Challenge - 5 Problems

🎖️

Dynamic Block Mastery

Get all challenges correct to earn this badge!

Test your skills under time pressure!

❓ Configuration

intermediate

2:00remaining

Understanding dynamic block output count

Given the following Terraform snippet using a dynamic block, how many ingress blocks will be created in the resulting resource?

Terraform

resource "aws_security_group" "example" {
  name = "example"

  dynamic "ingress" {
    for_each = ["80", "443"]
    content {
      from_port   = tonumber(ingress.value)
      to_port     = tonumber(ingress.value)
      protocol    = "tcp"
      cidr_blocks = ["0.0.0.0/0"]
    }
  }
}

Attempts:

2 left

❓ service_behavior

intermediate

2:00remaining

Effect of empty for_each in dynamic block

What happens when a dynamic block's for_each expression evaluates to an empty list in Terraform?

Terraform

resource "aws_security_group" "example" {
  name = "example"

  dynamic "egress" {
    for_each = []
    content {
      from_port   = 0
      to_port     = 0
      protocol    = "-1"
      cidr_blocks = ["0.0.0.0/0"]
    }
  }
}

ATerraform creates one egress block with default values.

BTerraform creates no egress blocks inside the resource.

CTerraform creates an egress block with null values.

DTerraform throws a syntax error due to empty for_each.

Attempts:

2 left

❓ Architecture

advanced

3:00remaining

Dynamic block usage for multiple nested blocks

You want to create an AWS security group with multiple ingress rules, each having multiple cidr_blocks. Which dynamic block structure correctly nests the cidr_blocks inside each ingress rule?

dynamic "ingress" {
  for_each = var.rules
  content {
    from_port = ingress.value.port
    to_port = ingress.value.port
    protocol = ingress.value.protocol
    cidr_blocks = ingress.value.cidr_blocks
  }
}

dynamic "ingress" {
  for_each = var.rules
  content {
    from_port = ingress.value.port
    to_port = ingress.value.port
    protocol = ingress.value.protocol
    dynamic "cidr_blocks" {
      for_each = ingress.value.cidr_blocks
      content {
        cidr_block = cidr_blocks.value
      }
    }
  }
}

dynamic "ingress" {
  for_each = var.rules
  content {
    from_port = ingress.value.port
    to_port = ingress.value.port
    protocol = ingress.value.protocol
    cidr_blocks = ingress.value.cidr_blocks[0]
  }
}

dynamic "ingress" {
  for_each = var.rules
  content {
    from_port = ingress.value.port
    to_port = ingress.value.port
    protocol = ingress.value.protocol
    cidr_blocks = [for c in ingress.value.cidr_blocks : c]
  }
}

Attempts:

2 left

❓ security

advanced

2:30remaining

Security risk of incorrect dynamic block usage

If a dynamic block for ingress rules in a security group mistakenly uses a static cidr_blocks value instead of iterating over a variable list, what is the likely security impact?

AThe security group will have no ingress rules, blocking all traffic.

BTerraform will fail to apply due to a syntax error in the dynamic block.

CThe security group will allow traffic from all IPs, creating a security risk.

DThe security group will allow traffic only from the static CIDR block, potentially blocking needed access.

Attempts:

2 left

✅ Best Practice

expert

3:00remaining

Optimizing dynamic blocks for maintainability

Which approach best improves maintainability when using dynamic blocks to create multiple similar nested blocks in Terraform?

AUse a single dynamic block with a well-structured variable map containing all nested block data.

BWrite multiple static blocks manually for each nested block to avoid complexity.

CUse nested dynamic blocks with hardcoded values inside each content block.

DAvoid dynamic blocks and use count with conditional expressions instead.

Attempts:

2 left