Associate Exam Flashcards
Prepare with these: https://medium.com/@faisalkuzhan/day-55-90-terraform-interview-questions-e8ff859220d5
Is locking happening automatically?
YES
What is “terraform taint” command?
Informs Terraform that a particular object has become degraded or damaged. Terraform represents this by marking the object as “tainted” in the Terraform state, in which case Terraform will propose to replace it in the next plan you create.
Command to create new workspace
terraform workspace new NAME
Flag used to identify the specific version of a provider required.
required_providers
In which config block Terraform-specific setting are declared?
terraform
terraform {
required_providers {
aws = {
version = “>= 2.7.0”
source = “hashicorp/aws”
}
}
}
Which command allow to retrieve a list of resources that are part of the state file?
terraform state list
Where local state is stored for a workspaces?
directory called terrraform.tfstate.d
Can Terraform backed be migrated without de-provisioning the resources?
YES
Where is the workspaces local state stored?
Directory terraform.tfstate.d
What kind of resource dependany is stored in terraform.tfstate file?
Both implicit and explicit
The most verbose logging level
trace
How to hide the output value in CLI?
use “sensitive” parameter
Which command will upgrade the provider to the latest acceptable one?
terraform init -upgrade
Can you publish your own modules in Terraform Registry?
YES
Connection types supported by remote-exec?
- ssh
- winrm
What’s the purpose of remote-exec?
Invokes a script on a remote resource after it is created
Features exclusive to Terraform Enterpise
- Audit logs
- Clustering
- SAML/SSO
What are limitations of SENSITIVE parameter?
The values are stored in the Terraform state and available using the terraform output command, so cannot be relied on as a sole means of protecting values.
Two Terraform versions
- open source
- enterprise
What is terraform import?
This allows to take resource created by some other means and bring it under Terraform mangement.
The purpose of “terraform validate” command.
Validates the configuration files in a directory, referrring only to the configuration and not accessing any remote services such as remote state, provider API, etc.
What is a downside to using the Vault provider to read secrets from Vault?
Any secrets that you read and write to be persisted in both Terraform’s state file and in any generated plan files. For any Terraform module that reads or writes Vault secrets, these files should be treated as sensitive and protected accordingly.
When writing terraform code, HashiCorp recommends that you use how many spaces between each nesting level
2
After executing a terraform apply. you notice that a resoruce has a tilde (~) next to it. What does this infer?
The resource will be updated in place