AWS Certified CloudOps Engineer Associate SOA-C03 Practice Question
Your team's CodeBuild project executes terraform apply for multiple feature branches, using an S3 backend that stores a single shared state file. When two builds run at the same time, the state becomes corrupted. You must prevent concurrent writes while continuing to use the S3 backend and keep cost low. Which modification addresses this requirement?
Enable versioning on the S3 bucket to recover previous versions of the state file.
Configure a DynamoDB table for state locking and reference it with the dynamodb_table argument in the S3 backend.
Move the Terraform state to AWS Systems Manager Parameter Store by using the secureString type.
Change the backend to local so each CodeBuild job writes its own state file in the build container.
The S3 backend can use a DynamoDB table for state locking. When terraform plan or apply commands run, Terraform writes a lock item to the table. If another process already holds the lock, the second process fails and waits, preventing simultaneous writes to the same state file. Enabling S3 versioning (distractor) protects previous versions but does not stop concurrent updates. Switching to the local backend isolates state but breaks collaboration and does not meet the requirement to keep using S3. Parameter Store is not a supported Terraform backend, so it cannot manage state at all.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
How does DynamoDB state locking prevent state corruption in Terraform?