Challenge - 5 Problems

🎖️

Remote State Mastery

Get all challenges correct to earn this badge!

Test your skills under time pressure!

❓ service_behavior

intermediate

2:00remaining

Understanding Remote State Data Source Behavior

You have a Terraform configuration that uses a remote state data source to read outputs from another workspace. What will happen if the remote state backend is unreachable during terraform apply?

Terraform

data "terraform_remote_state" "vpc" {
  backend = "s3"
  config = {
    bucket = "my-terraform-state"
    key    = "vpc/terraform.tfstate"
    region = "us-east-1"
  }
}

resource "aws_instance" "web" {
  ami           = "ami-123456"
  instance_type = "t2.micro"
  subnet_id     = data.terraform_remote_state.vpc.outputs.subnet_id
}

ATerraform apply will proceed but use default values for the remote outputs.

BTerraform apply will fail with an error indicating it cannot read the remote state.

CTerraform apply will ignore the remote state data source and create resources without subnet_id.

DTerraform apply will create a new remote state backend automatically.

Attempts:

2 left

❓ Configuration

intermediate

2:00remaining

Correct Remote State Data Source Configuration

Which Terraform configuration snippet correctly defines a remote state data source to read outputs from an S3 backend?

terraform_remote_state "network" {
  backend = "s3"
  config = {
    bucket = "tf-state-bucket"
    key    = "network/terraform.tfstate"
    region = "us-west-2"
  }
}

data "terraform_remote_state" "network" {
  backend = "s3"
  bucket = "tf-state-bucket"
  key    = "network/terraform.tfstate"
  region = "us-west-2"
}

data "terraform_remote_state" "network" {
  backend = "s3"
  config = {
    bucket = "tf-state-bucket"
    key    = "network/terraform.tfstate"
    region = "us-west-2"
  }
}

data "terraform_remote_state" "network" {
  backend = "s3"
  config = {
    bucket = "tf-state-bucket"
    key    = "network.tfstate"
  }
}

Attempts:

2 left

❓ Architecture

advanced

2:00remaining

Designing Terraform Remote State for Multi-Environment

You want to manage multiple environments (dev, staging, prod) using Terraform with remote state stored in S3. Which architecture ensures isolation and safe state management?

AUse a single S3 bucket with separate key prefixes for each environment's state files.

BStore all environment states locally and push to S3 only for backups.

CUse separate S3 buckets for each environment's state files.

DUse one S3 bucket and one key for all environments to simplify management.

Attempts:

2 left

❓ security

advanced

2:00remaining

Securing Terraform Remote State Access

Which practice best secures access to Terraform remote state stored in an S3 bucket?

ADisable encryption to improve performance when accessing state files.

BMake the S3 bucket public to allow easy access for all team members.

CShare AWS root account credentials with the team for state access.

DEnable bucket versioning and restrict access using IAM policies to only required users and roles.

Attempts:

2 left

✅ Best Practice

expert

2:00remaining

Handling Remote State Dependencies in Terraform Modules

You have multiple Terraform modules that depend on outputs from a shared network module stored in remote state. What is the best practice to manage these dependencies to avoid state conflicts and ensure consistency?

AUse terraform_remote_state data sources in each module to read outputs from the shared network state, avoiding direct resource references.

BCopy the network module outputs manually into each module's variables to avoid remote state usage.

CMerge all modules into a single Terraform configuration to share one state file.

DUse local state files for each module and synchronize outputs via manual scripts.

Attempts:

2 left