A Capture The Flag (CTF) game implemented as a Terraform provider. Learn Terraform concepts by solving interactive challenges and capturing flags!
This Terraform provider turns learning Infrastructure as Code into an interactive game. Instead of reading documentation, you'll solve progressively challenging puzzles that teach you Terraform concepts hands-on. Each challenge you complete reveals a flag as your reward!
Perfect for:
- ๐ Learning Terraform interactively
- ๐ข Team training and workshops
- ๐ฏ CTF competitions and hackathons
- ๐ช Practicing Terraform skills
- ๐ Having fun with Infrastructure as Code!
- 8 Progressive Challenges - From beginner to advanced (2,250 total points)
- Real CTF Experience - Complete challenges to capture flags
- Hint System - Get help when stuck (with point penalties)
- Comprehensive Documentation - Guides, examples, and walkthroughs
- Educational - Learn by doing, not just reading
- Bonus Puzzles - XOR puzzle and more for extra flags
- No Cloud Required - All challenges run locally
| Challenge | Difficulty | Points | What You'll Learn |
|---|---|---|---|
| Terraform Basics | Beginner | 100 | Resource dependencies & execution order |
| State Secrets | Beginner | 200 | State management concepts |
| Data Source Detective | Beginner | 150 | Querying and filtering data |
| For-Each Wizard | Intermediate | 250 | Resource iteration with for_each |
| Dynamic Blocks | Intermediate | 300 | Dynamic block generation |
| Expression Expert | Intermediate | 350 | Functions and expressions |
| Module Master | Advanced | 400 | Module composition |
| Cryptographic Compute | Advanced | 500 | Cryptographic functions |
Total: 2,250 points + bonus flags!
Add to your terraform block:
terraform {
required_providers {
ctfchallenge = {
source = "omghozlan/ctfchallenge"
version = "~> 1.0"
}
}
}# Clone the repository
git clone https://github.com/omghozlan/terraform-provider-ctfchallenge.git
cd terraform-provider-ctfchallenge
# Build the provider
go build -o terraform-provider-ctfchallenge
# Move to Terraform plugins directory (Linux/macOS example)
mkdir -p ~/.terraform.d/plugins/github.com/omghozlan/ctfchallenge/1.0.0/linux_amd64/
mv terraform-provider-ctfchallenge ~/.terraform.d/plugins/github.com/omghozlan/ctfchallenge/1.0.0/linux_amd64/Create a main.tf file:
terraform {
required_providers {
ctfchallenge = {
source = "omghozlan/ctfchallenge"
version = "~> 1.0"
}
}
}
provider "ctfchallenge" {
player_name = "your-name-here" # Choose your hacker alias!
}
# List all available challenges
data "ctfchallenge_list" "all" {}
output "challenges" {
value = data.ctfchallenge_list.all.challenges
}Initialize and explore:
terraform init
terraform apply# Get challenge information
data "ctfchallenge_challenge_info" "basics" {
challenge_id = "terraform_basics"
}
# Create your solution (3 dependent resources)
resource "null_resource" "first" {}
resource "null_resource" "second" { depends_on = [null_resource.first] }
resource "null_resource" "third" { depends_on = [null_resource.second] }
# Submit and capture the flag!
resource "ctfchallenge_flag_validator" "basics" {
challenge_id = "terraform_basics"
proof_of_work = {
dependencies = "${null_resource.first.id},${null_resource.second.id},${null_resource.third.id}"
}
}
# View your captured flag
output "flag" {
value = ctfchallenge_flag_validator.basics.flag
sensitive = true
}
output "points" {
value = ctfchallenge_flag_validator.basics.points
}Apply and capture your first flag:
terraform apply
terraform output -raw flag
# Output: flag{t3rr4f0rm_d3p3nd3nc13s}๐ Congratulations! You've captured your first flag!
- ctfchallenge_flag_validator - Submit challenge solutions and capture flags
- ctfchallenge_puzzle_box - Solve logic puzzles for bonus flags
- ctfchallenge_list - List all available challenges
- ctfchallenge_challenge_info - Get detailed challenge information
- ctfchallenge_hint - Request hints (costs points)
- Getting Started - Step-by-step tutorial
- Challenge Walkthrough - Complete solutions (spoilers!)
- Advanced Tips - Pro strategies and techniques
Unlike traditional learning where you read then practice, this provider follows the CTF paradigm:
- Choose a challenge - Read the description to understand the goal
- Write your solution - Use Terraform to solve the puzzle
- Submit proof of work - Validate your solution
- Capture the flag - If successful, the flag is revealed as your reward!
Flags follow the format: flag{some_text_here}
This challenge teaches you Terraform's built-in functions:
# The challenge: compute base64encode(sha256("terraformexpressionsrock"))
locals {
combined = "terraformexpressionsrock"
hashed = sha256(local.combined)
encoded = base64encode(local.hashed)
}
resource "ctfchallenge_flag_validator" "expressions" {
challenge_id = "expression_expert"
proof_of_work = {
computed_value = local.encoded
}
}
output "flag" {
value = ctfchallenge_flag_validator.expressions.flag
sensitive = true
}terraform apply
terraform output -raw flag
# Output: flag{3xpr3ss10ns_unl0ck3d}350 points earned! ๐
Solve the XOR puzzle for a bonus flag:
# Find 5 numbers whose XOR equals 0
resource "ctfchallenge_puzzle_box" "xor" {
inputs = {
input_1 = "15"
input_2 = "23"
input_3 = "42"
input_4 = "37"
input_5 = "11" # Calculated: 15 XOR 23 XOR 42 XOR 37 = 11
}
}
output "bonus_flag" {
value = ctfchallenge_puzzle_box.xor.secret_output
sensitive = true
}# Clone the repository
git clone https://github.com/omghozlan/terraform-provider-ctfchallenge.git
cd terraform-provider-ctfchallenge
# Download dependencies
go mod download
# Build
go build -o terraform-provider-ctfchallenge
# Run tests
go test -v ./...terraform-provider-ctfchallenge/
โโโ challenges/ # Challenge definitions and validators
โ โโโ validator.go
โโโ provider/ # Terraform provider implementation
โ โโโ provider.go
โ โโโ resource_flag_validator.go
โ โโโ resource_puzzle_box.go
โ โโโ data_source_hint.go
โ โโโ data_source_list.go
โ โโโ data_source_challenge_info.go
โโโ docs/ # Documentation
โ โโโ index.md
โ โโโ resources/
โ โโโ data-sources/
โ โโโ guides/
โโโ examples/ # Example configurations
โโโ main.go # Provider entry point
โโโ go.mod
โโโ README.md
# Run all tests
go test -v ./...
# Run with coverage
go test -v -cover ./...
# Run specific test
go test -v -run TestValidateExpressions ./challenges- Add challenge definition to
challenges/validator.go:
"my_challenge": {
ID: "my_challenge",
Name: "My Challenge",
Description: "Learn something cool",
Points: 300,
Flag: "flag{my_fl4g}",
Difficulty: "intermediate",
Category: "my-category",
Validator: validateMyChallenge,
},- Implement the validator function:
func validateMyChallenge(input map[string]interface{}) (bool, string, error) {
correctFlag := "flag{my_fl4g}"
// Your validation logic here
if /* challenge solved */ {
return true, correctFlag, nil
}
return false, "", fmt.Errorf("challenge not solved")
}-
Add hints to
GetHint()function -
Update documentation
-
Add example to
examples/
Use the included examples to test functionality:
cd examples/challenge1_basics
terraform init
terraform apply
cd ../challenge2_expressions
terraform init
terraform apply-
Use
terraform console- Test expressions interactively$ terraform console > sha256("test") > base64encode(sha256("test"))
-
Request hints strategically - They cost 10-30 points but can save time
-
Read error messages - They often contain helpful debugging info
-
Start with beginner challenges - Build foundational knowledge
-
Track your flags - Keep a
flags.txtfile with your capturesecho "terraform_basics: $(terraform output -raw flag)" >> flags.txt
-
Use version control - Commit your progress
git add -A git commit -m "Solved Expression Expert - 350 points!"
By completing all challenges, you'll master:
- โ
Resource dependencies and ordering (
depends_on) - โ Terraform state management
- โ Data sources and filtering
- โ
The
for_eachmeta-argument - โ Dynamic block generation
- โ Terraform expressions and functions
- โ Module creation and composition
- โ Cryptographic functions (sha256, md5, base64encode)
- โ String manipulation and templating
- โ Best practices and patterns
- Total Points Available: 2,250
- Hint Penalties: 10-30 points per hint
- Bonus Puzzles: Extra flags available!
Track your score:
locals {
completed = {
terraform_basics = 100
state_secrets = 200
expression_expert = 350
# ... add as you complete
}
hints_used = {
expression_expert_l0 = 10
# ... track hint costs
}
total_earned = sum(values(local.completed))
total_hints = sum(values(local.hints_used))
net_score = local.total_earned - local.total_hints
}
output "scoreboard" {
value = {
points_earned = local.total_earned
hints_used = local.total_hints
net_score = local.net_score
completion_pct = "${(local.total_earned / 2250) * 100}%"
}
}Contributions are welcome! Here's how you can help:
- ๐ Report bugs or issues
- ๐ก Suggest new challenges
- ๐ Improve documentation
- โจ Add features
- ๐ฏ Create additional puzzles
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-challenge) - Make your changes
- Add tests if applicable
- Update documentation
- Commit your changes (
git commit -m 'Add amazing challenge') - Push to the branch (
git push origin feature/amazing-challenge) - Open a Pull Request
- Be respectful and inclusive
- Provide constructive feedback
- Help others learn
- Keep it fun and educational!
This project is licensed under the MIT License - see the LICENSE file for details.
- HashiCorp for Terraform and the excellent provider SDK
- The CTF community for inspiration
- All contributors and players!
- ๐ Documentation
- ๐ Issue Tracker
- ๐ฌ Discussions
Completed all challenges? Submit a PR adding yourself to the Hall of Fame!
| Player | Score | Date | Notes |
|--------|-------|------|-------|
| @yourname | 2,250 | 2025-01-15 | Perfect score! |Future ideas:
- More challenges (cloud-specific scenarios)
- Leaderboard API integration
- Team mode
- Timed challenges
- Achievement badges
- Multi-language support
- Video walkthroughs
# Start your CTF journey now!
mkdir terraform-ctf-journey
cd terraform-ctf-journey
terraform init
# ... and let the flag hunting begin! ๐ดโโ ๏ธMade with โค๏ธ for the Terraform community
"The best way to learn is by doing. The most fun way to do is by playing."
๐ฏ Happy Flag Hunting! ๐ดโโ ๏ธ