• terraform: Using dynamic blocks to conditionally set a block on a resource

    2 min read

    In the same way we can conditionally include a resource, we can also use for_each to conditionally include a nested block using terraform's dynamic blocks

    For example, if we want to add a variable that controls whether we should set this value:

    resource "helm_release" "spinnaker" {
      name  = "spinnaker"
      set {
        name = "halyard.additionalScripts.data.enable_mptv2"
        type = "string"
        value = <<-EOF
          cat $0
          echo "custom mptv2"
          $HAL_COMMAND config features edit --managed-pipeline-templates-v2-ui true


  • Terraform dynamic blocks

    3 min read

    When we have a resource that can have multiple nested blocks to be configured we can use dynamic blocks to configure it dynamically. A perfect example is a SecurityGroup that can have multiple ingress and egress rules to be able to allow traffic. Let's use the following aws_security_group resource definition as a starting point:

    resource "aws_security_group" "demo_sg" {
      name = "demo_sg"
      description = "pet2cattle demo SG with dynamic blocks"
      vpc_id = aws_vpc.main.id
      ingress {
        from_port        = 443
        to_port          = 443
        protocol         = "tcp"
        cidr_blocks      = [aws_vpc.main.cidr_block]
      egress {
        from_port        = 0
        to_port          = 0
        protocol         = "-1"
        cidr_blocks      = [""]



From pet to cattle
Treat your kubernetes clusters like cattle, not pets