Skip to main content
HashnodeSimi Cloud and DevOps

Command Palette

Search for a command to run...

Mastering Terraform Conditionals for Dynamic Infrastructure

Updated
2 min read
Mastering Terraform Conditionals for Dynamic Infrastructure
M
Mwanza Simi
Part of series30 Day Terraform Challenge

Day 11: Terraform Conditionals

Why Terraform Conditionals Are Useful

Conditionals in Terraform (count, for_each, and if expressions) provide several advantages:

  • Reduce code duplication by reusing modules across environments

  • Optimize costs by deploying only necessary resources per environment

  • Improve security by applying stricter controls in production

  • Simplify maintenance with a single, dynamic codebase

Implementing Dynamic Infrastructure with Conditionals

1. Environment-Specific Resource Deployment

Rather than maintaining separate configurations for dev, staging, and production, I refactored the code to adjust resources dynamically:

resource "aws_instance" "web_server" {
  count = var.environment == "production" ? 3 : 1  // Scale in prod
  instance_type = var.environment == "dev" ? "t3.micro" : "t3.large"

  // Additional EBS volumes only in staging & prod
  dynamic "ebs_block_device" {
    for_each = var.environment != "dev" ? [1] : []
    content {
      device_name = "/dev/sdh"
      volume_size = 50
    }
  }
}

2. Security Controls Based on Environment

Security requirements differ by environment. Using conditionals, stricter rules were enforced in production:

resource "aws_security_group_rule" "ssh_access" {
  type        = "ingress"
  from_port   = 22
  to_port     = 22
  protocol    = "tcp"
  cidr_blocks = var.environment == "production" ? ["10.0.0.0/16"] : ["0.0.0.0/0"]
}

3. Performance and Reliability Adjustments

  • Enhanced monitoring (only in production)

  • Backup plans (exclusive to production)

  • Different root volume sizes (larger disks in production)

resource "aws_cloudwatch_metric_alarm" "high_cpu" {
  count = var.environment == "production" ? 1 : 0
  // ...alarm configuration...
}

Key Improvements

  • Reduced Code Duplication – A single Terraform module manages all environments.

  • Cost Efficiency – Development environments use smaller instances.

  • Stronger Security – Production has restricted network access.

  • Easier Maintenance – New environments can be added without rewriting code.

Lessons Learned

  • Use locals for complex logic – Keeps the main configuration clean.

  • Combine with for_each for dynamic resource creation – More flexible than count.

  • Document conditionals clearly – Helps team members understand environment-specific behaviors.

  • Test thoroughly – Conditionals can introduce unexpected behavior if not validated.

Conclusion

Terraform conditionals significantly improve multi-environment infrastructure management. By using them effectively, teams can create flexible, cost-efficient, and secure deployments without maintaining duplicate code.

If you're still managing environments with separate Terraform files, conditionals can streamline your workflow.

Additional Resources

#aws#terraform

30 Day Terraform Challenge

Part 6 of 16

30 Day Terraform Challenge with AWS ML/AI User Group Kenya

Up next

How Loops and Conditionals Simplify Infrastructure as Code with Terraform

Day 10: Mastering Terraform Loops and Conditionals Introduction Welcome to Day 10 of our Terraform learning journey. Today, we dive into loops and conditionals, two powerful features that make Terraform configurations more dynamic and scalable. By le...

More from this blog

Simi Cloud and DevOps

20 posts