0
0
Terraformcloud~20 mins

Prevent_destroy lifecycle rule in Terraform - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Terraform Prevent_destroy Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
Configuration
intermediate
2:00remaining
Identify the effect of prevent_destroy in this Terraform resource
Given the following Terraform resource configuration, what will happen if you try to run terraform destroy on this resource?
Terraform
resource "aws_s3_bucket" "example" {
  bucket = "my-unique-bucket-name"

  lifecycle {
    prevent_destroy = true
  }
}
ATerraform will destroy the bucket without any warnings.
BTerraform will refuse to destroy the bucket and show an error.
CTerraform will prompt for confirmation before destroying the bucket.
DTerraform will ignore the prevent_destroy rule and destroy the bucket.
Attempts:
2 left
💡 Hint
Think about what the prevent_destroy lifecycle rule is designed to do.
service_behavior
intermediate
2:00remaining
What happens if prevent_destroy is not set and you run terraform destroy?
Consider a Terraform resource without the prevent_destroy lifecycle rule. What is the expected behavior when running terraform destroy?
Terraform
resource "aws_instance" "web" {
  ami           = "ami-12345678"
  instance_type = "t2.micro"
}
ATerraform will refuse to destroy the instance.
BTerraform will pause and ask for manual approval before destroying.
CTerraform will keep the instance running but remove it from state.
DTerraform will destroy the instance without any restrictions.
Attempts:
2 left
💡 Hint
What is the default behavior if no lifecycle rules are set?
Architecture
advanced
2:30remaining
Choose the correct lifecycle block to protect a resource from accidental deletion but allow updates
You want to protect an AWS RDS instance from being destroyed accidentally but still allow updates to its configuration. Which lifecycle block achieves this?
Alifecycle { prevent_destroy = true }
Blifecycle { create_before_destroy = true }
Clifecycle { ignore_changes = ["*"] }
Dlifecycle { prevent_destroy = false }
Attempts:
2 left
💡 Hint
Think about which lifecycle rule stops destruction but not updates.
security
advanced
2:30remaining
What security risk does prevent_destroy help mitigate in Terraform-managed infrastructure?
How does setting prevent_destroy = true in a Terraform resource lifecycle block improve security?
AIt prevents accidental or malicious deletion of critical infrastructure.
BIt encrypts the resource data at rest automatically.
CIt restricts access to the resource to only authorized users.
DIt automatically backs up the resource before any changes.
Attempts:
2 left
💡 Hint
Consider what kind of mistakes or attacks could cause resource loss.
Best Practice
expert
3:00remaining
When should you NOT use prevent_destroy in Terraform lifecycle rules?
Which scenario is NOT a good reason to use prevent_destroy in a Terraform resource lifecycle block?
AWhen accidental deletion would cause downtime.
BWhen the resource holds critical production data.
CWhen the resource is temporary and should be destroyed regularly.
DWhen you want to protect infrastructure from accidental removal.
Attempts:
2 left
💡 Hint
Think about when destruction is expected or necessary.