Interview Infrastructure as Code (Terraform, Ansible)

What is the when clause, and how do you write conditional tasks?

Infrastructure as Code (Terraform, Ansible) · Advanced level

Answer

The when clause makes a task conditional. It evaluates a Jinja2 expression without wrapping the entire expression in {{ }}. I use when for OS-specific tasks, feature flags, registered results, and rollout conditions.

Technical explanation

when expressions should be readable and based on clear variables or facts.

Use boolean variables instead of complex string comparisons where possible.

Combine conditions with and, or, in, is defined, and filters.

Prefer idempotent modules over shell so repeated runs are safe and change reporting is meaningful.

Separate reusable role logic from inventory-specific variables so the same automation works across environments.

Run lint, syntax checks, check mode where useful, and staged rollouts before production-wide changes.

Hands-on example

1. Use register, when, and loop for: What is the when clause, and how do you write conditional tasks?

2. Example:

- name: Check app health

ansible.builtin.uri:

url: http://localhost:8080/health

status_code: 200

register: health

failed_when: false

- name: Restart app only when health check failed

ansible.builtin.service:

name: app

state: restarted

when: health.status | default(0) != 200

- name: Install required packages

ansible.builtin.package:

name: "{{ item }}"

state: present

loop:

- nginx

- curl

- jq

3. Run once with the service healthy and once after stopping it; confirm the conditional task changes behavior based on the registered result.

4. Use loop_control.label when iterating over dictionaries to keep output readable.

Preparing for an interview?

Check how well your resume matches the role with our free resume checker— match score, ATS check, and the skills you're missing.

More Infrastructure as Code (Terraform, Ansible) interview questions

← All Infrastructure as Code (Terraform, Ansible) questions