0
0
Terraformcloud~20 mins

Connection blocks for SSH in Terraform - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
SSH Connection Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
Configuration
intermediate
2:00remaining
Identify the correct SSH connection block for Terraform
Which connection block will successfully configure SSH access to a Linux VM with user 'admin' and private key at '~/.ssh/id_rsa'?
A
connection {
  type        = "ssh"
  user        = "admin"
  private_key = file("~/.ssh/id_rsa.pub")
  host        = self.public_ip
}
B
}
pi_cilbup.fles =        tsoh  
)"asr_di/hss./~"(elif = yek_etavirp  
"nimda" =        resu  
"hss" =        epyt  
{ noitcennoc
C
connection {
  type        = "ssh"
  user        = "admin"
  private_key = "~/.ssh/id_rsa"
  host        = self.public_ip
}
D
connection {
  type        = "ssh"
  user        = "admin"
  private_key = file("~/.ssh/id_rsa")
  host        = self.public_ip
}
Attempts:
2 left
💡 Hint
The private_key must be loaded as file content, not as a path string or public key.
service_behavior
intermediate
1:30remaining
Effect of missing SSH connection block in Terraform provisioner
What happens if you run a Terraform provisioner that requires SSH but omit the connection block entirely?
ATerraform will fail with an error indicating no connection details were provided.
BTerraform will skip the provisioner and continue applying other resources.
CTerraform will use default SSH credentials from the local machine automatically.
DTerraform will connect using HTTP instead of SSH.
Attempts:
2 left
💡 Hint
Terraform needs explicit connection info to connect via SSH.
Architecture
advanced
2:30remaining
Choosing the best SSH connection method for a private subnet VM
You have a VM in a private subnet without a public IP. Which connection block setup allows Terraform to SSH into this VM securely?
AUse 'type = "winrm"' instead of SSH in the connection block.
BSet 'host' to the private IP and omit any proxy settings.
CUse a bastion host with 'proxy_command' in the connection block to tunnel SSH through it.
DAssign a public IP to the VM and connect directly.
Attempts:
2 left
💡 Hint
Private subnet VMs need a jump host or proxy to access via SSH.
security
advanced
2:00remaining
Security best practice for SSH private keys in Terraform connection blocks
Which practice improves security when specifying SSH private keys in Terraform connection blocks?
AHardcode the private key path directly in the connection block for simplicity.
BUse environment variables or Terraform variables to inject private key content instead of hardcoding paths.
CUse the public key file in the private_key field to avoid exposing private keys.
DStore private keys in the Terraform state file for easy access.
Attempts:
2 left
💡 Hint
Avoid hardcoding sensitive data directly in code.
🧠 Conceptual
expert
3:00remaining
Understanding SSH connection block behavior with dynamic host IP changes
If a Terraform-managed VM's public IP changes after initial deployment, what happens to the SSH connection block referencing 'self.public_ip' during subsequent apply runs?
ATerraform uses the updated public IP automatically because 'self.public_ip' reflects current state.
BTerraform continues using the old IP cached from the first apply, causing connection failures.
CTerraform prompts the user to manually update the IP in the connection block.
DTerraform disables SSH provisioners until the IP is manually refreshed.
Attempts:
2 left
💡 Hint
Terraform references resource attributes dynamically during each apply.