0
0
Terraformcloud~20 mins

Terraform_remote_state usage - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Terraform Remote State Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
Understanding Terraform remote state data source

What does the terraform_remote_state data source in Terraform allow you to do?

AIt creates a backup of the Terraform state file before every apply.
BIt automatically synchronizes multiple Terraform state files into one.
CIt allows you to access outputs from another Terraform configuration's state file.
DIt encrypts the Terraform state file for security purposes.
Attempts:
2 left
💡 Hint

Think about how Terraform can share information between separate projects.

Configuration
intermediate
2:00remaining
Correct usage of terraform_remote_state with S3 backend

Which Terraform code snippet correctly configures terraform_remote_state to read from an S3 backend named prod-state in region us-west-2?

A
data "terraform_remote_state" "prod" {
  backend = "s3"
  bucket = "prod-state"
  region = "us-west-2"
}
B
data "terraform_remote_state" "prod" {
  backend = "s3"
  config = {
    bucket = "prod-state"
    region = "us-west-2"
  }
}
C
terraform_remote_state "prod" {
  backend = "s3"
  config = {
    bucket = "prod-state"
    region = "us-west-2"
  }
}
D
data "terraform_remote_state" "prod" {
  backend = "s3"
  config = {
    bucket = "prod-state"
    region = "us-east-1"
  }
}
Attempts:
2 left
💡 Hint

Remember the correct block type and where to put backend configuration.

Architecture
advanced
2:30remaining
Best practice for sharing remote state outputs securely

You have multiple Terraform projects that need to share outputs securely using terraform_remote_state. Which approach is best to ensure security and least privilege?

AUse separate S3 buckets for each project with bucket policies granting read access only to specific IAM roles used by consuming projects.
BStore all state files in a single S3 bucket with public read access and use <code>terraform_remote_state</code> to read outputs.
CStore state files locally on developer machines and share outputs via manual copy-paste.
DUse a single S3 bucket with no access restrictions and rely on Terraform to handle security.
Attempts:
2 left
💡 Hint

Think about controlling who can read state files and limiting exposure.

service_behavior
advanced
2:00remaining
Effect of changing remote state backend configuration

What happens if you change the backend configuration of a terraform_remote_state data source from S3 to local without updating the actual state files?

ATerraform will ignore the backend change and continue reading from S3.
BTerraform will successfully read the remote state from the local path without errors.
CTerraform will automatically migrate the remote state from S3 to local backend.
DTerraform will raise an error because the local path does not contain the expected state file.
Attempts:
2 left
💡 Hint

Consider what happens if the backend points to a location without the expected state.

security
expert
3:00remaining
Preventing sensitive data exposure in terraform_remote_state outputs

You want to use terraform_remote_state to share outputs but avoid exposing sensitive values like passwords. Which Terraform practice ensures sensitive outputs are not exposed?

AMark sensitive outputs with <code>sensitive = true</code> in the producing module and avoid referencing them in consuming modules.
BEncrypt the entire state file manually before storing it in the backend.
CStore sensitive outputs in plain text but restrict access to the backend bucket.
DUse <code>terraform_remote_state</code> to read all outputs and filter sensitive ones in the consuming module.
Attempts:
2 left
💡 Hint

Think about Terraform's built-in way to mark outputs as sensitive.