Bird
Raised Fist0
Terraformcloud~20 mins

Blue-green infrastructure pattern in Terraform - Practice Problems & Coding Challenges

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Challenge - 5 Problems
🎖️
Blue-Green Deployment Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
Architecture
intermediate
2:00remaining
Identify the main benefit of the blue-green deployment pattern
Which of the following best describes the primary advantage of using the blue-green deployment pattern in cloud infrastructure?
AIt allows zero downtime deployments by switching traffic between two identical environments.
BIt reduces cloud costs by using only one environment at a time.
CIt automatically scales resources based on traffic load.
DIt encrypts all data in transit between environments.
Attempts:
2 left
💡 Hint
Think about how traffic is managed during updates.
Configuration
intermediate
2:00remaining
Terraform snippet for blue-green environment switching
Given two identical AWS ECS services named blue and green, which Terraform snippet correctly switches the production traffic to the green service using an Application Load Balancer listener rule?
Terraform
resource "aws_lb_listener_rule" "green_traffic" {
  listener_arn = aws_lb_listener.front_end.arn
  priority     = 100

  action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.green.arn
  }

  condition {
    path_pattern {
      values = ["/app/*"]
    }
  }
}
AUse aws_lb_listener_rule with action type 'forward' to green target group and priority lower than blue's rule.
BUse aws_lb_listener_rule with action type 'redirect' to green target group and priority higher than blue's rule.
CUse aws_lb_listener_rule with action type 'fixed-response' to green target group and priority equal to blue's rule.
DUse aws_lb_listener_rule with action type 'forward' to green target group and priority higher than blue's rule.
Attempts:
2 left
💡 Hint
Higher priority rules take precedence in ALB listener rules.
security
advanced
2:00remaining
Security considerations in blue-green deployments
Which security risk is most relevant when running both blue and green environments simultaneously in a blue-green deployment?
AInability to encrypt data in transit between environments.
BData loss caused by switching traffic between environments.
CIncreased attack surface due to both environments being live and accessible.
DAutomatic deletion of logs from the inactive environment.
Attempts:
2 left
💡 Hint
Think about exposure when two environments are active.
Best Practice
advanced
2:00remaining
Best practice for database handling in blue-green deployments
In a blue-green deployment, what is the recommended approach to handle database schema changes to avoid downtime?
AApply backward-compatible schema changes before switching traffic, then clean up old schema after verification.
BAvoid any schema changes during blue-green deployments to prevent conflicts.
CMaintain separate databases for blue and green environments and merge data after deployment.
DSwitch traffic first, then apply schema changes directly on the new environment's database.
Attempts:
2 left
💡 Hint
Consider how to keep both environments compatible during transition.
service_behavior
expert
2:00remaining
Result of traffic switch in blue-green deployment with sticky sessions
In a blue-green deployment using an Application Load Balancer with sticky sessions enabled, what is the expected behavior immediately after switching traffic from blue to green environment?
AAll users are instantly routed to the green environment regardless of existing sessions.
BExisting users continue to be routed to the blue environment until their session expires, new users go to green.
CSticky sessions are disabled automatically during the switch causing all users to lose session data.
DThe load balancer duplicates traffic to both blue and green environments during the switch.
Attempts:
2 left
💡 Hint
Sticky sessions bind users to a specific backend until session ends.

Practice

(1/5)
1. What is the main purpose of the blue-green infrastructure pattern in Terraform deployments?
easy
A. To reduce infrastructure costs by using a single environment
B. To automate database backups during deployment
C. To increase the number of servers in a single environment
D. To avoid downtime by switching traffic between two identical environments

Solution

  1. Step 1: Understand the blue-green pattern concept

    The blue-green pattern uses two identical environments to ensure zero downtime during updates.

  2. Step 2: Identify the main goal in Terraform deployments

    Terraform manages these environments and switches traffic between them to avoid downtime.

  3. Final Answer:

    To avoid downtime by switching traffic between two identical environments -> Option D

  4. Quick Check:

    Blue-green pattern = avoid downtime [OK]
Hint: Remember: blue-green means two environments for zero downtime [OK]
Common Mistakes:
  • Thinking it reduces costs by using one environment
  • Confusing it with scaling servers in one environment
  • Assuming it automates backups
2. Which Terraform resource is commonly used to switch traffic between blue and green environments in a blue-green deployment?
easy
A. aws_lb_listener_rule
B. aws_instance
C. aws_s3_bucket
D. aws_security_group

Solution

  1. Step 1: Identify Terraform resources related to traffic routing

    Load balancer listener rules control how traffic is routed to target groups.

  2. Step 2: Match resource to blue-green traffic switch

    The aws_lb_listener_rule resource allows switching traffic between blue and green target groups.

  3. Final Answer:

    aws_lb_listener_rule -> Option A

  4. Quick Check:

    Traffic switch uses listener rules [OK]
Hint: Traffic routing uses listener rules, not instances or buckets [OK]
Common Mistakes:
  • Choosing aws_instance which manages servers, not traffic
  • Selecting aws_s3_bucket which is for storage
  • Picking aws_security_group which controls firewall rules
3. Given this Terraform snippet for blue-green deployment traffic switching: 
resource "aws_lb_listener_rule" "blue" {
  listener_arn = aws_lb_listener.front_end.arn
  priority     = 10
  action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.blue.arn
  }
  condition {
    path_pattern {
      values = ["/blue/*"]
    }
  }
}

resource "aws_lb_listener_rule" "green" {
  listener_arn = aws_lb_listener.front_end.arn
  priority     = 20
  action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.green.arn
  }
  condition {
    path_pattern {
      values = ["/green/*"]
    }
  }
}
What happens when a user visits /green/home?
medium
A. Traffic is routed to the green target group
B. Traffic is routed to both blue and green target groups
C. Traffic is blocked by the load balancer
D. Traffic is routed to the blue target group

Solution

  1. Step 1: Analyze path pattern conditions in listener rules

    The green listener rule matches paths starting with /green/* and forwards to the green target group.

  2. Step 2: Match user request path to rules

    The request /green/home matches the green rule condition, so traffic goes to the green target group.

  3. Final Answer:

    Traffic is routed to the green target group -> Option A

  4. Quick Check:

    Path /green/* routes to green group [OK]
Hint: Match URL path to listener rule path pattern [OK]
Common Mistakes:
  • Assuming default routing to blue group
  • Thinking traffic is blocked without default rule
  • Believing traffic splits between groups
4. You wrote this Terraform code to switch traffic in a blue-green setup but the traffic does not switch as expected: 
resource "aws_lb_listener_rule" "blue" {
  listener_arn = aws_lb_listener.front_end.arn
  priority     = 10
  action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.blue.arn
  }
  condition {
    host_header {
      values = ["blue.example.com"]
    }
  }
}

resource "aws_lb_listener_rule" "green" {
  listener_arn = aws_lb_listener.front_end.arn
  priority     = 10
  action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.green.arn
  }
  condition {
    host_header {
      values = ["green.example.com"]
    }
  }
}
What is the likely problem?
medium
A. Target groups are not defined correctly
B. Host header condition is invalid for load balancers
C. Both listener rules have the same priority, causing conflict
D. Listener ARN is missing in one of the rules

Solution

  1. Step 1: Check listener rule priorities

    Both rules have priority 10, which causes a conflict because priorities must be unique.

  2. Step 2: Understand effect of priority conflict

    Load balancer cannot decide which rule to apply, so traffic routing fails or is unpredictable.

  3. Final Answer:

    Both listener rules have the same priority, causing conflict -> Option C

  4. Quick Check:

    Unique priorities required for listener rules [OK]
Hint: Listener rule priorities must be unique numbers [OK]
Common Mistakes:
  • Ignoring priority uniqueness
  • Assuming host_header condition is invalid
  • Overlooking target group correctness
5. You want to implement a blue-green deployment in Terraform with minimal downtime. Which approach best achieves this?
hard
A. Deploy new version to green environment and keep routing traffic to blue until green is manually deleted
B. Deploy new version to green environment, test it, then update load balancer to route all traffic to green
C. Deploy new version directly to blue environment and restart all servers simultaneously
D. Deploy new version to blue environment and use DNS TTL to switch traffic slowly

Solution

  1. Step 1: Understand blue-green deployment goals

    The goal is zero downtime by having two identical environments and switching traffic atomically.

  2. Step 2: Evaluate deployment approaches

    Deploying to green, testing, then switching load balancer traffic ensures smooth transition without downtime.

  3. Step 3: Compare other options

    Direct deploy with restart causes downtime; manual deletion delays switch; DNS TTL causes slow switch and possible downtime.

  4. Final Answer:

    Deploy new version to green environment, test it, then update load balancer to route all traffic to green -> Option B

  5. Quick Check:

    Blue-green = test new env, then switch traffic [OK]
Hint: Test new environment fully before switching traffic [OK]
Common Mistakes:
  • Restarting servers causing downtime
  • Delaying traffic switch by manual deletion
  • Relying on DNS TTL for instant switch