Bird
Raised Fist0
Terraformcloud~10 mins

Code review for infrastructure changes in Terraform - Interactive Code Practice

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Practice - 5 Tasks
Answer the questions below
1fill in blank
easy

Complete the code to define a resource block for an AWS S3 bucket.

Terraform
resource "aws_s3_bucket" "my_bucket" {
  bucket = [1]
  acl    = "private"
}
Drag options to blanks, or click blank then click option'
Abucket_name
Bmy_bucket
C"public-read"
D"my-unique-bucket-name"
Attempts:
3 left
💡 Hint
Common Mistakes
Using a variable name without quotes
Using an ACL value instead of bucket name
Omitting quotes around the bucket name
2fill in blank
medium

Complete the code to specify the AWS region in the provider block.

Terraform
provider "aws" {
  region = [1]
}
Drag options to blanks, or click blank then click option'
Aregion
B"us-west-2"
Cus-west-2
Daws_region
Attempts:
3 left
💡 Hint
Common Mistakes
Omitting quotes around the region name
Using variable names without defining them
3fill in blank
hard

Fix the error in the resource block by completing the lifecycle rule to prevent bucket deletion.

Terraform
resource "aws_s3_bucket" "my_bucket" {
  bucket = "my-unique-bucket-name"

  lifecycle {
    [1] = true
  }
}
Drag options to blanks, or click blank then click option'
Ablock_deletion
Bprevent_delete
Cprevent_destroy
Ddisable_destroy
Attempts:
3 left
💡 Hint
Common Mistakes
Using incorrect lifecycle attribute names
Confusing lifecycle rules with resource attributes
4fill in blank
hard

Fill both blanks to create an output that shows the bucket ARN.

Terraform
output "bucket_arn" {
  value = aws_s3_bucket.my_bucket[1][2]
}
Drag options to blanks, or click blank then click option'
A.
B[
Carn
D]
Attempts:
3 left
💡 Hint
Common Mistakes
Using brackets instead of dot notation
Using incorrect attribute names
5fill in blank
hard

Fill all three blanks to define a variable with a default value and description.

Terraform
variable "bucket_name" {
  type        = [1]
  default     = [2]
  description = [3]
}
Drag options to blanks, or click blank then click option'
A"string"
B"my-default-bucket"
C"The name of the S3 bucket"
Dstring
Attempts:
3 left
💡 Hint
Common Mistakes
Quoting the type value
Omitting quotes around default or description
Using incorrect variable syntax

Practice

(1/5)
1. What is the main purpose of running terraform plan before applying changes?
easy
A. To apply the changes directly to the cloud resources
B. To preview the changes Terraform will make to the infrastructure
C. To delete all existing infrastructure
D. To create a backup of the current infrastructure state

Solution

  1. Step 1: Understand the role of terraform plan

    This command shows what changes Terraform will perform without making any actual changes.

  2. Step 2: Differentiate from other commands

    terraform apply makes changes, while terraform plan previews them safely.

  3. Final Answer:

    To preview the changes Terraform will make to the infrastructure -> Option B

  4. Quick Check:

    Preview changes = terraform plan [OK]
Hint: Remember: plan previews, apply executes changes [OK]
Common Mistakes:
  • Confusing plan with apply
  • Thinking plan deletes resources
  • Assuming plan creates backups
2. Which of the following is the correct syntax to initialize a Terraform working directory?
easy
A. terraform init
B. terraform start
C. terraform setup
D. terraform configure

Solution

  1. Step 1: Identify the initialization command

    terraform init sets up the working directory by downloading providers and preparing backend.

  2. Step 2: Verify other options

    Commands like terraform start, terraform setup, and terraform configure do not exist in Terraform CLI.

  3. Final Answer:

    terraform init -> Option A

  4. Quick Check:

    Initialize = terraform init [OK]
Hint: Init means start setup in Terraform [OK]
Common Mistakes:
  • Using non-existent commands
  • Confusing init with apply
  • Assuming configure is a Terraform command
3. Given this Terraform snippet:
resource "aws_instance" "example" {
  ami           = "ami-123456"
  instance_type = "t2.micro"
}

output "instance_id" {
  value = aws_instance.example.id
}

What will terraform apply output after successful deployment?
medium
A. The ID of the created AWS instance
B. The AMI ID used in the instance
C. The instance type string
D. An error because output is missing

Solution

  1. Step 1: Understand the output block

    The output named instance_id returns the ID of the created AWS instance resource.

  2. Step 2: Confirm output value

    The value is set to aws_instance.example.id, which is the unique instance ID assigned by AWS.

  3. Final Answer:

    The ID of the created AWS instance -> Option A

  4. Quick Check:

    Output shows instance ID = The ID of the created AWS instance [OK]
Hint: Output shows resource attributes, not input values [OK]
Common Mistakes:
  • Confusing output value with input AMI
  • Expecting instance type as output
  • Thinking output block is missing or invalid
4. You see this Terraform code snippet in a pull request:
resource "aws_s3_bucket" "my_bucket" {
  bucket = "my-unique-bucket-name"
  acl    = "public-read"
}

What is the main concern during code review before applying?
medium
A. The bucket name might not be unique globally
B. The code is missing a region specification
C. The resource type is incorrect for S3 buckets
D. The ACL setting makes the bucket publicly readable, which may be a security risk

Solution

  1. Step 1: Analyze the ACL setting

    The ACL is set to public-read, which allows anyone on the internet to read bucket contents.

  2. Step 2: Consider security best practices

    Making buckets public can expose sensitive data; this should be reviewed carefully before applying.

  3. Final Answer:

    The ACL setting makes the bucket publicly readable, which may be a security risk -> Option D

  4. Quick Check:

    Public ACL = security risk [OK]
Hint: Watch for public access settings in code reviews [OK]
Common Mistakes:
  • Ignoring security implications of ACL
  • Assuming bucket name uniqueness is the main issue
  • Thinking region is mandatory in resource block
5. A team wants to share Terraform infrastructure changes for review before applying. Which practice best supports safe collaboration?
hard
A. Send raw Terraform files via email for manual review
B. Run terraform apply directly on the main branch without review
C. Share terraform plan output in a pull request for team feedback
D. Apply changes first, then notify the team

Solution

  1. Step 1: Understand collaboration best practices

    Sharing terraform plan output in pull requests allows the team to see proposed changes safely before applying.

  2. Step 2: Evaluate other options

    Applying changes without review or sending raw files lacks safety and clarity; notifying after applying is risky.

  3. Final Answer:

    Share terraform plan output in a pull request for team feedback -> Option C

  4. Quick Check:

    Plan + PR = safe collaboration [OK]
Hint: Use plan output in PRs for safe team review [OK]
Common Mistakes:
  • Skipping review before apply
  • Sharing raw files without context
  • Applying changes before team agreement