Process Flow - Dynamic block syntax

Start Terraform config

↓

Identify dynamic block

↓

Iterate over collection

↓

For each item: generate nested block

↓

Merge generated blocks into resource

↓

Apply Terraform plan

↓

Resource created with dynamic nested blocks

↓

End

Terraform reads the dynamic block, loops over the given collection, creates nested blocks for each item, and applies the configuration.

Execution Sample

Terraform

resource "aws_security_group" "example" {
  name = "example"

  dynamic "ingress" {
    for_each = var.ingress_rules
    content {
      from_port   = ingress.value.from_port
      to_port     = ingress.value.to_port
      protocol    = ingress.value.protocol
      cidr_blocks = ingress.value.cidr_blocks
    }
  }
}

This code dynamically creates multiple ingress rules inside an AWS security group based on the list variable 'ingress_rules'.

Process Table

Step	Action	Input/Condition	Result	Notes
1	Start processing resource	aws_security_group example	Ready to process blocks	Initial resource parsing
2	Identify dynamic block	dynamic "ingress"	Prepare to iterate over var.ingress_rules	Dynamic block found
3	Evaluate for_each	var.ingress_rules = [{from_port=80,...}, {from_port=443,...}]	2 items to iterate	Two ingress rules
4	Iterate item 1	ingress.value = {from_port=80, to_port=80, protocol="tcp", cidr_blocks=["0.0.0.0/0"]}	Generate ingress block #1	First ingress rule created
5	Iterate item 2	ingress.value = {from_port=443, to_port=443, protocol="tcp", cidr_blocks=["0.0.0.0/0"]}	Generate ingress block #2	Second ingress rule created
6	Merge blocks	All generated ingress blocks	Resource has 2 ingress blocks	Dynamic blocks merged
7	Apply Terraform plan	Resource with dynamic ingress blocks	Security group created with 2 ingress rules	Infrastructure updated
8	End	All steps complete	Terraform apply finished	Execution complete

💡 All items in var.ingress_rules processed, dynamic blocks generated and applied.

Status Tracker

Variable	Start	After 1	After 2	Final
var.ingress_rules	[{from_port=80,...}, {from_port=443,...}]	Same	Same	Same
ingress.value	N/A	{from_port=80, to_port=80, protocol="tcp", cidr_blocks=["0.0.0.0/0"]}	{from_port=443, to_port=443, protocol="tcp", cidr_blocks=["0.0.0.0/0"]}	N/A

Key Moments - 3 Insights

Why does Terraform create multiple ingress blocks from one dynamic block?

What happens if var.ingress_rules is empty?

Can the content block inside dynamic use the loop variable?

Visual Quiz - 3 Questions

Test your understanding

Look at the execution_table at step 3. How many items does var.ingress_rules contain?

A2

B1

C3

D0

Concept Snapshot

Dynamic block syntax in Terraform:
- Use dynamic "block_name" to create nested blocks dynamically.
- for_each loops over a collection to generate multiple blocks.
- content block defines the nested block structure using loop variable.
- Useful for variable-length nested configurations.
- If collection is empty, no nested blocks are created.

Full Transcript

This visual execution traces Terraform's dynamic block syntax. Terraform starts parsing the resource and finds a dynamic block named ingress. It evaluates the for_each expression, which is a list of ingress rules. For each item in the list, Terraform generates one nested ingress block using the content block, substituting values from the current item. After processing all items, Terraform merges the generated blocks into the resource and applies the plan, creating the security group with multiple ingress rules. Variables like var.ingress_rules remain constant, while ingress.value changes per iteration. Key points include how dynamic blocks loop over collections to create multiple nested blocks, and that empty collections produce no nested blocks. The execution table shows each step clearly, helping beginners understand the flow and state changes.