🚀 Launch Special: $29/mo for life --d --h --m --s Claim Your Price →
Infrastructure as Code Free

Terraform Advanced

Terraform Advanced equips practitioners with deep expertise in module design, workspace strategies, remote state backends, state manipulation, and dynamic iteration, enabling reliable, scalable infrastructure automation in production environments.

Who Should Take This

The course is ideal for DevOps engineers, cloud architects, and SREs who have at least one year of hands‑on Terraform experience and now aim to standardize module libraries, automate state workflows, and implement robust production pipelines. Learners aim to reduce configuration drift, accelerate deployments, and ensure infrastructure consistency across multiple environments.

What's Included in AccelaStudy® AI

Adaptive Knowledge Graph
Practice Questions
Lesson Modules
Console Simulator Labs
Exam Tips & Strategy
20 Activity Formats

Course Outline

52 learning goals
1 Advanced Module Design
2 topics

Module Authoring Patterns

  • Implement composable modules with well-defined interfaces using input variable validation, type constraints, and nullable arguments to enforce correct usage by consumers
  • Implement module composition patterns using nested module calls and output chaining to build higher-level abstractions from lower-level building blocks
  • Analyze the trade-offs between thin wrapper modules that expose most provider arguments and opinionated modules that enforce organizational standards through constrained interfaces
  • Implement provider configuration passing to child modules using the providers meta-argument and explain how provider inheritance and explicit provider mapping work

Module Publishing and Versioning

  • Describe the Terraform Registry module publishing requirements including repository naming conventions, semantic versioning with Git tags, and required documentation structure
  • Implement module versioning strategies using semantic version constraints including pessimistic operators (~>) and exact version pins to balance stability and updates
  • Implement private module registries using Git repository sources with SSH or HTTPS authentication for internal module sharing across teams
  • Evaluate strategies for module dependency management including version constraint policies, breaking change detection, and module upgrade workflows across consuming configurations
2 Workspaces and Environment Management
1 topic

Workspace Concepts and Operations

  • Describe how Terraform workspaces provide isolated state instances within a single configuration and explain the relationship between workspace names and state file paths
  • Implement workspace-aware configurations using terraform.workspace interpolation to vary resource names, tags, and sizing parameters across development, staging, and production environments
  • Analyze the limitations of CLI workspaces for environment isolation and evaluate when separate root modules with distinct variable files provide better separation guarantees
  • Implement workspace-specific variable files and backend configurations to maintain environment-specific settings such as instance sizes, replica counts, and domain names per workspace
3 Remote State and Backend Configuration
2 topics

Remote Backend Configuration

  • Implement an S3 backend with DynamoDB state locking including bucket versioning, encryption, and IAM policy configuration for secure remote state storage
  • Implement GCS and Azure Blob Storage backends with state locking and explain the authentication and encryption mechanisms specific to each cloud provider's backend
  • Implement backend configuration using partial configuration with -backend-config flags and files to separate sensitive backend credentials from version-controlled code
  • Analyze the state locking mechanisms across different backends and evaluate failure scenarios such as lock contention, stale locks, and manual lock recovery procedures

Cross-Configuration State Access

  • Implement the terraform_remote_state data source to read output values from another Terraform configuration's state for cross-stack resource references
  • Analyze the coupling implications of terraform_remote_state dependencies and evaluate alternative approaches such as data sources and SSM Parameter Store for cross-stack communication
4 State Manipulation
2 topics

State Import and Migration

  • Implement terraform import to bring existing infrastructure resources under Terraform management by mapping cloud resource IDs to configuration resource addresses
  • Implement the import block (Terraform 1.5+) for declarative import of existing resources and explain how it differs from the imperative terraform import command
  • Analyze the challenges of importing complex resources with nested sub-resources and evaluate strategies for handling import drift where configuration does not match imported state

State Move and Remove

  • Implement terraform state mv to refactor resource addresses when renaming resources, moving resources between modules, or restructuring configuration without destroying infrastructure
  • Implement the moved block (Terraform 1.1+) for declarative resource address refactoring and explain how it provides a safer alternative to terraform state mv
  • Implement terraform state rm to remove resources from state without destroying the underlying infrastructure and explain the use case for adopting resources into a different configuration
  • Analyze the risks of state manipulation commands and evaluate safety procedures including state backups, plan verification, and the removed block for safe resource disassociation
5 Iteration and Dynamic Configuration
2 topics

Count and For_each

  • Describe the behavior of count and for_each meta-arguments for creating multiple resource instances and explain how each generates unique resource addresses in state
  • Implement for_each with maps and sets to create resource instances keyed by meaningful identifiers rather than numeric indices for stable resource addressing
  • Implement conditional resource creation using count with ternary expressions and for_each with empty collections to toggle resources on or off based on input variables
  • Analyze the state management differences between count and for_each and evaluate why reordering elements in a count list causes destructive resource recreation while for_each keys remain stable
  • Implement for_each on module blocks to create multiple instances of a module from a map of configuration objects with distinct providers or settings per instance

Dynamic Blocks and For Expressions

  • Implement dynamic blocks to generate repeated nested block content such as ingress rules, tags, and IAM policy statements from collection variables
  • Implement for expressions to transform and filter collections including list-to-map conversion, conditional filtering, and nested iteration patterns
  • Analyze the readability trade-offs of deeply nested dynamic blocks and evaluate when to use flattened variable structures versus dynamic generation for complex resource configurations
  • Implement the flatten function with for expressions to normalize nested data structures into flat lists suitable for for_each iteration on resources with complex variable inputs
6 Provider Aliases and Multi-Region Patterns
1 topic

Provider Aliases

  • Describe how provider aliases enable multiple configurations of the same provider type and explain the syntax for declaring and referencing aliased providers in resources
  • Implement multi-region deployments using provider aliases to create resources in different AWS regions or Azure locations within a single Terraform configuration
  • Implement multi-account provider configurations using assume_role or separate credential profiles to manage resources across organizational AWS accounts
  • Analyze the complexity implications of multi-provider configurations and evaluate architectural patterns for managing provider proliferation in large multi-region deployments
7 Testing and CI/CD Integration
2 topics

Terraform Testing

  • Describe the testing pyramid for Terraform including static analysis (validate, fmt, tflint), plan-based assertions, integration tests, and end-to-end infrastructure tests
  • Implement native terraform test (Terraform 1.6+) with .tftest.hcl files including run blocks, assertions on plan and apply outputs, and mock providers for unit testing
  • Implement Terratest integration tests in Go that deploy real infrastructure, validate resource configurations, and automatically tear down test environments
  • Analyze the cost-benefit trade-offs between plan-only validation tests, ephemeral infrastructure integration tests, and shared long-lived test environments

CI/CD Pipeline Integration

  • Implement a CI/CD pipeline for Terraform that executes fmt check, validate, plan on pull requests, and apply on merge to main with proper state backend authentication
  • Implement plan output persistence and human approval gates in CI/CD pipelines to ensure reviewed plans are the exact plans applied to production infrastructure
  • Implement automated drift detection using scheduled terraform plan runs that alert when infrastructure state diverges from the committed configuration
  • Analyze credential management strategies for CI/CD Terraform pipelines including OIDC federation, short-lived tokens, and vault integration versus static service account keys
  • Evaluate strategies for managing multiple Terraform configurations in a monorepo including change detection, selective plan execution, and dependency ordering across stacks
  • Implement automated cost estimation in Terraform CI/CD pipelines using tools such as Infracost to surface infrastructure cost changes alongside plan output in pull request reviews
8 Advanced Data Source Patterns
1 topic

Complex Data Source Usage

  • Implement data sources with complex filtering using most_recent flags, filter blocks, and tag-based lookups to dynamically discover infrastructure resources
  • Implement the external data source to integrate shell scripts and external programs that return JSON data for use in Terraform configurations
  • Implement the http data source and templatefile function to fetch and render external configuration templates and API responses within Terraform configurations
  • Analyze the reliability implications of data sources that depend on external APIs or scripts and evaluate error handling strategies for data source failures during plan and apply

Scope

Included Topics

  • Advanced module authoring, publishing, and versioning strategies, Terraform workspaces for environment management, remote state backends (S3 with DynamoDB locking, GCS, Azure Blob Storage), state manipulation commands (import, mv, rm, pull, push), dynamic blocks for repeated nested configuration, for_each and count meta-arguments for resource iteration, conditional resource creation patterns, provider aliases for multi-region and multi-account deployments, advanced data source patterns, testing with Terratest and native terraform test, CI/CD integration patterns for Terraform workflows

Not Covered

  • Terraform Cloud enterprise features (Teams, Governance, Run Tasks)
  • Sentinel policy as code framework
  • Basic HCL syntax and introductory concepts
  • Basic provider configuration and resource definitions
  • Cloud-specific service deep dives
  • Pulumi, CloudFormation, or other IaC tools
  • CDK for Terraform (CDKTF)

Ready to master Terraform Advanced?

Adaptive learning that maps your knowledge and closes your gaps.

Subscribe to Access