0
0
Terraformcloud~20 mins

Resource arguments and attributes in Terraform - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Resource Arguments and Attributes Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
Understanding resource attribute references

Given the Terraform resource below, what is the correct way to reference the id attribute of the aws_instance resource named web in another resource?

resource "aws_instance" "web" {
  ami           = "ami-123456"
  instance_type = "t2.micro"
}
Aaws_instance.web[0].id
Baws_instance["web"].id
Caws_instance.id.web
Daws_instance.web.id
Attempts:
2 left
💡 Hint

Think about how Terraform references resource attributes using dot notation.

Configuration
intermediate
2:00remaining
Correctly setting resource arguments for an AWS S3 bucket

Which option correctly defines an AWS S3 bucket resource with versioning enabled in Terraform?

A
resource "aws_s3_bucket" "mybucket" {
  bucket = "my-unique-bucket"
  versioning {
    status = "Enabled"
  }
}
B
resource "aws_s3_bucket" "mybucket" {
  bucket = "my-unique-bucket"
  versioning = true
}
C
resource "aws_s3_bucket" "mybucket" {
  bucket = "my-unique-bucket"
  versioning {
    enabled = true
  }
}
D
resource "aws_s3_bucket" "mybucket" {
  bucket = "my-unique-bucket"
  versioning_enabled = true
}
Attempts:
2 left
💡 Hint

Versioning is a nested block with an enabled argument set to true.

Architecture
advanced
3:00remaining
Choosing resource arguments for a secure AWS EC2 instance

You want to create an AWS EC2 instance that only allows SSH access from your office IP. Which resource argument configuration correctly achieves this?

A
resource "aws_security_group" "ssh_access" {
  name        = "ssh_access"
  description = "Allow SSH from office"
  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["203.0.113.0/24"]
  }
}

resource "aws_instance" "web" {
  ami           = "ami-123456"
  instance_type = "t2.micro"
  vpc_security_group_ids = [aws_security_group.ssh_access.id]
}
B
resource "aws_instance" "web" {
  ami           = "ami-123456"
  instance_type = "t2.micro"
  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["203.0.113.0/24"]
  }
}
C
resource "aws_security_group" "ssh_access" {
  name        = "ssh_access"
  description = "Allow SSH from office"
  egress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["203.0.113.0/24"]
  }
}

resource "aws_instance" "web" {
  ami           = "ami-123456"
  instance_type = "t2.micro"
  security_groups = [aws_security_group.ssh_access.name]
}
D
resource "aws_security_group" "ssh_access" {
  name        = "ssh_access"
  description = "Allow SSH from office"
  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["203.0.113.0/24"]
  }
}

resource "aws_instance" "web" {
  ami           = "ami-123456"
  instance_type = "t2.micro"
  vpc_security_group_ids = [aws_security_group.ssh_access.id]
}
Attempts:
2 left
💡 Hint

Security groups control network access. SSH uses port 22 and ingress rules allow incoming traffic.

service_behavior
advanced
2:00remaining
Effect of changing resource arguments on infrastructure state

If you change the instance_type argument of an existing aws_instance resource in Terraform and apply the changes, what will happen?

ATerraform will update the instance in place without replacement.
BTerraform will destroy the existing instance and create a new one with the new type.
CTerraform will ignore the change and keep the old instance type.
DTerraform will throw a syntax error and stop.
Attempts:
2 left
💡 Hint

Consider how Terraform handles changes to immutable resource arguments.

security
expert
3:00remaining
Identifying the security risk in resource argument configuration

Review the following Terraform resource configuration for an AWS RDS instance. Which option correctly identifies the security risk present?

resource "aws_db_instance" "example" {
  allocated_storage    = 20
  engine               = "mysql"
  engine_version       = "8.0"
  instance_class       = "db.t3.micro"
  name                 = "mydb"
  username             = "admin"
  password             = "password123"
  parameter_group_name = "default.mysql8.0"
  skip_final_snapshot  = true
}
AThe password is hardcoded in the configuration, risking exposure in version control.
BThe instance_class is too small for production workloads, causing performance issues.
CThe skip_final_snapshot set to true will cause data loss on deletion.
DThe engine_version is outdated and unsupported.
Attempts:
2 left
💡 Hint

Think about sensitive data handling best practices in Terraform.