• Loading a CSV file into terraform

    2 min read

    terraform csvdecode function csv

    Sometimes if you have some externally managed data it can come handy to be able to import it into terraform as a CSV file instead of having to manually enter all the date. To do so we can use the csvdecode() function


  • terraform: Using for_each over tuples

    2 min read

    terraform for_each tuple

    Let's imagine we have the following data structure:

    locals {
      queries = [
          query  = "SELECT version()"
          engine = "postgresql"
          query  = "SELECT * FROM v$version"
          engine = "oracle"

    If we want to use just some of the items on a resource we can use for_each through the resulting array of filtering the objects using a for:

    for_each = [ for item in local.queries: item if item.engine == "postgresql" ]


  • terraform: create an array of resources using for_each

    3 min read

    terraform for_each

    If we need to create multiple resources of the same kind based on a set of objects, we can use the for_each keyword for creating them.


  • terraform: Using dynamic blocks to conditionally set a block on a resource

    2 min read

    terraform dynamic blocks optional

    In the same way we can conditionally include a resource, we can also use for_each to conditionally include a nested block using terraform's dynamic blocks

    For example, if we want to add a variable that controls whether we should set this value:

    resource "helm_release" "spinnaker" {
      name  = "spinnaker"
      set {
        name = "halyard.additionalScripts.data.enable_mptv2"
        type = "string"
        value = <<-EOF
          cat $0
          echo "custom mptv2"
          $HAL_COMMAND config features edit --managed-pipeline-templates-v2-ui true


  • Terraform dynamic blocks

    3 min read

    terraform dynamic blocks

    When we have a resource that can have multiple nested blocks to be configured we can use dynamic blocks to configure it dynamically. A perfect example is a SecurityGroup that can have multiple ingress and egress rules to be able to allow traffic. Let's use the following aws_security_group resource definition as a starting point:

    resource "aws_security_group" "demo_sg" {
      name = "demo_sg"
      description = "pet2cattle demo SG with dynamic blocks"
      vpc_id = aws_vpc.main.id
      ingress {
        from_port        = 443
        to_port          = 443
        protocol         = "tcp"
        cidr_blocks      = [aws_vpc.main.cidr_block]
      egress {
        from_port        = 0
        to_port          = 0
        protocol         = "-1"
        cidr_blocks      = [""]



From pet to cattle
Treat your kubernetes clusters like cattle, not pets