More examples with terraform for and for_each loops

Loops in terraform is not something new. There is a bunch of articles with examples in the internet. However I had a number of cases when I could not find the example of my particular case so “d like to add my own article with my own examples.

Loop over list.

Let’s sasy we have a list and want to build the dynamic block for some resources using the list of values. Hoever for_each is applicable to the map or set only. If you are going to ship the list to foreach, than terraform will fail with the following error

is a tuple with X elements

Convert your list tolist() to fix it. Here is an example where I build the dynamic block of rules in gcp firewall using the list of protocols:

locals {
    protocols = tolist(["tcp","udp"])
}

resource "google_compute_firewall" "foo" {
  name      = "example"
  network   = "default"
  dynamic "allow" {
    for_each = local.protocols
    content {
      protocol = allow.value
    }
  }
  source_ranges = "0.0.0.0/0"
}

Here is another example with ports

locals {
    ports = tolist(["22","80","443"])
}

resource "google_compute_firewall" "foo" {
  name      = "example"
  network   = "default"

  allow {
    protocol = var.gcp_firewall_protocol
    ports    = [for port in local.ports : port.value]
  }

  source_ranges = "0.0.0.0/0"
}

More complicated example. Here I loop over the map of string values and build dynamic block:

locals {
  firewall_rules = {
    ssh = {
      port = "22",
      protocol = "tcp"
    },
    http = {
      port = "80",
      protocol = "tcp"
    },
    https = {
      port = "443",
      protocol = "tcp"
    },
    dns = {
      port = "53",
      protocol = "udp"
    }
  }
}

resource "google_compute_firewall" "foo" {
  name      = "example"
  network   = "default"

  dynamic "allow" {
    for_each = local.firewall_rules
    content {
      protocol = allow.value.protocol
      ports    = [allow.value.port]
    }
  }

  source_ranges = ["0.0.0.0/0"]
}

And even more complicated example. Here I loop over the map of strings and lists and build the dinamic block:

locals {
  firewall_rules = {
    tcp = {
      ports = ["22", "80", "443"]
      protocol = "tcp"
    },
    udp = {
      ports = ["53"],
      protocol = "udp"
    }
  }
}

resource "google_compute_firewall" "foo" {
  name      = "example"
  network   = "default"

  dynamic "allow" {
    for_each = local.firewall_rules
    content {
      protocol = allow.value.protocol
      ports    = [for port in allow.value.ports : port]
    }
  }

  source_ranges = ["0.0.0.0/0"]
}

Create list from map indexes

locals {
  test_map = {
    "key1" = {
      "var1" = "val1"
    },
    "key2" = {
      "var2" = "val2"
    },
    "key3" = {
      "var3" = "val3"
    }
  }

  test_map_keys = [for k, v in local.test_map : k]
}

output "test_map_keys" {
  value = local.test_map_keys
}

Output instance ids

Let’s say you created the list of instances with for_each loop

resource "aws_instance" "ec2" {
  for_each      = local.map_of_instances
  ....
}

Possible output options are the following:

key=>value map

output instance_ids {
  value = { for key, value in aws_instance.ec2 : key => value.id }
}

list of IDs

output instance_ids {
  value =  [ for instance in aws_instance.ec2 : instance.id ]
}

External links:

Twitter Facebook LinkedIn

More examples with terraform for and for_each loops

Loop over list.

Create list from map indexes

Output instance ids

key=>value map

list of IDs

You May Also Enjoy

Using git-crypt to encrypt sensitive data in your git repository

GIT cheatsheet

List items should be accessed using square brackets

Use gitlab to store terraform state file