Complete the code to define a resource that creates an AWS S3 bucket.
resource "aws_s3_bucket" "my_bucket" { bucket = "[1]" acl = "private" }
The bucket attribute requires the unique name of the S3 bucket to create at creation-time.
Complete the code to add a lifecycle rule that prevents deletion of the S3 bucket during destruction-time.
resource "aws_s3_bucket" "my_bucket" { bucket = "my-unique-bucket-123" acl = "private" lifecycle { [1] = true } }
The prevent_destroy lifecycle argument tells Terraform to block destruction of the resource, protecting it during destruction-time.
Fix the error in the code that tries to reference a resource attribute at destruction-time, which is not allowed.
output "bucket_name" { value = aws_s3_bucket.my_bucket.[1] }
The bucket attribute is the bucket name known at creation-time and can be safely referenced. Other attributes like id or arn may not be available during destruction-time.
Fill both blanks to create a resource with a creation-time computed attribute and a destruction-time lifecycle rule.
resource "aws_instance" "example" { ami = "ami-12345678" instance_type = "t2.micro" [1] = true lifecycle { [2] = true } }
disable_api_termination is a creation-time attribute that prevents instance termination via API. prevent_destroy is a lifecycle rule that prevents Terraform from destroying the resource.
Fill all three blanks to define an output that depends on a creation-time attribute, uses a destruction-time lifecycle ignore change, and references the correct attribute.
resource "aws_security_group" "sg" { name = "example-sg" description = "Example security group" lifecycle { [1] = ["ingress"] } } output "sg_id" { value = aws_security_group.sg.[2] description = "Security group ID" depends_on = [aws_security_group.sg] [3] = true }
ignore_changes lifecycle argument tells Terraform to ignore changes to ingress rules during destruction-time. The output references the id attribute, which is known at creation-time. The output is marked sensitive to hide its value in logs.