Challenge - 5 Problems

🎖️

Iterator Variable Mastery

Get all challenges correct to earn this badge!

Test your skills under time pressure!

❓ Configuration

intermediate

2:00remaining

Terraform for_each with iterator variable

Given the following Terraform resource using for_each with an iterator variable, what will be the value of the tags attribute for the resource named server2?

Terraform

variable "servers" {
  default = {
    server1 = "10.0.0.1"
    server2 = "10.0.0.2"
    server3 = "10.0.0.3"
  }
}

resource "aws_instance" "example" {
  for_each = var.servers

  ami           = "ami-123456"
  instance_type = "t2.micro"

  tags = {
    Name = each.key
    IP   = each.value
  }
}

A{"Name" = "server2", "IP" = "10.0.0.2"}

B{"Name" = "server3", "IP" = "10.0.0.3"}

C{"Name" = "server1", "IP" = "10.0.0.1"}

D{"Name" = "server2", "IP" = "10.0.0.3"}

Attempts:

2 left

❓ service_behavior

intermediate

2:00remaining

Effect of iterator variable in dynamic block

In Terraform, what will be the number of ingress rules created by the following security group resource?

Terraform

variable "ports" {
  default = [22, 80, 443]
}

resource "aws_security_group" "example" {
  name = "example-sg"

  dynamic "ingress" {
    for_each = var.ports
    content {
      from_port   = ingress.value
      to_port     = ingress.value
      protocol    = "tcp"
      cidr_blocks = ["0.0.0.0/0"]
    }
  }
}

CError: dynamic block requires a map, not a list

Attempts:

2 left

❓ Architecture

advanced

2:00remaining

Using iterator variable in module instantiation

You have a Terraform module that creates a virtual machine. You want to instantiate this module multiple times with different names and IPs using an iterator variable. Which of the following for_each expressions correctly uses the iterator variable to assign unique names and IPs inside the module?

Terraform

variable "vm_configs" {
  default = {
    vm1 = "192.168.1.10"
    vm2 = "192.168.1.11"
  }
}

module "vms" {
  source = "./vm_module"

  for_each = var.vm_configs

  name = ???
  ip   = ???
}

name = each
ip = each

name = each.value
ip = each.key

name = vm_configs.key
ip = vm_configs.value

name = each.key
ip = each.value

Attempts:

2 left

❓ security

advanced

2:00remaining

Iterator variable misuse causing security risk

Consider this Terraform snippet for creating multiple IAM users with policies. What is the security risk caused by incorrect use of the iterator variable?

Terraform

variable "users" {
  default = ["alice", "bob"]
}

resource "aws_iam_user" "users" {
  for_each = toset(var.users)
  name     = each.value
}

resource "aws_iam_policy_attachment" "attach" {
  for_each = toset(var.users)
  name       = "attach-${each.value}"
  users      = [aws_iam_user.users[each.key].name]
  policy_arn = "arn:aws:iam::aws:policy/ReadOnlyAccess"
}

AThe IAM users are created with duplicate names causing overwrite.

BThe policy attachment correctly references users by each.value, no risk present.

CThe policy attachment references aws_iam_user with each.key, which is invalid and causes a runtime error.

DThe policy ARN is incorrect, causing no policy to attach.

Attempts:

2 left

✅ Best Practice

expert

3:00remaining

Correct use of iterator variable in nested for_each

You want to create multiple AWS S3 buckets, each with multiple lifecycle rules. Which option correctly uses nested for_each with iterator variables to assign lifecycle rules to each bucket?

Terraform

variable "buckets" {
  default = {
    bucket1 = ["logs", "archive"]
    bucket2 = ["temp", "backup"]
  }
}

resource "aws_s3_bucket" "buckets" {
  for_each = var.buckets
  bucket   = each.key

  lifecycle_rule {
    for_each = ???
    id      = ???
    enabled = true
    prefix  = "${each.value}-"
    tags = {
      rule = each.key
    }
  }
}

for_each = each.key
id = each.value

for_each = toset(each.value)
id = each.value

for_each = toset(each.value)
id = each.key

for_each = each.value
id = each.key

Attempts:

2 left