Day 10 of #30DaysofAWSTerraform 🚀

Terraform Expressions: Conditional Expressions, Dynamic Blocks & Splat Expressions

In Day 10 of my #30DaysofAWSTerraform series, we focus on Terraform expressions—specifically:

• Conditional expressions

• Dynamic blocks

• Splat expressions

These expressions help us write clean, reusable, and environment-aware Terraform code, which is essential for real-world infrastructure.

1️⃣ Conditional Expressions in Terraform

A conditional expression allows Terraform to choose between two values based on a condition.

Syntax

condition ? true_value : false_value

Example: Environment-based behavior

variable "environment" {
  type    = string
  default = "dev"
}

output "instance_type" {
  value = var.environment == "prod" ? "t3.large" : "t3.micro"
}

How it works

• If environment is prod → t3.large

• Otherwise → t3.micro

👉 Conditional expressions are commonly used with:

• count

• for_each

• Dynamic blocks

2️⃣ Dynamic Blocks in Terraform

A dynamic block is used to generate repeated nested blocks automatically.

⚠️ Important:

• Dynamic blocks do not create resources

• They only create nested blocks like ingress, egress, rule, etc.

Example: Dynamic Block with List of Objects

Variable definition (variables.tf)

variable "ingress_rules" {
  type = list(object({
    port     = number
    protocol = string
    cidr     = string
  }))

ingress_rules = [
  {
    port     = 22
    protocol = "tcp"
    cidr     = "0.0.0.0/0"
  },
  {
    port     = 80
    protocol = "tcp"
    cidr     = "0.0.0.0/16"
  },
  {
    port     = 443
    protocol = "tcp"
    cidr     = "0.0.0.0/16"
  }
]
}

Dynamic block usage (main.tf)

resource "aws_security_group" "web_sg" {
  name = "web-sg"

  dynamic "ingress" {
    for_each = var.environment == "prod" ? var.ingress_rules : []

    content {
      from_port   = ingress.value.port
      to_port     = ingress.value.port
      protocol    = ingress.value.protocol
      cidr_blocks = [ingress.value.cidr]
    }
  }

  tags = {
    Environment = var.environment
  }
}

How it works (step-by-step)

1. Terraform evaluates the conditional expression

2. If environment is prod, it loops over ingress_rules

3. For each object, Terraform expands an ingress block

4. If environment is not prod, the list is empty → no ingress rules

👉 Dynamic blocks are evaluated at plan time and disappear after expansion.

3️⃣ Splat Expressions in Terraform

A splat expression extracts the same attribute from all elements of a collection.

Syntax

collection[*].attribute

Example: Splat with List of Objects

output "allowed_ports" {
  value = var.ingress_rules[*].port
}

Output

[22, 80, 443]

Terraform collects the port attribute from every object in the list.

Splat vs for Expression

# Splat
var.ingress_rules[*].port

# For expression
[for rule in var.ingress_rules : rule.port]

Both return the same result, but:

• Splat is shorter

• for expressions are more powerful (filtering, conditions)

🧠 Why These Expressions Matter

Together, they enable production-ready Terraform code.

📝 Summary

• Conditional expressions control values based on logic

• Dynamic blocks generate nested blocks dynamically

• Splat expressions collect attributes from collections

• These features are evaluated at plan time

✅ Key Takeaway

Terraform expressions help transform static infrastructure code into flexible, reusable, and scalable configurations.

hands on