How to combine data sources and functions in Terraform | Brainboard Blog

How to combine data sources and functions in Terraform

Chafik Belhaoues
Chafik Belhaoues May 6, 2025
12 min read
Expert reviewed
How to combine data sources and functions in Terraform
How to combine data sources and functions in TerraformLearn how to combine Terraform data sources and functions to create dynamic, flexible infrastructure configurations that adapt to your environment's current stateHow toChafik Belhaoues2025-05-06T00:00:00.000Z12 minutesintermediateguidedevelopers, DevOps engineers, cloud architects

Is it possible?

When you’re working with Terraform to manage your infrastructure as code, you’ll often find yourself needing to retrieve information from existing resources and manipulate that data to create new configurations. This is where the powerful combination of data sources and functions comes into play. Whether you’re managing cloud infrastructure in North America, Europe, or Asia-Pacific regions, understanding how to effectively combine these Terraform features will significantly enhance your infrastructure automation capabilities.

Understanding data sources in Terraform

Data sources serve as read-only queries that fetch information about existing infrastructure components. Think of them as your reconnaissance team, gathering intelligence about resources that already exist in your environment. Unlike resources that Terraform manages and can modify, data sources simply observe and report back valuable information you can use elsewhere in your configuration.

For instance, when you need to reference an existing VPC in AWS or a resource group in Azure, data sources become your best friend. They allow you to dynamically fetch attributes like IDs, names, or configuration details without hardcoding values that might change between environments or regions.

Here’s a simple example of an AWS data source that retrieves information about an existing AMI:

data "aws_ami" "ubuntu" {
  most_recent = true
  owners      = ["099720109477"] # Canonical

  filter {
    name   = "name"
    values = ["ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*"]
  }
}

The power of Terraform functions

Functions in Terraform act as your data manipulation toolkit. They transform, combine, and process values to create exactly what your infrastructure needs. From simple string concatenation to complex data structure manipulations, functions provide the flexibility to handle various scenarios you’ll encounter in real-world deployments.

Terraform offers numerous built-in functions categorized into several types: string functions for text manipulation, collection functions for lists and maps, encoding functions for data format conversions, and many more. Each function serves a specific purpose, and when you combine them strategically, you can solve complex infrastructure challenges elegantly.

Consider this example where we use the format function to create a standardized naming convention:

locals {
  instance_name = format("%s-%s-%s", var.environment, var.application, var.region)
}

Combining data sources with functions for dynamic configurations

The real magic happens when you merge data sources with functions. This combination enables you to create highly dynamic and adaptable infrastructure configurations that respond to changes in your environment automatically. Let me walk you through some practical scenarios where this approach shines.

Scenario 1: Dynamic subnet selection

Imagine you need to deploy instances across multiple availability zones, selecting appropriate subnets based on specific criteria. Here’s how you can combine data sources and functions to achieve this:

data "aws_subnets" "available" {
  filter {
    name   = "vpc-id"
    values = [var.vpc_id]
  }

  tags = {
    Type = "private"
  }
}

resource "aws_instance" "web" {
  count = var.instance_count

  subnet_id = element(
    data.aws_subnets.available.ids,
    count.index
  )

  ami           = data.aws_ami.ubuntu.id
  instance_type = var.instance_type

  tags = {
    Name = format("web-server-%02d", count.index + 1)
  }
}

In this example, we’re using the element function to cycle through available subnets, ensuring our instances are distributed evenly across different network segments.

Scenario 2: Region-aware configurations

Different regions often require different configurations. You can use data sources to fetch region-specific information and functions to process it accordingly:

data "aws_region" "current" {}

locals {
  region_config = {
    us-east-1 = {
      instance_type = "t3.medium"
      volume_size   = 100
    }
    eu-west-1 = {
      instance_type = "t3.small"
      volume_size   = 50
    }
    ap-southeast-1 = {
      instance_type = "t3.micro"
      volume_size   = 30
    }
  }

  current_config = lookup(
    local.region_config,
    data.aws_region.current.name,
    {
      instance_type = "t3.nano"
      volume_size   = 20
    }
  )
}

Advanced techniques and best practices

As you become more comfortable with combining data sources and functions, you’ll discover advanced patterns that can significantly improve your Terraform configurations. Let me share some techniques I’ve found particularly useful in production environments.

Using multiple data sources with transformation functions

Sometimes you need to combine information from multiple data sources and transform the result. Here’s an example that demonstrates this pattern:

data "aws_vpc" "selected" {
  id = var.vpc_id
}

data "aws_availability_zones" "available" {
  state = "available"
}

locals {
  subnet_cidrs = [
    for az in data.aws_availability_zones.available.names :
    cidrsubnet(
      data.aws_vpc.selected.cidr_block,
      8,
      index(data.aws_availability_zones.available.names, az)
    )
  ]
}

This configuration automatically calculates subnet CIDR blocks based on the VPC’s CIDR and the number of availability zones in the region.

Error handling and validation

When combining data sources and functions, it’s crucial to implement proper error handling. The try function can help you gracefully handle potential errors:

locals {
  instance_profile = try(
    data.aws_iam_instance_profile.existing[0].name,
    aws_iam_instance_profile.new[0].name,
    "default-profile"
  )
}

Real-world implementation examples

Let me share a comprehensive example that demonstrates how these concepts work together in a production-ready configuration. This example creates a multi-tier application infrastructure with dynamic resource allocation:

# Fetch existing network information
data "aws_vpc" "main" {
  tags = {
    Environment = var.environment
  }
}

data "aws_subnets" "private" {
  filter {
    name   = "vpc-id"
    values = [data.aws_vpc.main.id]
  }

  tags = {
    Tier = "private"
  }
}

data "aws_subnets" "public" {
  filter {
    name   = "vpc-id"
    values = [data.aws_vpc.main.id]
  }

  tags = {
    Tier = "public"
  }
}

# Calculate resource distribution
locals {
  azs_count = length(distinct([
    for subnet_id in data.aws_subnets.private.ids :
    data.aws_subnet.selected[subnet_id].availability_zone
  ]))

  instances_per_az = ceil(var.total_instances / local.azs_count)

  instance_distribution = flatten([
    for idx, subnet_id in data.aws_subnets.private.ids : [
      for i in range(local.instances_per_az) : {
        subnet_id = subnet_id
        instance_name = format(
          "%s-%s-%02d",
          var.app_name,
          substr(data.aws_subnet.selected[subnet_id].availability_zone, -2, -1),
          i + 1
        )
      }
      if (idx * local.instances_per_az + i) < var.total_instances
    ]
  ])
}

# Fetch subnet details for each subnet
data "aws_subnet" "selected" {
  for_each = toset(data.aws_subnets.private.ids)
  id       = each.value
}

Troubleshooting common issues

When working with data sources and functions, you might encounter several challenges. Understanding these common pitfalls will help you debug issues more effectively.

One frequent issue occurs when data sources return empty results. Always validate that your filters are correct and that the resources you’re querying actually exist. You can use the terraform console command to test your data sources and functions interactively.

Another common problem involves type mismatches when passing data between sources and functions. Terraform’s type system is strict, so ensure you’re using appropriate type conversion functions like tostring, tonumber, or tolist when necessary.

Performance optimization tips

While combining data sources and functions provides flexibility, it’s important to consider performance implications. Each data source query adds time to your Terraform operations, especially when working across multiple geographic regions.

To optimize performance, consider caching frequently-used data source results in local values. Also, use targeted queries with specific filters rather than fetching all resources and filtering them locally. This approach is particularly important when working with large-scale infrastructure spanning multiple continents.

Conclusion

Mastering the combination of data sources and functions in Terraform opens up a world of possibilities for creating dynamic, maintainable, and scalable infrastructure configurations. By leveraging these features together, you can build infrastructure code that adapts to different environments, regions, and requirements without manual intervention. Remember that the key to success lies in understanding your specific use cases and applying these patterns thoughtfully. As you continue to work with Terraform, you’ll discover new ways to combine these powerful features to solve increasingly complex infrastructure challenges.

FAQs

What’s the difference between a data source and a resource in Terraform?

A resource in Terraform represents infrastructure that Terraform creates, manages, and can destroy, such as an EC2 instance or a database. A data source, on the other hand, is read-only and fetches information about existing infrastructure that Terraform doesn’t manage directly. Data sources are perfect for referencing pre-existing resources or gathering information about your current environment without modifying it.

Can I use functions inside data source blocks?

Yes, you can use functions within data source blocks, particularly in filter conditions and when setting argument values. For example, you can use the format function to construct filter values dynamically or use var functions to make your data sources configurable. However, remember that the data source must be able to resolve all values during the planning phase.

How do I handle situations where a data source might not return any results?

You should implement defensive coding practices using functions like try or conditional expressions. Additionally, you can use the count or for_each meta-arguments with conditional logic to handle cases where data sources might return empty results. Always validate your assumptions about data availability and provide sensible defaults where appropriate.

What are the performance implications of using many data sources?

Each data source query makes an API call to your provider, which can slow down Terraform operations, especially during planning. To optimize performance, minimize redundant data source calls, use specific filters to reduce the amount of data returned, and consider using local values to cache results that are used multiple times within your configuration.

Can I combine data from multiple providers using functions?

Absolutely! You can fetch data from different providers and combine them using Terraform functions. For example, you might retrieve DNS records from a DNS provider and use that information to configure resources in your cloud provider. Just ensure that you’ve properly configured all required providers and that you handle any potential dependencies between them correctly.

Chafik Belhaoues

Chafik Belhaoues

Cloud Architect and Former SRE
LinkedIn

Chafik has more than 20 years of experience in the IT industry, including 12 years as a Senior Site Reliability Engineer (SRE) and 8 years as a Cloud Architect. He is the founder of Brainboard, focusing on cloud infrastructure and DevOps automation.

Back to Blog