0
0
Terraformcloud~20 mins

Terraform taint and untaint (deprecated) - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Terraform Taint Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
What happens when you run terraform taint on a resource?
You have a resource managed by Terraform. You run terraform taint on it. What is the immediate effect on Terraform's state and next apply?
ATerraform immediately deletes the resource from the cloud provider without waiting for <code>terraform apply</code>.
BTerraform removes the resource from its state file permanently, so it will no longer manage it.
CTerraform marks the resource as needing replacement, so the next <code>terraform apply</code> will destroy and recreate it.
DTerraform pauses the resource, preventing any changes until manually resumed.
Attempts:
2 left
💡 Hint
Think about what 'taint' means in real life: marking something as broken or needing replacement.
service_behavior
intermediate
2:00remaining
What is the effect of terraform untaint on a tainted resource?
You have previously marked a resource as tainted. You now run terraform untaint on it. What happens to the resource in Terraform's state and next apply?
ATerraform removes the tainted mark, so the resource will not be replaced on the next apply.
BTerraform immediately recreates the resource in the cloud provider.
CTerraform deletes the resource from the state file and cloud provider.
DTerraform locks the resource to prevent any changes until unlocked.
Attempts:
2 left
💡 Hint
Untaint means to remove the 'broken' mark.
Architecture
advanced
2:00remaining
Why is terraform taint considered deprecated in Terraform 1.1+?
Terraform 1.1 and later versions mark terraform taint as deprecated. What is the main reason for this deprecation?
ABecause tainting caused permanent deletion of resources which was unsafe.
BBecause Terraform now supports <code>terraform apply -replace</code> which replaces resources without modifying state manually.
CBecause Terraform no longer manages state files locally.
DBecause tainting was replaced by a new command that pauses resources.
Attempts:
2 left
💡 Hint
Think about safer ways to replace resources without manual state changes.
security
advanced
2:00remaining
What security risk can arise from using terraform taint improperly in a shared environment?
In a team using remote state, what security or operational risk can happen if someone taints a critical resource without coordination?
AUncoordinated tainting can cause unexpected resource replacement, leading to downtime or data loss.
BTainting encrypts the resource state making it inaccessible to others.
CTainting disables resource access permissions permanently.
DTainting automatically exposes resource secrets in logs.
Attempts:
2 left
💡 Hint
Think about what happens if a resource is replaced unexpectedly in production.
Best Practice
expert
2:00remaining
Which Terraform command is recommended over terraform taint for replacing a resource in Terraform 1.1+?
You want to replace a resource safely without manually modifying the state. Which command should you use instead of terraform taint?
A<code>terraform refresh</code> to update the state and then <code>terraform apply</code>
B<code>terraform destroy -target=resource_address</code> followed by <code>terraform apply</code>
C<code>terraform state rm resource_address</code> then <code>terraform apply</code>
D<code>terraform apply -replace=resource_address</code>
Attempts:
2 left
💡 Hint
Look for a command that replaces a resource during apply without manual state edits.