Terraform uses a data block to look up existing resources in the cloud, then extracts their details to use in your configuration.
Execution Sample
Terraform
data "aws_vpc""selected" {
filter {
name = "tag:Name"
values = ["main-vpc"]
}
}
output "vpc_id" {
value = data.aws_vpc.selected.id
}
This code queries an existing AWS VPC by its tag name and outputs its ID.
Process Table
Step
Action
Terraform State
Result
1
Start Terraform plan
State file loaded
Ready to query data
2
Read data block aws_vpc.selected
Look up VPC with tag Name=main-vpc
Finds VPC with ID vpc-123abc
3
Extract attribute id
VPC data loaded
id = vpc-123abc
4
Prepare output vpc_id
Output references data.aws_vpc.selected.id
Output value set to vpc-123abc
5
Show plan or apply
Outputs ready
vpc_id = vpc-123abc
6
End
No changes to infrastructure
Execution complete
💡 Terraform finishes after reading existing resource and preparing output; no infrastructure changes made.
Status Tracker
Variable
Start
After Step 2
After Step 3
Final
data.aws_vpc.selected.id
undefined
vpc-123abc
vpc-123abc
vpc-123abc
output.vpc_id.value
undefined
undefined
vpc-123abc
vpc-123abc
Key Moments - 3 Insights
Why does Terraform not create a new VPC when using a data block?
Because data blocks only read existing resources from the cloud or state; they do not create or modify resources. See execution_table step 2 and 6.
How does Terraform find the correct existing resource?
Terraform uses filters inside the data block to match resource attributes, like tags. In the example, it filters by tag Name=main-vpc (execution_table step 2).
Can you use the data block output in other resources?
Yes, the attributes extracted by the data block can be referenced elsewhere in your config to connect resources. This is shown by output referencing data.aws_vpc.selected.id (execution_table step 4).
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table at step 2, what does Terraform do?
ACreates a new VPC with tag main-vpc
BLooks up an existing VPC with tag main-vpc
CDeletes the VPC with tag main-vpc
DOutputs the VPC ID without lookup
💡 Hint
Refer to execution_table row 2 under Action and Result columns.
At which step does Terraform set the output value to the VPC ID?
AStep 4
BStep 3
CStep 1
DStep 6
💡 Hint
Check execution_table row 4 under Result column.
If the filter in the data block does not match any VPC, what happens?
ATerraform creates a new VPC automatically
BTerraform skips the data block silently
CTerraform errors out during plan
DTerraform outputs a null value
💡 Hint
Data blocks require existing resources; no match causes an error during plan.
Concept Snapshot
Terraform data blocks let you query existing cloud resources.
Use filters to find the resource you want.
Extract attributes like IDs to use elsewhere.
Data blocks do not create or change resources.
Outputs can show queried data.
Errors occur if no matching resource is found.
Full Transcript
Terraform uses data blocks to query existing resources in your cloud environment. You define a data block with filters to find the resource you want, such as a VPC with a specific tag. Terraform reads the current state and cloud to find this resource and extracts its attributes. These attributes can then be used in outputs or other resources. Data blocks do not create or modify resources; they only read existing ones. If no resource matches the filters, Terraform will error during planning. This process helps you connect new infrastructure to existing components safely.