0
0
Terraformcloud~20 mins

Nested dynamic blocks in Terraform - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Nested Dynamic Blocks Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
Configuration
intermediate
2:00remaining
Output of nested dynamic blocks in Terraform
Given the following Terraform configuration snippet using nested dynamic blocks, what will be the value of the resource's tags attribute after deployment?
Terraform
resource "aws_instance" "example" {
  ami           = "ami-123456"
  instance_type = "t2.micro"

  dynamic "tags" {
    for_each = { env = "prod", team = "devops" }
    content {
      key   = tags.key
      value = tags.value

      dynamic "subtag" {
        for_each = { owner = "alice", project = "cloud" }
        content {
          key   = subtag.key
          value = subtag.value
        }
      }
    }
  }
}
A{"env": "prod", "team": "devops", "owner": "alice", "project": "cloud"}
BSyntaxError: Invalid nested dynamic block usage
C{"env": "prod", "team": "devops"}
D{"tags": [{"key": "env", "value": "prod", "subtag": [{"key": "owner", "value": "alice"}, {"key": "project", "value": "cloud"}]}, {"key": "team", "value": "devops", "subtag": [{"key": "owner", "value": "alice"}, {"key": "project", "value": "cloud"}]}]}
Attempts:
2 left
💡 Hint
Remember that nested dynamic blocks create nested lists or maps in the resource attributes.
service_behavior
intermediate
2:00remaining
Behavior of nested dynamic blocks with empty inner for_each
In Terraform, if the inner nested dynamic block's for_each is an empty map, what will be the effect on the resource attribute generated by the nested dynamic blocks?
Terraform
resource "aws_security_group" "example" {
  name = "example"

  dynamic "ingress" {
    for_each = { http = 80, https = 443 }
    content {
      from_port   = ingress.value
      to_port     = ingress.value
      protocol    = "tcp"

      dynamic "cidr_blocks" {
        for_each = {}
        content {
          cidr_block = cidr_blocks.value
        }
      }
    }
  }
}
AThe ingress blocks will have empty cidr_blocks attributes (empty lists).
BTerraform will raise a runtime error due to empty inner for_each.
CThe ingress blocks will not include the cidr_blocks attribute at all.
DTerraform will ignore the entire ingress block because inner for_each is empty.
Attempts:
2 left
💡 Hint
Empty for_each in a dynamic block results in no blocks generated for that level.
Architecture
advanced
2:30remaining
Designing nested dynamic blocks for multi-tier infrastructure
You want to use Terraform nested dynamic blocks to define a multi-tier AWS security group where each tier has multiple ingress rules and each ingress rule can have multiple CIDR blocks. Which structure best represents this nested dynamic block usage?
AOne dynamic block for tiers, inside it a dynamic block for ingress rules, inside that a dynamic block for CIDR blocks.
BOne dynamic block for ingress rules, inside it a dynamic block for tiers, inside that a dynamic block for CIDR blocks.
CSeparate static blocks for tiers, ingress rules, and CIDR blocks without dynamic blocks.
DOne dynamic block for CIDR blocks, inside it a dynamic block for ingress rules, inside that a dynamic block for tiers.
Attempts:
2 left
💡 Hint
Think about the hierarchy: tiers contain ingress rules, which contain CIDR blocks.
security
advanced
2:30remaining
Security implications of nested dynamic blocks in Terraform
What is a potential security risk when using nested dynamic blocks to generate AWS IAM policies dynamically from user input variables?
AUnintended broad permissions if user input is not validated, leading to privilege escalation.
BTerraform will block any dynamic block that uses user input variables for security reasons.
CNested dynamic blocks cause IAM policies to be ignored by AWS, reducing security.
DThere is no security risk because Terraform validates all IAM policy content automatically.
Attempts:
2 left
💡 Hint
Consider what happens if user input is not controlled or sanitized.
Best Practice
expert
3:00remaining
Optimizing nested dynamic blocks for maintainability and performance
Which practice is best to optimize Terraform configurations that use deeply nested dynamic blocks to manage complex resources?
AWrite all nested dynamic blocks inline in a single resource block for clarity.
BBreak down nested dynamic blocks into reusable modules and use locals to simplify expressions.
CAvoid using dynamic blocks altogether and write static blocks for every possible combination.
DUse nested dynamic blocks with complex for_each expressions directly referencing remote state outputs.
Attempts:
2 left
💡 Hint
Think about code reuse and readability in large Terraform projects.