Open in app

Sign in

Write

Sign in

Dynamic Blocks in Terraform — An Overview: about terraform dynamic blocks.

Hardik Patel
3 min readJan 16, 2023

--

Terraform is an open source tool for provisioning infrastructure. It can deploy to many clouds like Google Cloud and Amazon Web Services, or it can be used locally in a private cloud. Terraform is ideal for teams or projects that need repeatable, reliable infrastructure each time they scale up in size.

Terraform Dynamic Blocks allow you to define reusable components in your infrastructure with a single set of parameters. This improves the flexibility and code reuse as well as provides a way to manage all of your configurations in one place.

Dynamic blocks are helpful tools that let you focus on what the infrastructure needs are instead of worrying about how to configure the underlying infrastructure. In this blog post we will learn why we use dynamic block and how to work with terraform dynamic blocks.

Key-Benefits using Dynamic Block

  • Reusable
  • clarity
  • speed

Imagine you have a long list of resources that need to be created and provisioned, but you also want to create them in parallel. This can be done by using dynamic blocks to dynamically add new resources or modify existing ones.

Dynamic Block Components

As a terraform developer we can define dynamic block inside of resource, data, provider etc.…

dynamic block consists of following components,

  • label
  • for_each
  • iterator
  • content

Nested Blocks

resource "aws_security_group" "mysg" {
  name        = "webserver"
  description = "Inbound Rules for WebServer"

  ingress {
    description = "HTTP"
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
  ingress {
    description = "SSH"
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
  ingress {
    description = "HTTPS"
    from_port   = 443
    to_port     = 443
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

code create security group with 2 inbound rules. The ingress parameter is repeatable multiple times.

Dynamic Nested Block

locals {
  ports = [80, 22, 443]
}
resource "aws_security_group" "mysg" {
  name        = "webserver"
  description = "Inbound Rules for WebServer"

  dynamic "ingress" {
    for_each = local.ports
    content {
      description = "description ${ingress.key}"
      from_port   = ingress.value
      to_port     = ingress.value
      protocol    = "tcp"
      cidr_blocks = ["0.0.0.0/0"]
    }
  }
}

lets check another example with attributes lists and map,

Dynamic Block with attribute list and map,

locals {
  rules = [{
    description = "HTTP",
    port = 80,
    cidr_blocks = ["0.0.0.0/0"],
  },{
    description = "SSH",
    port = 22,
    cidr_blocks = ["10.0.0.0/16"],
  },{
    description = "HTTPS",
    port = 443,
    cidr_blocks = ["0.0.0.0/0"],
  }]
}
resource "aws_security_group" "mysg" {
  name        = "webserver"
  description = "Inbound Rules for WebServer"

  dynamic "ingress" {
    for_each = local.rules
    content {
      description = ingress.value.description
      from_port   = ingress.value.port
      to_port     = ingress.value.port
      protocol    = "tcp"
      cidr_blocks = ingress.value.cidr_blocks
    }
  }
}
locals {
  map = {
    "HTTP" = {
      port = 80,
      cidr_blocks = ["0.0.0.0/0"],
    }
    "SSH" = {
      port = 22,
      cidr_blocks = ["10.0.0.0/16"],
    }
    "HTTPS" = {
      port = 443,
      cidr_blocks = ["0.0.0.0/0"],
    }
  }
}
resource "aws_security_group" "mysg" {
  name        = "webserver"
  description = "Inbound Rules for WebServer"

  dynamic "ingress" {
    for_each = local.map
    content {
      description = ingress.key
      from_port   = ingress.value.port
      to_port     = ingress.value.port
      protocol    = "tcp"
      cidr_blocks = ingress.value.cidr_blocks
    }
  }
}

we can also use iterator with dynamic block but it is optional. In case of nested dynamic block , it is important to use iterator.

locals {
  map = {
    "HTTP" = {
      port = 80,
      cidr_blocks = ["0.0.0.0/0"],
    }
    "SSH" = {
      port = 22,
      cidr_blocks = ["10.0.0.0/16"],
    }
    "HTTPS" = {
      port = 443,
      cidr_blocks = ["0.0.0.0/0"],
    }
  }
}
resource "aws_security_group" "mysg" {
  name        = "webserver"
  description = "Inbound Rules for WebServer"

  dynamic "ingress" {
    for_each = local.map
    iterator = each
    content {
      description = each.key
      from_port   = each.value.port
      to_port     = each.value.port
      protocol    = "tcp"
      cidr_blocks = each.value.cidr_blocks
    }
  }
}

Conclusion

Terraforms dynamic block functionality is a powerful tool for creating blocks of code that can be reused in multiple places. It allows for greater efficiency in Terraform as a whole. The dynamic block resource has advantages over using separate resources when repetition must be strictly controlled, or when attributes vary per application. Terraforms dynamic blocks provide the additional benefit of building reusable modules that can be applied to future projects.

Enjoy writing code and Grow your Infrastructure.

Terraform
Automation
Iac
Cloud Services
Cloud

--

--

Hardik Patel

Written by Hardik Patel

88 Followers

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams