Terraform Variables, Locals & Outputs Explained

When you first start with Terraform, three building blocks appear in almost every project: variables, locals, and outputs.

They may look simple, but understanding them deeply is what makes your configurations reusable, clean, and production-ready. Let’s go step by step.

---

1. Input Variables — Making Your Code Flexible

Imagine writing the same Terraform code for dev, staging, and prod. Hardcoding values like regions or instance sizes would make that painful.

That’s where variables come in: they allow your configuration to accept input values.

Declaring a Variable

variable "region" {
  type    = string
  default = "ap-south-1"
}

Now you can use var.region anywhere in your config.

Providing Values

Terraform lets you supply variables in different ways:

• Defaults: if no value is given, Terraform uses the default.

• Files: keep terraform.tfvars or dev.tfvars, prod.tfvars.

• Environment variables: export TF_VAR_region=us-east-1.

• Command line: terraform apply -var "region=us-east-1".

👉 This makes the same code usable across environments with zero duplication.

Validating Inputs

You don’t want someone to pass an invalid value and break the infra. Terraform supports simple validation:

variable "env" {
  type    = string
  validation {
    condition     = contains(["dev", "staging", "prod"], var.env)
    error_message = "Environment must be dev, staging, or prod."
  }
}

This catches mistakes early, before Terraform even touches AWS.

---

2. Locals — Reusable Computed Values

Locals are not inputs. Instead, they help you calculate values once and reuse them everywhere.

Example:

locals {
  app_name = "myapp-${var.env}"
  tags     = { Project = "myapp", Env = var.env }
}

Why use locals?

• To keep naming consistent (no repeating "myapp-${var.env}" everywhere).

• To centralize logic (update in one place, reflect everywhere).

• To combine variables and simplify your main resource blocks.

👉 Think of locals as shortcuts that keep your Terraform clean.

---

3. Outputs — Sharing Useful Results

After terraform apply, Terraform can show you important values through outputs.

Example:

output "bucket_name" {
  value = aws_s3_bucket.app.bucket
}

Why outputs matter:

• They let you quickly see key values (like IPs or URLs).

• They allow modules to pass data to other modules.

• They integrate well with automation (e.g., terraform output -json in CI/CD).

You can also mark them sensitive:

output "db_password" {
  value     = random_password.db.result
  sensitive = true
}

Sensitive outputs are hidden in the CLI but still usable programmatically.

---

How They Work Together

A real Terraform project usually combines all three:

1. Variables define what can change (e.g., environment, instance type).

2. Locals compute reusable values (e.g., naming, tags).

3. Resources use var.* and local.*.

4. Outputs publish the important results (e.g., bucket name, server IP).

Example flow:

variable "env" { default = "dev" }

locals {
  bucket_name = "app-${var.env}"
}

resource "aws_s3_bucket" "this" {
  bucket = local.bucket_name
}

output "bucket" {
  value = aws_s3_bucket.this.bucket
}

---

Best Practices

• Keep all variable declarations in variables.tf.

• Use .tfvars files for environment-specific values (and don’t commit secrets).

• Store computed logic in locals.tf to avoid duplication.

• Export only useful values via outputs.tf.

• Mark secrets as sensitive.

• Always validate critical variables to prevent human errors.

---

Wrap-Up

• Variables make Terraform flexible.

• Locals keep your code clean.

• Outputs make results visible and reusable.

Mastering these three gives you a solid foundation for writing Terraform code that’s both production-ready and easy to maintain.

---

🚀 Follow My Journey

I’m sharing my Terraform learning journey every day by building projects and writing blogs.

• 📂 GitHub Repository: Terraform Learning Journey

• 🐦 X (Twitter): My-Profile

Stay tuned for more daily DevOps + Terraform content!

---