👀 Views: 350 💬 Answers: 1 📅 Created: 2025-08-06

terraform aws security-group HCL

I've encountered a strange issue with I keep running into I'm having trouble with I've been struggling with this for a few days now and could really use some help..... I'm experiencing issues with conditional logic in my Terraform configuration for AWS Security Groups. I want to dynamically add rules based on an environment variable, but the rules aren't being applied as expected. Here’s the relevant snippet of my Terraform code: ```hcl variable "environment" { description = "Environment variable" type = string } resource "aws_security_group" "my_sg" { name = "my_sg" description = "My Security Group" dynamic "ingress" { for_each = var.environment == "production" ? [1] : [] content { from_port = 443 to_port = 443 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } } dynamic "egress" { for_each = var.environment == "production" ? [1] : [] content { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } } } ``` When I apply this configuration with `terraform apply -var='environment=development'`, I expect no ingress or egress rules to be added, but the output still shows them being created as if the conditions are ignored. I've also tried using `terraform plan` to verify the changes, and it shows the rules being added regardless of the environment variable. I’ve confirmed that the variable is properly set, and I can see it reflected in the Terraform output. Additionally, I verified that I'm using Terraform version 1.4.1. Is there something I’m missing with the dynamic blocks or variable evaluation? Any help would be greatly appreciated! Is there a better approach? This is my first time working with Hcl stable. Is there a better approach?