0
0
Terraformcloud~20 mins

Code review for infrastructure changes in Terraform - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Terraform Code Review Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
Configuration
intermediate
2:00remaining
Identify the output of this Terraform resource configuration
Given the following Terraform configuration for an AWS S3 bucket, what will be the value of the bucket's versioning status after applying?
Terraform
resource "aws_s3_bucket" "example" {
  bucket = "my-example-bucket"

  versioning {
    enabled = true
  }
}

output "versioning_status" {
  value = aws_s3_bucket.example.versioning[0].status
}
A"Enabled"
B"Suspended"
C"Disabled"
Dnull
Attempts:
2 left
💡 Hint
Check the versioning block and the output value referencing the status attribute.
security
intermediate
2:00remaining
Detect the security risk in this Terraform IAM policy
Review the following Terraform IAM policy attached to an AWS IAM role. Which option correctly identifies the security risk?
Terraform
resource "aws_iam_role_policy" "example_policy" {
  name = "example_policy"
  role = aws_iam_role.example_role.id

  policy = jsonencode({
    Version = "2012-10-17",
    Statement = [
      {
        Effect = "Allow",
        Action = "*",
        Resource = "*"
      }
    ]
  })
}
AThe policy restricts access to only read operations, which is too limited for most roles.
BThe policy grants full access to all AWS services and resources, which is overly permissive.
CThe policy is missing the Version field, causing it to be invalid.
DThe policy only allows access to a single resource, which may cause failures.
Attempts:
2 left
💡 Hint
Look at the Action and Resource fields in the policy statement.
Architecture
advanced
2:00remaining
Determine the number of subnets created by this Terraform module
This Terraform module creates subnets in multiple availability zones. Given the following snippet, how many subnets will be created?
Terraform
variable "availability_zones" {
  default = ["us-east-1a", "us-east-1b", "us-east-1c"]
}

resource "aws_subnet" "example" {
  count = length(var.availability_zones) * 2
  vpc_id = aws_vpc.example.id
  cidr_block = cidrsubnet(aws_vpc.example.cidr_block, 8, count.index)
  availability_zone = var.availability_zones[count.index % length(var.availability_zones)]
}
A9
B3
C6
D2
Attempts:
2 left
💡 Hint
Look at the count expression and how it relates to availability zones.
service_behavior
advanced
2:00remaining
Predict the behavior of this Terraform apply with lifecycle ignore_changes
Given this Terraform resource with lifecycle ignore_changes on tags, what happens if tags are changed manually outside Terraform and then terraform apply is run?
Terraform
resource "aws_instance" "example" {
  ami           = "ami-12345678"
  instance_type = "t2.micro"

  tags = {
    Environment = "Production"
  }

  lifecycle {
    ignore_changes = ["tags"]
  }
}
ATerraform will not update or revert tag changes made outside Terraform during apply.
BTerraform will throw an error due to conflicting tag changes.
CTerraform will overwrite tags to match the configuration on every apply.
DTerraform will delete the instance if tags differ.
Attempts:
2 left
💡 Hint
Consider what ignore_changes does in lifecycle blocks.
Best Practice
expert
2:00remaining
Identify the best practice violation in this Terraform state management setup
A team uses local state files for their Terraform project shared by multiple engineers. What is the main risk of this approach?
AUsing local state files allows seamless collaboration without additional setup.
BThe state file will be encrypted automatically, ensuring security.
CLocal state files enable automatic locking to prevent concurrent changes.
DState file conflicts and overwrites can occur, causing infrastructure drift or corruption.
Attempts:
2 left
💡 Hint
Think about how Terraform state files are shared and locked.