Saurabh Adhau's Blog

Dynamic Blocks in Terraform

Saurabh Adhau's photo
Saurabh Adhau
·

3 min read

Dynamic Blocks in Terraform

Table of contents

Introduction

Terraform, revered for its prowess in infrastructure as code (IaC), continues to evolve to meet the dynamic needs of modern cloud environments. Among its arsenal of features, dynamic blocks emerge as a potent tool for crafting flexible and adaptable configurations. In this comprehensive exploration, we'll delve into the nuances of dynamic blocks in Terraform, unraveling their syntax, real-world applications, and the tangible results they yield.

Understanding Dynamic Blocks

Dynamic blocks in Terraform bestow upon users the power to dynamically generate nested configuration blocks within resource, provider, or module blocks. This capability facilitates the creation of multiple instances of nested blocks based on dynamic lists or maps, offering unparalleled flexibility and scalability.

Syntax:

dynamic "<block_name>" {
  for_each = <expression>
  content {
    # Nested block configuration...
  }
}

Real-World Applications

Dynamic blocks find their utility across a spectrum of Terraform configurations, adapting to diverse use cases with finesse. Let's delve into two illustrative examples to grasp their practical implications.

1. Dynamic Security Group Rules

Imagine a scenario where you're tasked with defining security group rules dynamically based on a list of allowed ports and CIDR blocks. Dynamic blocks come to the rescue, enabling the streamlined creation of rules tailored to specific requirements.

resource "aws_security_group" "example" {
  name        = "example-sg"
  description = "Example security group"

  dynamic "ingress" {
    for_each = var.allowed_ports
    content {
      from_port   = ingress.value
      to_port     = ingress.value
      protocol    = "tcp"
      cidr_blocks = var.allowed_cidr_blocks
    }
  }
}

Explanation:

  • var.allowed_ports: This variable contains a list of allowed ports (e.g., [80, 443]), defined in variables.tf.

  • var.allowed_cidr_blocks: This variable contains a list of allowed CIDR blocks (e.g., ["10.0.0.0/16", "192.168.0.0/24"]), also defined in variables.tf.

Output/Result:

The output of this configuration will be a security group with ingress rules dynamically generated for each port specified in var.allowed_ports. For example, if var.allowed_ports is [80, 443], and var.allowed_cidr_blocks is ["10.0.0.0/16"], the resulting security group will have two ingress rules:

  1. Allow traffic on port 80 from CIDR block 10.0.0.0/16.

  2. Allow traffic on port 443 from CIDR block 10.0.0.0/16.

2. Dynamic Route Configuration

In another scenario, suppose you need to define route entries within a route table dynamically based on a map of route configurations. Dynamic blocks seamlessly handle this complexity, facilitating the creation of routes tailored to specific destinations and gateways.

resource "aws_route_table" "example" {
  vpc_id = aws_vpc.example.id

  dynamic "route" {
    for_each = var.route_configurations
    content {
      destination_cidr_block = route.value.destination_cidr_block
      gateway_id             = route.value.gateway_id
    }
  }
}

Explanation:

  • var.route_configurations: This variable contains a map of route configurations where each entry represents a route with a destination CIDR block and a gateway ID, defined in variables.tf.

Output/Result:

The output of this configuration will be a route table with route entries dynamically generated based on the var.route_configurations map. For example, if var.route_configurations is { "0.0.0.0/0" = "igw-12345678", "10.0.0.0/16" = "local" }, the resulting route table will have two route entries:

  1. Route to 0.0.0.0/0 with gateway ID igw-12345678.

  2. Route to 10.0.0.0/16 with gateway ID local.

Variables Definition (variables.tf)

Here's an example of how variables can be defined in a variables.tf file:

variable "allowed_ports" {
  type    = list(number)
  default = [80, 443]
}

variable "allowed_cidr_blocks" {
  type    = list(string)
  default = ["10.0.0.0/16"]
}

variable "route_configurations" {
  type    = map(object({
    destination_cidr_block = string
    gateway_id             = string
  }))
  default = {
    "0.0.0.0/0" = {
      destination_cidr_block = "0.0.0.0/0"
      gateway_id             = "igw-12345678"
    }
    "10.0.0.0/16" = {
      destination_cidr_block = "10.0.0.0/16"
      gateway_id             = "local"
    }
  }
}

This variables.tf file defines three variables: allowed_ports, allowed_cidr_blocks, and route_configurations, which are referenced in the main Terraform configuration (main.tf) to provide dynamic input values.

Conclusion

This comprehensive article covers the syntax, real-world applications, and usage of dynamic blocks in Terraform configurations, along with the definition of variables in a variables.tf file. I hope this provides a thorough understanding of dynamic blocks and how they contribute to the flexibility and scalability of Terraform configurations. If you have any further questions or need additional clarification, please feel free to ask.

dynamic blocks in terraformTerraformDevops