0
0
Terraformcloud~20 mins

Lifecycle customization in Terraform - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Lifecycle Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
Configuration
intermediate
2:00remaining
Effect of lifecycle ignore_changes on resource updates
Given the following Terraform resource configuration, what will happen if the tags attribute is changed outside Terraform and then Terraform applies a change to instance_type?

resource "aws_instance" "example" {
  ami           = "ami-123456"
  instance_type = "t2.micro"
  tags = {
    Environment = "dev"
  }

  lifecycle {
    ignore_changes = [tags]
  }
}
ATerraform will update the instance_type but will NOT revert the external changes to tags.
BTerraform will update the instance_type and revert the tags to the declared values.
CTerraform will ignore all changes and not update instance_type or tags.
DTerraform will fail to apply changes due to conflict in tags.
Attempts:
2 left
💡 Hint
Consider what ignore_changes does to attributes changed outside Terraform.
Architecture
intermediate
2:00remaining
Using lifecycle prevent_destroy to protect critical resources
You have a Terraform-managed database instance that must never be destroyed accidentally. Which lifecycle configuration ensures Terraform will refuse to destroy this resource even if you run terraform destroy or remove it from the configuration?
Alifecycle { create_before_destroy = true }
Blifecycle { ignore_changes = [all] }
Clifecycle { prevent_destroy = true }
Dlifecycle { replace_triggered_by = ["aws_security_group.db"] }
Attempts:
2 left
💡 Hint
Which lifecycle setting blocks resource destruction?
service_behavior
advanced
2:00remaining
Impact of create_before_destroy on resource replacement
Consider a Terraform resource with the lifecycle block:
lifecycle {
  create_before_destroy = true
}

What is the behavior when a change requires resource replacement?
ATerraform creates the new resource first, then destroys the old one after the new is ready.
BTerraform destroys the old resource first, then creates the new one.
CTerraform updates the resource in place without replacement.
DTerraform fails with an error because create_before_destroy is incompatible with replacement.
Attempts:
2 left
💡 Hint
Think about how create_before_destroy affects resource replacement order.
security
advanced
2:00remaining
Risks of ignoring changes on sensitive attributes
If you configure lifecycle ignore_changes on a sensitive attribute like password in a database resource, what is a potential risk?
ATerraform will expose the password in logs, causing a security leak.
BTerraform will never update the password even if changed in configuration, causing drift and security risk.
CTerraform will delete the resource when password changes.
DTerraform will prompt for password on every apply.
Attempts:
2 left
💡 Hint
Consider what ignoring changes means for sensitive data updates.
Best Practice
expert
3:00remaining
Combining lifecycle blocks for zero-downtime deployment
You want to update an AWS autoscaling group with zero downtime. Which lifecycle configuration combination best supports this goal?
Alifecycle { ignore_changes = [all] }
Blifecycle { prevent_destroy = true; ignore_changes = [launch_configuration] }
Clifecycle { create_before_destroy = true; prevent_destroy = true }
Dlifecycle { create_before_destroy = true; ignore_changes = [desired_capacity] }
Attempts:
2 left
💡 Hint
Think about how to replace resources safely and avoid scaling interruptions.