Bird
Raised Fist0
Terraformcloud~20 mins

Terraform in GitHub Actions - Practice Problems & Coding Challenges

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Challenge - 5 Problems
🎖️
Terraform GitHub Actions Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
service_behavior
intermediate
2:00remaining
Terraform GitHub Action Workflow Behavior

Consider this GitHub Actions workflow snippet that runs Terraform commands:

name: Terraform Apply
on: [push]
jobs:
  terraform:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Setup Terraform
        uses: hashicorp/setup-terraform@v2
        with:
          terraform_version: 1.5.0
      - name: Terraform Init
        run: terraform init
      - name: Terraform Apply
        run: terraform apply -auto-approve

What will happen if the Terraform configuration has syntax errors?

AThe workflow will fail at the 'Terraform Init' step with an error.
BThe workflow will skip the 'Terraform Apply' step automatically.
CThe workflow will succeed but no changes will be applied.
DThe workflow will fail at the 'Terraform Apply' step with an error.
Attempts:
2 left
💡 Hint

Think about when Terraform validates the configuration syntax.

Configuration
intermediate
2:00remaining
Correct Terraform GitHub Action Step for State Storage

You want to configure your GitHub Actions workflow to use an AWS S3 bucket as the Terraform remote backend for state storage. Which step correctly initializes Terraform with this backend?

Arun: terraform init -backend-config="bucket=mybucket" -backend-config="region=us-east-1"
Brun: terraform apply -backend-config="bucket=mybucket" -backend-config="region=us-east-1"
Crun: terraform plan -backend-config="bucket=mybucket" -backend-config="region=us-east-1"
Drun: terraform validate -backend-config="bucket=mybucket" -backend-config="region=us-east-1"
Attempts:
2 left
💡 Hint

Which Terraform command sets up the backend configuration?

security
advanced
2:00remaining
Securely Managing AWS Credentials in GitHub Actions for Terraform

You want to run Terraform in GitHub Actions to deploy AWS resources. What is the best practice to provide AWS credentials securely to the workflow?

AUse GitHub Secrets to store AWS credentials and reference them in the workflow environment variables.
BHardcode AWS credentials in Terraform configuration files checked into the repository.
CUse public AWS credentials with limited permissions in the workflow.
DStore AWS access key and secret key directly in the workflow YAML file.
Attempts:
2 left
💡 Hint

Think about how to keep secrets safe in GitHub repositories.

Architecture
advanced
2:00remaining
Handling Terraform State Locking in Concurrent GitHub Actions Runs

Your team runs Terraform apply in GitHub Actions on multiple branches simultaneously. What mechanism prevents state corruption when multiple runs try to modify the Terraform state at the same time?

AGitHub Actions disables parallel runs by default for workflows using Terraform.
BTerraform automatically queues runs in GitHub Actions to avoid conflicts.
CTerraform state locking via the configured backend (e.g., DynamoDB for S3 backend) prevents concurrent modifications.
DTerraform uses local state files to avoid conflicts in GitHub Actions.
Attempts:
2 left
💡 Hint

Think about how Terraform backends handle concurrency.

Best Practice
expert
2:00remaining
Optimizing Terraform Runs in GitHub Actions for Cost and Speed

You want to optimize your Terraform GitHub Actions workflow to reduce cloud costs and speed up runs. Which approach is the best practice?

ARun 'terraform apply' on every push to any branch without filtering.
BUse 'terraform plan' on pull requests and only run 'terraform apply' on merges to the main branch.
CRun 'terraform apply' manually only, never automate in GitHub Actions.
DRun 'terraform destroy' after every successful apply to clean resources.
Attempts:
2 left
💡 Hint

Consider when to apply changes to avoid unnecessary resource creation.

Practice

(1/5)
1. What is the main purpose of using Terraform in GitHub Actions workflows?
easy
A. To store Terraform state files in GitHub issues
B. To manually edit cloud resources from GitHub
C. To automatically run Terraform commands when code changes
D. To replace Terraform CLI with GitHub commands

Solution

  1. Step 1: Understand Terraform automation

    Terraform automates cloud resource management by running commands like plan and apply.

  2. Step 2: Role of GitHub Actions

    GitHub Actions can trigger these Terraform commands automatically when code changes happen.

  3. Final Answer:

    To automatically run Terraform commands when code changes -> Option C

  4. Quick Check:

    Terraform automation = automatic runs [OK]
Hint: Terraform in GitHub Actions automates runs on code changes [OK]
Common Mistakes:
  • Thinking GitHub Actions replaces Terraform CLI
  • Believing Terraform state is stored in GitHub issues
  • Assuming manual edits happen inside GitHub
2. Which syntax correctly defines a GitHub Actions step to run terraform init?
easy
A. - name: Terraform Init command: terraform init
B. - run: terraform init name: Terraform Init
C. - step: terraform init run: true
D. - name: Terraform Init run: terraform init

Solution

  1. Step 1: Check GitHub Actions step syntax

    Steps use name and run keys to describe and execute commands.

  2. Step 2: Validate correct order and keys

    - name: Terraform Init run: terraform init uses name then run with the correct command string.

  3. Final Answer:

    - name: Terraform Init run: terraform init -> Option D

  4. Quick Check:

    Step keys = name + run [OK]
Hint: GitHub Actions steps use 'name' then 'run' keys [OK]
Common Mistakes:
  • Using 'command' instead of 'run'
  • Swapping order of keys causing confusion
  • Using invalid keys like 'step'
3. Given this GitHub Actions snippet, what will happen when a push occurs? 
jobs:
  terraform:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Terraform Init
        run: terraform init
      - name: Terraform Plan
        run: terraform plan
medium
A. The workflow will fail due to missing apply step
B. Terraform will initialize and then create a plan for changes
C. Terraform will only checkout the code without running commands
D. Terraform will apply changes automatically

Solution

  1. Step 1: Analyze the steps in the workflow

    The workflow checks out code, runs terraform init, then runs terraform plan.

  2. Step 2: Understand Terraform commands effect

    terraform init prepares the environment; terraform plan shows what changes would happen but does not apply them.

  3. Final Answer:

    Terraform will initialize and then create a plan for changes -> Option B

  4. Quick Check:

    Init + Plan = prepare and preview [OK]
Hint: Init prepares, Plan previews changes, Apply makes changes [OK]
Common Mistakes:
  • Confusing plan with apply
  • Assuming apply runs automatically
  • Ignoring checkout step importance
4. You wrote this GitHub Actions step but it fails: 
- name: Terraform Apply
  run: terraform apply -auto-approve
What is a common reason for failure in this context?
medium
A. Missing terraform init before apply
B. Using -auto-approve flag incorrectly
C. GitHub Actions does not support terraform apply
D. The step name must be 'Apply Terraform' exactly

Solution

  1. Step 1: Check Terraform command requirements

    Terraform requires terraform init to run first to set up backend and providers.

  2. Step 2: Identify missing initialization

    If terraform init is missing, terraform apply will fail due to uninitialized state.

  3. Final Answer:

    Missing terraform init before apply -> Option A

  4. Quick Check:

    Init must run before apply [OK]
Hint: Always run 'terraform init' before 'terraform apply' [OK]
Common Mistakes:
  • Thinking -auto-approve causes failure
  • Believing GitHub Actions blocks apply commands
  • Assuming step name affects execution
5. You want to securely store Terraform state remotely and run terraform apply only after manual approval in GitHub Actions. Which setup is best?
hard
A. Use a remote backend like AWS S3 for state and add a manual approval job before apply
B. Store state in GitHub repo and run apply automatically after plan
C. Keep state local and run apply in the same job as plan
D. Use GitHub Secrets to store state file content and apply immediately

Solution

  1. Step 1: Secure state storage best practice

    Remote backends like AWS S3 keep Terraform state safe and shared among users.

  2. Step 2: Implement manual approval in workflow

    GitHub Actions supports manual approval jobs to pause before applying changes.

  3. Step 3: Combine both for safe, controlled deployment

    Using remote state plus manual approval ensures safety and control over apply.

  4. Final Answer:

    Use a remote backend like AWS S3 for state and add a manual approval job before apply -> Option A

  5. Quick Check:

    Remote state + manual approval = safe apply [OK]
Hint: Remote state + manual approval = secure, controlled apply [OK]
Common Mistakes:
  • Storing state in repo risking conflicts
  • Running apply automatically without checks
  • Using secrets to store entire state file