How to ignore a block in terraform

Question

I have a terraform code that is creating kubernetes cluster resource in Oracle cloud. I want to ignore endpoint_config block when the cluster is public and execute this block when the cluster is private. How can I achieve that

resource "oci_containerengine_cluster" "cluster" {
  count              = var.deploy_oke_cluster ? 1 : 0
  compartment_id     = var.compartment_id
  kubernetes_version = var.cluster_kubernetes_version
  name               = "oke-${var.environment}"
  vcn_id             = oci_core_virtual_network.base_vcn.id

  endpoint_config {
    is_public_ip_enabled = false
    subnet_id            = oci_core_subnet.snet-apiserver.id
  }
  options {
    add_ons {
      is_kubernetes_dashboard_enabled = true
      is_tiller_enabled               = false
    }

    kubernetes_network_config {
      pods_cidr     = var.pods_cidr
      services_cidr = var.services_cidr
    }
    service_lb_subnet_ids = [oci_core_subnet.snet-pub-lb.id]

  }
}

Answer 1

You can do this with dynamic blocks:

resource "oci_containerengine_cluster" "cluster" {
  count              = var.deploy_oke_cluster ? 1 : 0
  compartment_id     = var.compartment_id
  kubernetes_version = var.cluster_kubernetes_version
  name               = "oke-${var.environment}"
  vcn_id             = oci_core_virtual_network.base_vcn.id


  dynamic "endpoint_config" {

      for_each = var.is_public == true ? [1] : []    

      content {
        is_public_ip_enabled = false
        subnet_id            = oci_core_subnet.snet-apiserver.id
      }
  }


  options {
    add_ons {
      is_kubernetes_dashboard_enabled = true
      is_tiller_enabled               = false
    }

    kubernetes_network_config {
      pods_cidr     = var.pods_cidr
      services_cidr = var.services_cidr
    }
    service_lb_subnet_ids = [oci_core_subnet.snet-pub-lb.id]

  }
}