Terraform: Use Conditional Resource Output in Operators

Introduction
Step-by-Step Guide
Code Example
Additional Notes
Summary
Conclusion
References

Introduction

Terraform uses conditional expressions instead of traditional "if" statements for control flow. This article explains how to use conditional expressions for resource creation, accessing attributes of conditionally created resources, and using them in outputs. It also covers limitations of conditional expressions and alternative approaches for handling complex logic in Terraform.

Step-by-Step Guide

Terraform doesn't have traditional "if" statements for control flow. Instead, it uses conditional expressions within resource declarations and outputs to achieve similar results. Here's how to use them:

Conditional Resource Creation

You can conditionally create resources based on variables. The most common way is using the count meta-argument in conjunction with a conditional expression:

resource "aws_instance" "example" {
 count = var.create_instance ? 1 : 0
 # ... other resource attributes
}

In this example, an aws_instance is created only if the variable create_instance is set to true. If create_instance is false, count evaluates to 0, and no instance is created.

Accessing Conditionally Created Resources

When a resource is conditionally created, accessing its attributes requires careful handling. You can't directly reference an attribute if the resource might not exist.

To work around this, use the count.index feature within the resource block to reference individual instances, and conditional expressions outside to handle potential absence:

resource "aws_instance" "example" {
  count = var.create_instance ? 1 : 0
  # ... other resource attributes
  tags = {
    Name = "example-${count.index}"
  }
}

output "instance_id" {
  value = length(aws_instance.example) > 0 ? aws_instance.example[0].id : null
}

Here, aws_instance.example[0].id is used within the output block. The conditional expression checks if the length of the aws_instance.example list is greater than 0. If true, it means the instance was created, and its ID is returned. Otherwise, null is returned.

Conditional Expressions in Outputs

You can use conditional expressions directly within output blocks to control what values are displayed:

output "message" {
  value = var.enabled ? "Feature is enabled" : "Feature is disabled"
}

This output will display different messages based on the value of the enabled variable.

Limitations

While powerful, conditional expressions have limitations:

No "else" blocks: You can only evaluate a single condition. For complex logic, you might need multiple resources or modules.
Declarative Nature: Terraform is declarative, meaning you describe the desired state, not the steps to get there. Conditional expressions help manage this state but don't offer imperative control flow.

Alternatives and Workarounds

Modules: For more complex conditional logic, consider using modules. You can conditionally deploy entire modules based on variables.
External Data Sources: Use external data sources to fetch information that might influence your configuration.
Provisioners: While not ideal for core logic, provisioners can execute scripts conditionally after resource creation.

Remember that overusing conditional logic can make your Terraform code harder to read and maintain. Strive for clarity and consider alternative approaches when complexity increases.

Code Example

This Terraform code defines infrastructure using the AWS provider. It conditionally creates an EC2 instance based on the value of a variable. If the variable 'create_instance' is true, an instance of type 't2.micro' is created. The code outputs the instance ID if an instance is created and a message indicating whether or not the instance was created.

# Configure the AWS Provider
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.0"
    }
  }
}

# Variables
variable "create_instance" {
  type    = bool
  default = false
}

# Create an EC2 instance conditionally
resource "aws_instance" "example" {
  count = var.create_instance ? 1 : 0

  # Instance type
  ami           = "ami-0c55b31ad2299a701" # Replace with your desired AMI
  instance_type = "t2.micro"

  # Instance tags
  tags = {
    Name = "example-${count.index}"
  }
}

# Output the instance ID if the instance was created
output "instance_id" {
  value = length(aws_instance.example) > 0 ? aws_instance.example[0].id : null
}

# Output a message based on the 'create_instance' variable
output "message" {
  value = var.create_instance ? "Instance was created" : "Instance was not created"
}

Explanation:

Variables:
- create_instance: A boolean variable that controls whether to create the EC2 instance.
Conditional Resource Creation:
- The aws_instance resource uses the count meta-argument with a conditional expression.
- If var.create_instance is true, count is set to 1, creating one instance.
- If var.create_instance is false, count is set to 0, creating no instances.
Accessing Conditionally Created Resources:
- The output "instance_id" uses a conditional expression to check if the aws_instance.example list has any elements (meaning an instance was created).
- If an instance exists, it outputs the ID of the first instance (aws_instance.example[0].id).
- If no instance exists, it outputs null.
Conditional Expressions in Outputs:
- The output "message" demonstrates a simple conditional expression within an output.
- It displays different messages based on the value of var.create_instance.

To use this code:

Save: Save the code as a .tf file (e.g., main.tf).
Initialize: Run terraform init to initialize the working directory.
Deploy: Run terraform apply.
- If create_instance is set to true in the variables, an EC2 instance will be created.
- If create_instance is false (or not set, as the default is false), no instance will be created.

This example demonstrates the fundamental concepts of conditional logic in Terraform using count and conditional expressions. You can adapt these principles to manage more complex scenarios in your infrastructure code.

Additional Notes

Readability: While nesting conditional expressions is possible, it can quickly harm readability. For complex logic, consider breaking it down into separate resources, modules, or using local variables for clarity.
Ternary Limitation: Terraform's conditional expressions are essentially ternary operators (condition ? true_val : false_val). They don't support "else if" or switch-case structures directly.
Dynamic Blocks: Similar to count, the dynamic block can create and configure multiple instances of a block within a resource based on a collection or conditional logic.
For-Each Loops: For iterating over collections and generating resources dynamically, for_each loops offer a more robust alternative to count in many cases.
Null Values: Be mindful of potential null values when working with conditionally created resources. Use the try() function to gracefully handle situations where an attribute might not exist.
State Management: Remember that Terraform manages state. If a resource is conditionally created and later the condition becomes false, Terraform will destroy that resource unless appropriate lifecycle rules are in place.
Testing: Due to the declarative nature of Terraform, testing conditional logic thoroughly is crucial. Use tools like terraform plan and consider automated testing frameworks to ensure your logic behaves as expected.
Best Practices: Favor clarity and maintainability. If your conditional logic becomes overly complex, it might indicate a need to rethink your infrastructure design or explore alternative approaches.

Summary

Feature	Description	Example
Conditional Resource Creation	Create resources based on conditions using the `count` meta-argument.	`count = var.create_instance ? 1 : 0`
Accessing Conditionally Created Resources	Use `count.index` to reference individual instances and conditional expressions to handle potential absence.	`value = length(aws_instance.example) > 0 ? aws_instance.example[0].id : null`
Conditional Expressions in Outputs	Control output values based on conditions.	`value = var.enabled ? "Feature is enabled" : "Feature is disabled"`

Limitations:

No "else" blocks for complex logic.
Declarative nature limits imperative control flow.

Alternatives:

Modules: Conditionally deploy groups of resources.
External Data Sources: Fetch data to influence configuration.
Provisioners: Execute scripts conditionally after resource creation.

Best Practices:

Use conditional logic sparingly for readability and maintainability.
Consider alternative approaches for complex scenarios.

Conclusion

Mastering conditional logic in Terraform empowers you to write adaptable and efficient infrastructure code. By understanding how to leverage conditional expressions, manage resources effectively, and navigate the nuances of Terraform's declarative nature, you can create robust and scalable infrastructure deployments. Remember to prioritize clarity and maintainability, especially as your codebase grows. When used strategically, Terraform's conditional logic capabilities become invaluable tools in your infrastructure-as-code arsenal.

References

Is it possible to display output conditionally? - Terraform - HashiCorp ... | I would like to be able to display output conditionally, along the lines of: variable "vue_enabled" { description = "Set to true to enable building a vue queue" default = false } output "vue_queue" { value = "${var.vue_enabled ? aws_sqs_queue.vue_queue.id : ""}" } Where the vue_queue output gives the resource id if it exists, or and empty string (or not all) if not. Is this possible in Terraform? Thanks!
Terraform: Conditional creation of a resource based on a variable in ... | Feb 14, 2020 ... ... create (toggle / use flag / conditionally create) ... Terraform - How to use conditionally created resource's output in conditional operator?
Support use cases with conditional logic · Issue #1604 · hashicorp ... | It's been important from the beginning that Terraform's configuration language is declarative, which has meant that the core team has intentionally avoided adding flow-control statements like condi...
How to Use Terraform Conditional Expressions | What is a Terraform conditional? See how to use these operators to create resources, deploy modules, and other usage examples.
Terraform tips & tricks: loops, if-statements, and gotchas | by ... | Update, November 17, 2016: We took this blog post series, expanded it, and turned it into a book called Terraform: Up & Running!
Terraform HCL Intro 3: Conditional Logic - BoltOps Blog | Oct 3, 2020 ... $ terraform apply -auto-approve Outputs: pet1 = [ { "id" = "superb-tiger ... This is how you conditionally create resources with Terraform.
Conditionally run tf resource without count : r/Terraform | Posted by u/sto1911 - 1 vote and 15 comments
Terraform create resources conditionally | Medium | Use terraform conditional expressions and count parameter to apply different configurations to different environments
Custom Conditions - Configuration Language | Terraform ... | ... resource or output value using the data. To decide which is most ... You can use any of Terraform's built-in functions or language operators in a ...