If, If-else Statements in Terraform

Posted by Miguel Lopez on Tue 10 April 2018 in automation

Terraform v1.6.0

Introduction

In Terraform's HCL, conditional logic has evolved significantly, making it easier to implement if and if-else statements. The ternary operator remains a key feature, but newer syntax and features introduced in Terraform v1.6.0 enhance readability and functionality.

The basic syntax for a ternary operation is:

condition ? true_value : false_value

This allows you to evaluate a condition and return one of two values based on whether the condition is true or false.

If Statement

Let's start with a simple example using the count parameter to conditionally create a resource. In this example, we use a boolean variable create_eip to determine whether to create an Elastic IP (EIP).

module "frontend" {
  source         = "./modules/frontend-app"
  box_name       = "web-01"
  ami            = "ami-25615740"
  instance_type  = "t2.micro"
  create_eip     = true
}

In the module, the count parameter uses the ternary operator to conditionally create the resource:

# frontend-app module
variable "create_eip" {
  description = "Create an EIP if set to true"
  type        = bool
  default     = false
}

resource "aws_eip" "web_eip" {
  count    = var.create_eip ? 1 : 0
  instance = aws_instance.example.id
}

If create_eip is set to true, the count evaluates to 1, creating one EIP resource. If false, the count evaluates to 0, and no resource is created.

If-Else Statement

To implement an if-else pattern, we can use multiple resources with conditional count values. Here's an updated example:

module "frontend" {
  source             = "./modules/frontend-app"
  box_name           = "web-01"
  ami                = "ami-25615740"
  instance_type      = "t2.micro"
  create_primary_eip = true
}

In the module, we define two resources, each with a conditional count:

# frontend-app module
variable "create_primary_eip" {
  description = "Create the primary EIP if true, otherwise create the secondary EIP"
  type        = bool
  default     = false
}

resource "aws_eip" "primary_eip" {
  count    = var.create_primary_eip ? 1 : 0
  instance = aws_instance.example.id
}

resource "aws_eip" "secondary_eip" {
  count    = var.create_primary_eip ? 0 : 1
  instance = aws_instance.example.id
}

If create_primary_eip is true, the primary_eip resource is created, and the secondary_eip resource is skipped. If false, the secondary_eip resource is created instead.

Using Dynamic Blocks

Terraform 1.6.0 introduces enhanced support for dynamic blocks, which can simplify conditional logic in complex configurations. Here's an example:

resource "aws_security_group" "example" {
  name        = "example-sg"
  description = "Example security group"

  dynamic "ingress" {
    for_each = var.enable_ingress ? [1] : []
    content {
      from_port   = 80
      to_port     = 80
      protocol    = "tcp"
      cidr_blocks = ["0.0.0.0/0"]
    }
  }
}

In this example, the ingress block is only created if var.enable_ingress is true.

Conclusion

Terraform's conditional logic, including the ternary operator and dynamic blocks, provides powerful tools for managing infrastructure as code. By leveraging these features, you can create flexible and maintainable configurations that adapt to your needs.

With the updates in Terraform v1.6.0, writing conditional logic is more intuitive and expressive than ever. Start using these patterns in your projects today!

aws cloud terraform hcl hashicorp if-statements conditional-logic infrastructure-as-code automation