"
  type = list(object({
    from_port   = number
    to_port     = number
    protocol    = string
    cidr_blocks = list(string)
    description = string
  }))
  default = [
    {
      from_port   = 80
      to_port     = 80
      protocol    = "tcp"
      cidr_blocks = ["0.0.0.0/0"]
      description = "Allow HTTP traffic"
    },
    {
      from_port   = 443
      to_port     = 443
      protocol    = "tcp"
      cidr_blocks = ["0.0.0.0/0"]
      description = "Allow HTTPS traffic"
    }
  ]
}

Dynamic block usage

  dynamic "ingress" {
    for_each = var.ingress_rule_dynamic_block
    content {
      from_port   = ingress_rule_dynamic_block.value.from_port
      to_port     = ingress_rule_dynamic_block.value.to_port
      protocol    = ingress_rule_dynamic_block.value.protocol
      cidr_blocks = ingress_rule_dynamic_block.value.cidr_blocks
      description = ingress_rule_dynamic_block.value.description
    }
  }

Benefits
✔ No duplicate nested blocks
✔ Easy to add/remove rules
✔ Cleaner code & great for large infra

3. Splat Expressions

Used to collect attributes from multiple resource instances.

Example

aws_instance.example[*].id

Local value

locals {
  all_instance_ids = aws_instance_conditional_instance[*].id
}

Output

output "all_instance_ids" {
  value = local.all_instance_ids
}

Use case

  • Collect ARNs, IDs, IPs of EC2 instances created with count or for_each

Pre-Apply Checklist

CheckWhy
terraform initconfigure backend & plugins
Validate variable typesavoid type mismatch errors
Balance braces & block syntaxcommon source of plan failures
Use quotes for CIDR"0.0.0.0/0"

Use splat expressions for count resources
avoid index errors

Final Thoughts

Today’s session helped me write cleaner, more professional Terraform code by removing repetition, centralizing logic, and improving scalability. Conditional expressions, dynamic blocks, and splat expressions are essential tools for building reusable Terraform modules and enterprise-grade AWS infrastructure.

Let’s Connect

Here is my repo link for detailed code lines: https://github.com/Mo-Adnan-Mo-Ayyub/Aws-with-Terraform

Here is the session link: 




Always open for collaboration, DevOps discussions, and CI/CD & Cloud architecture learning exchanges!

#DevOps #Terraform #AWS #InfrastructureAsCode #CloudEngineering #SRE #30DaysOfAWSTerraform #PiyushSachdeva #HCL #Automation #IaC

Comments

Post a Comment

Popular posts from this blog

AWS with Terraform (Day 01)

Image
  Terraform Fundamentals – Day 01 (My Learning Notes as a DevOps Engineer) Today I wrapped up Day-01 of my Terraform with AWS series, and even with my DevOps background, this session helped me tighten my fundamentals and rethink how I approach cloud provisioning. Terraform is something I’ve used before, but today was more about understanding why IaC matters at scale and why Terraform continues to dominate in real-world DevOps ecosystems. Understanding Infrastructure as Code (IaC) As a DevOps engineer, IaC is not new to me. But today’s session broke it down in a way that clarified its real value. IaC = Infrastructure represented as code. Instead of building resources manually through AWS/Azure/GCP consoles, we define everything in .tf files. This ensures our setup is predictable, repeatable, and version-controlled. What I liked most is how clearly the contrast was shown: Cloud-Agnostic Tools (Terraform / Pulumi) Work across AWS, Azure, GCP, Kubernetes, GitHub, etc. ...
Read more

AWS with Terraform (Day 02)

Image
  AWS with Terraform – Day 02 Deep Dive into Providers, Versioning & the Real “Bridge” Between Code and Cloud Today’s session took me from simply writing Terraform code to actually understanding the engine behind it — the Provider layer . And honestly, once this clicks, Terraform stops feeling like just a tool and starts feeling like a real engineering system. Here’s what I learned and how I’ve started applying it. Providers: The Plugin That Makes Terraform Real The simplest way I now understand it: Terraform writes the story. Providers translate it into cloud actions. Before today, I treated the provider block as just two lines of mandatory code. Now I see it as the translator that turns HCL into actual AWS API calls . Example: I write: resource "aws_s3_bucket" "demo" { bucket = "my-app-demo" } The AWS provider turns that into the exact S3 API request. This layer saves us from manually hitting APIs, building payloads, or juggling ...
Read more

AWS with Terraform (Day 06)

Image
Mastering Terraform File Structure: Best Practices for Scalable AWS Infrastructure as Code You've built your first AWS resources with Terraform in one big main.tf file. It works fine at first. But as your project grows, that single file turns into a mess. Resources pile up. Variables hide in plain sight. Debugging takes forever. Good news. You can fix this now. Split your Terraform files the right way. Follow HashiCorp's tips for a clean setup. This boosts readability. It helps teams work together. Plus, it scales for big AWS setups like VPCs, EC2s, and S3 buckets. Stick with me. You'll see hands-on steps to organize your root module today. The Anatomy of a Well-Organized Terraform Root Module The root directory acts as your Terraform project's heart. It's the root module. Here, you keep all key files. No strict rules exist for names. But smart choices make life easier. Start simple. Break one fat main.tf into focused files. This stops resource clutter. You n...
Read more