Bird
Raised Fist0
Terraformcloud~20 mins

Terraform Cloud/Enterprise features - Practice Problems & Coding Challenges

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Challenge - 5 Problems
🎖️
Terraform Cloud/Enterprise Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
Terraform Cloud Workspaces Behavior

Which statement best describes how Terraform Cloud workspaces manage state files?

AWorkspaces do not use state files; they rely on external databases for state management.
BEach workspace has its own isolated state file stored securely in Terraform Cloud.
CState files are stored locally on the user's machine and uploaded only during runs.
DAll workspaces share a single global state file to simplify management.
Attempts:
2 left
💡 Hint

Think about how Terraform Cloud isolates environments and manages infrastructure state.

Architecture
intermediate
2:00remaining
Terraform Enterprise Private Network Connectivity

In Terraform Enterprise, which method is recommended to securely connect the Terraform Enterprise instance to private cloud resources without exposing them publicly?

ARun Terraform Enterprise on a public cloud instance and access private resources via SSH tunneling.
BExpose the private resources with public IPs and restrict access with firewall rules.
CUse a VPN or Direct Connect to establish a private network link between Terraform Enterprise and the cloud environment.
DUse Terraform Cloud's public API endpoints to manage private resources remotely.
Attempts:
2 left
💡 Hint

Consider secure, private network connections that avoid public exposure.

security
advanced
2:00remaining
Terraform Cloud Sentinel Policy Enforcement

What is the primary purpose of Sentinel policies in Terraform Cloud?

ATo enforce rules and guardrails on Terraform runs by evaluating policy as code before applying changes.
BTo automatically fix syntax errors in Terraform configuration files during runs.
CTo provide a user interface for managing Terraform state files manually.
DTo schedule Terraform runs at specific times without manual intervention.
Attempts:
2 left
💡 Hint

Think about how organizations enforce compliance and standards automatically.

service_behavior
advanced
2:00remaining
Terraform Cloud Run Triggers Behavior

Which of the following best describes how run triggers work in Terraform Cloud?

ARun triggers require manual approval before starting any Terraform run in dependent workspaces.
BRun triggers disable automatic state locking during concurrent runs.
CRun triggers schedule Terraform runs at fixed time intervals regardless of other workspace states.
DRun triggers automatically start a Terraform run in one workspace when another workspace completes a run successfully.
Attempts:
2 left
💡 Hint

Consider how Terraform Cloud coordinates runs across related workspaces.

Best Practice
expert
2:00remaining
Managing Sensitive Variables in Terraform Cloud

Which approach is the most secure and recommended way to manage sensitive variables in Terraform Cloud?

AMark variables as sensitive in Terraform Cloud and avoid printing them in logs or outputs.
BStore sensitive variables in plain text in Terraform configuration files checked into version control.
CUse environment variables on local machines and never store them in Terraform Cloud.
DEncrypt sensitive variables manually and store encrypted blobs as regular variables.
Attempts:
2 left
💡 Hint

Think about built-in features Terraform Cloud offers for secrets management.

Practice

(1/5)
1. What is the main purpose of Terraform Cloud/Enterprise?
easy
A. To help teams manage infrastructure together safely
B. To replace Terraform CLI on local machines
C. To provide a graphical interface for writing Terraform code
D. To host websites built with Terraform

Solution

  1. Step 1: Understand Terraform Cloud/Enterprise role

    Terraform Cloud/Enterprise is designed to help teams collaborate on infrastructure management safely.

  2. Step 2: Eliminate incorrect options

    It does not replace the CLI, provide a GUI for coding, or host websites.

  3. Final Answer:

    To help teams manage infrastructure together safely -> Option A

  4. Quick Check:

    Collaboration and safety = B [OK]
Hint: Think teamwork and safety in infrastructure management [OK]
Common Mistakes:
  • Confusing Terraform Cloud with a code editor
  • Thinking it replaces local Terraform CLI
  • Assuming it hosts applications
2. Which of the following is the correct way to configure a Terraform Cloud workspace in terraform block?
easy
A. terraform { cloud { organization = "my-org" workspaces { name = "my-workspace" } } }
B. terraform { cloud_backend { org_name = "my-org" ws_name = "my-workspace" } }
C. terraform { backend "cloud" { organization = "my-org" workspaces { name = "my-workspace" } } }
D. terraform { backend "remote" { org = "my-org" workspace_name = "my-workspace" } }

Solution

  1. Step 1: Recall Terraform Cloud backend syntax

    The correct syntax uses backend "cloud" with organization and workspaces { name = "my-workspace" } block.

  2. Step 2: Compare options to syntax

    terraform { backend "cloud" { organization = "my-org" workspaces { name = "my-workspace" } } } matches the official syntax exactly; others have incorrect keys or structure.

  3. Final Answer:

    terraform { backend "cloud" { organization = "my-org" workspaces { name = "my-workspace" } } } -> Option C

  4. Quick Check:

    Backend "cloud" with organization and workspaces block = D [OK]
Hint: Remember backend "cloud" block with organization and workspaces { name } [OK]
Common Mistakes:
  • Using incorrect block names like cloud_backend
  • Mixing keys like org vs organization
  • Wrong nesting of workspace inside cloud block
3. Given this Terraform Cloud workspace configuration snippet, what will happen when you run terraform apply? 
terraform {
  backend "cloud" {
    organization = "example-org"
    workspaces {
      name = "prod"
    }
  }
}
medium
A. Terraform will run the apply remotely in Terraform Cloud and update the remote state
B. Terraform will run the apply locally and update remote state in Terraform Cloud
C. Terraform will fail because workspace name should be outside workspaces block
D. Terraform will ignore the backend and run locally without remote state

Solution

  1. Step 1: Understand backend cloud with workspaces block

    The workspaces { name = "prod" } syntax is valid and specifies the workspace in Terraform Cloud.

  2. Step 2: Know Terraform Cloud apply behavior

    When using Terraform Cloud backend, terraform apply runs locally but updates the remote state.

  3. Final Answer:

    Terraform will run the apply locally and update remote state in Terraform Cloud -> Option B

  4. Quick Check:

    Local execution, remote state = B [OK]
Hint: Cloud backend: local execution, remote state [OK]
Common Mistakes:
  • Thinking apply runs remotely with cloud backend
  • Confusing workspace block syntax
  • Assuming backend config is ignored
4. You configured a Terraform Cloud workspace with the following backend block but get an error: Invalid backend configuration. What is wrong? 
terraform {
  backend "cloud" {
    organization = "my-org"
    workspace = "dev"
  }
}
medium
A. The organization name is missing
B. Backend "cloud" does not support workspace configuration
C. The key extra_key is not valid in backend configuration
D. The workspace name must be inside a workspaces block, not as workspace key

Solution

  1. Step 1: Check valid keys for backend "cloud" block

    Valid keys include organization and workspaces { name = "dev" } block. Direct workspace key is invalid.

  2. Step 2: Identify invalid key causing error

    The workspace = "dev" key is not valid; it must be inside a workspaces block.

  3. Final Answer:

    The workspace name must be inside a workspaces block, not as workspace key -> Option D

  4. Quick Check:

    workspace requires workspaces block = B [OK]
Hint: Only use documented keys in backend block [OK]
Common Mistakes:
  • Using direct workspace= instead of workspaces block
  • Adding unsupported keys in backend config
  • Misplacing workspace inside or outside workspaces block
  • Assuming organization can be omitted
5. Your team wants to enforce that all Terraform runs in Terraform Cloud must pass a policy check before applying changes. Which Terraform Cloud/Enterprise feature should you use to achieve this?
hard
A. Sentinel policies integrated with Terraform Cloud runs
B. Terraform CLI hooks on local machines
C. Manual approval outside Terraform Cloud
D. Terraform Cloud workspace tags

Solution

  1. Step 1: Identify feature for policy enforcement in Terraform Cloud

    Sentinel is Terraform Cloud's policy as code framework that integrates with runs to enforce rules.

  2. Step 2: Eliminate other options

    CLI hooks are local and not enforced centrally; manual approval is not automated; tags do not enforce policies.

  3. Final Answer:

    Sentinel policies integrated with Terraform Cloud runs -> Option A

  4. Quick Check:

    Policy enforcement = Sentinel = A [OK]
Hint: Use Sentinel for policy checks in Terraform Cloud [OK]
Common Mistakes:
  • Confusing local CLI hooks with centralized policy enforcement
  • Thinking tags enforce policies
  • Relying on manual approval only