Terraform Assignments — Plan. Provision. Govern.

Move from “hello terraform” to policy-gated, CI/CD-driven infrastructure. Each topic-wise set includes 20 Basic, 20 Intermediate, and 10 Advanced questions so learners can practice deliberately and level up fast.

Your six attached assignments span: Core Concepts, Providers & Resources, State Management, Modules & Reusability, Advanced Terraform Features, and Terraform with DevOps & Cloud.

CONNECT WITH US

Why practice with these assignments?

  • Go beyond theory—init → plan → apply → destroy, variables & outputs, and real clouds (AWS/Azure/GCP/Kubernetes).
  • Build production habits: remote backends, locking, drift detection, and environment isolation.
  • Learn to design reusable modules, validate inputs, and version your stacks.
  • Ship with confidence using workspaces, functions, dynamic blocks, and lifecycle rules—then wire it to CI, policies, and security scans.

How it works

  • Open any assignment and attempt questions in order: Basic → Intermediate → Advanced.
  • Work locally with a sandboxed cloud account; prefer remote state + locking for multi-user tasks.
  • Verify with terraform plan, outputs, and cloud consoles; document drift and fixes where asked.
  • Keep a brief “what I learned” note per task—syntax, reasoning, and gotchas.

What you’ll achieve

  • Confident use of providers/resources, variables/outputs, and data sources.
  • Operational skills with state backends (S3/GCS/Azure), DynamoDB locking, workspaces, and migration.
  • Reusable modules with validation, pre/postconditions, and examples.
  • Advanced authoring: dynamic blocks, for_each/count, functions, lifecycle, and multi-env patterns.
  • CI-ready workflows with Jenkins/GitLab/GitHub Actions, Terraform Cloud + Sentinel, and security scanning (Checkov).

Browse the Assignments

  • Assignment 1 — Terraform Core Concepts: install & verify, first config, init/plan/apply/destroy, variables/locals/outputs, simple AWS EC2, formatting/validation.
  • Assignment 2 — Providers & Resources: AWS/Azure/GCP/Kubernetes providers, common resources (S3/IAM/EC2/RG/VM/Buckets/Namespaces/Pods), data sources, dependencies, and multi-create patterns.
  • Assignment 3 — State Management: local vs remote backends, S3 + DynamoDB locking, workspaces, import/mv/rm, drift detection & recovery, encryption & access control.
  • Assignment 4 — Modules & Reusability: author local modules (VPC/subnet/SG), input validation, examples & docs, registry usage/versioning, graphing dependencies, CI smoke tests.
  • Assignment 5 — Advanced Terraform Features: workspaces-driven naming, functions (lookup/concat/join/split/try), dynamic blocks, for_each vs count, pre/postconditions, lifecycle, env tfvars.
  • Assignment 6 — Terraform with DevOps & Cloud: CI pipelines (fmt/validate/plan/apply), OIDC to AWS, Terraform Cloud + Sentinel policies, Checkov gates, EKS/Helm/K8s workflows, artifacts & promotions.

Tips for success

  • Keep configs tidy: fmt + validate before every plan.
  • Prefer remote state with locking for teams; never hand-edit tfstate.
  • Model once, reuse everywhere: modules with clear inputs/outputs and examples.
  • Derive names/tags from workspace and locals to avoid collisions.
  • In CI, store creds securely, publish plans as artifacts, and gate on policy + security scans.

Ready to build real confidence in Terraform? Pick a set below and start solving!

Assignment-1

Assignment-2

Assignment-3

Assignment-4

Assignment-5

Assignment-6

FAQs

Q1. Which Terraform version should I use?
Use a current stable Terraform release and pin provider versions. Several exercises include versions.tf and lock files (.terraform.lock.hcl) for consistency.

Q2. How do I structure folders for real projects?
Maintain a clean root with main.tf, variables.tf, and outputs.tf. Create a modules/ directory for self-contained modules (with docs and examples) and per-environment variable files such as dev.tfvars and prod.tfvars.

Q3. Local state or remote backend?
Start with local state for learning. For collaboration, move to remote backends such as S3, GCS, or Azure with state locking (e.g., DynamoDB) and encryption for safety.

Q4. When should I use for_each vs count?
Use for_each when working with keys for stable diffs and precise addressing. Use count for simple lists indexed by position. You’ll practice both and compare trade-offs.

Q5. How do I prevent accidental destruction in prod?
Use lifecycle { prevent_destroy = true }, enforce tight IAM rules, add approval steps in CI/CD, and rely on remote state with locking. Always test destroy plans in non-production first.

Q6. What’s the right way to handle secrets?
Never hard-code secrets. Store them in your cloud’s secret manager or CI/CD pipeline secrets. In Terraform Cloud, enforce Sentinel policies to block insecure configurations.

Q7. How do workspaces help?
Workspaces allow separate state management per environment. They can dynamically influence names, tags, and keys via terraform.workspace. Assignments include workspace-aware backends and outputs.

Q8. How do I detect and fix drift?
Run terraform plan regularly (e.g., nightly in CI) and compare with remote state. Re-apply to reconcile differences or use terraform import for infrastructure created outside Terraform.

Q9. What makes a good module?
A good module includes clear variable types, defaults, and validations, well-defined inputs/outputs, pre/postconditions, documentation, examples, and follows semantic versioning.

Q10. How do I “shift left” on security and compliance?
Integrate tools like Checkov in CI pipelines, restrict regions and enforce tags with Sentinel in Terraform Cloud, and block merges until security checks pass.