Exam 3 Review Flashcards
Which Terraform command will force a resource to be destroyed and recreated even if there are no configuration changes that would require it?
terraform apply -replace=<address>
Which 4 Terraform features are available in the Enterprise and Terraform Cloud for Business editions?
SAML/SSO,
Audit Logging,
Private Network Connectivity,
Private Module Registry is available in every version of Terraform except for Open-Source.
In Terraform Enterprise, a workspace can be mapped to how many VCS repos?
A workspace can only be configured to a single VCS repo, however, multiple workspaces can use the same repo, if needed.
Define Sentinel
Sentinel is an embedded policy-as-code framework integrated with the HashiCorp Enterprise products.
What is the best and easiest way for Terraform to read and write secrets from HashiCorp Vault?
The Vault provider allows Terraform to read from, write to, and configure Hashicorp Vault.
When configuring a remote backend in Terraform, it might be a good idea to purposely omit some of the required arguments to ensure secrets and other relevant data are not inadvertently shared with others. What are the ways the remaining configuration can be added to Terraform so it can initialize and communicate with the backend?
Interactively: Terraform will interactively ask you for the required values unless interactive input is disabled. Terraform will not prompt for optional values.
File: A configuration file may be specified via the init command line. To specify a file, use the -backend-config=PATH option when running terraform init.
Command-line key/value pairs: can be specified via the init command line.
Note that many shells retain command-line flags in a history file, so this isn’t recommended for secrets. To specify a single key/value pair, use the -backend-config="KEY=VALUE" option when running terraform init.
Why should Provisioners only be used as a last resort?
provisioners can make your Terraform code less predictable and harder to manage. When you use provisioners, you introduce external dependencies and additional complexity into your infrastructure configuration.
What are four features of Terraform state?
- Mapping configuration to real-world resources
- Terraform must also track metadata such as resource dependencies.
- Determine order to destroy resources
- Increased performance
In the terraform block, which configuration would be used to identify the specific version of a provider required?
required providers
You want to use terraform import to start managing infrastructure that was not originally provisioned through infrastructure as code. Before you can import the resource’s current state, what must you do to prepare to manage these resources using Terraform?
Before running terraform import, it is necessary to manually write a resource configuration block for the resource to which the imported object will be mapped.
Which connection types are supported by the remote-exec provisioner?
SSH (Secure Shell) over TCP (Transmission Control Protocol)
WinRM (Windows Remote Management) over HTTP (Hypertext Transfer Protocol) or HTTPS (HTTP Secure)3
When using Terraform with Git, it is recommended to ignore certain files in order to avoid committing sensitive or unnecessary information to your repository. The specific files that should be ignored may vary depending on your project and configuration, but as a general rule, you should ignore the following files: (3)34
terraform.tfstate and terraform.tfstate.backup: These files contain the current state of your infrastructure, and should not be committed to the repository.
.tfvars files These files may contain sensitive information, such as passwords or API keys, and should be kept out of version control. Instead, you can use environment variables or other secure methods to pass this information to Terraform.
.tfplan files: These files contain the plan generated by Terraform when applying changes to your infrastructure, and may include sensitive information
