Hashicorp Terraform Cert Flashcards
What is IaC?
Infrastructure as Code
- writing what you want to deploy as human readable code
What are the benefits of IaC?
- Enabling DevOps
- Declaring your Infrastructure
- Speed, Cost, Reduced Risk
What is the Terraform Workflow?
- Write
- Plan
- Apply
What does “terraform plan” do?
- reads code and creates and shows a “plan of execution/deployment”
- does not actually deploy anything
- allows the user to “review” the action plan before executing anything
- Authentication Credentials are used to connect to your infrastructure if required
At what stage of the terraform workflow are Authentication Credentials used to connect to your infrastructure if required?
Terraform Plan
What does “terraform apply” do?
- Deploys the instructions and statements in the code
- Updates the State File
What does “terraform destroy” do?
- Looks at the recorded/stored State File created during deployment and destroys all resources created by your code
True of False: “terraform destroy” is non-reversible
True
What does “terraform init” do?
-Initializes the working directory that contains your Terraform code
– downloads the ancillary/supporting components (providers, modules, plug ins)
– sets up the backend for storing the terraform state file
What is a Resource Address?
- a way to access a resources in terraform code
What pattern does a Resource Address for the following look like?
resource “aws_instance” “web” {
ami = “ami-a1b2c3d4”
instance_type = “t2.micro”
aws_instance.web
What pattern does a Resource Address for the following look like?
data “aws_instance” “my-vm” {
instance_id = “i-1234567890abcdef0”
}
data.aws_instance.my-vm
What is the main difference between a data block and a resource block?
- Data blocks fetch and track details of already existing resources
- Resource block create resources from scratch
What file extension does terrafrom look for to execute terraform code?
.tf
Where does Terraform first look for providers?
In the Terraform Providers Registry
True or False: Providers can not be sourced locally and internally and referenced in your code
False
What are the two methods for installing Terraform?
Method 1: Download, Unzip, and Use
Method 2: Set up a Terraform Repository on Linux
What are Providers?
Providers are Terraform’s way of abstracting integrations with API control layer of the infrastructure vendors
(i.e. Terraform abstracts away all the API calls it makes under the hood using Providers)
basically like plug ins
- Each provider is a precompiled chunk of code which defines resources for Terraform to interact with the respective vendor
True or False: Providers are released on a separate rhythm from Terraform itself
True
Select which one is False:
A - Each Provider has their own series of version numbers
B - You can only use providers from the Terraform Provider’s registry
C - It is a Best Practice to Fix the version of the providers in your code
D - Providers updates and releases are seperate from Terraform’s
B
You can create your own custom providers!
where are providers stored?
in the hidden .terraform file
revelaed by ls -a
What is the purpose of provisioners?
Provisioners give users a way to execute custom scripts, commands, or actions
What are the 2 types of provisioners
Creation-time
Destruction-time
How can Terraform provisioners be run?
locally on the same system
or
remotely on resources spun up through the Terraform deployment
True or False: Provisioners should be used as a last resort
true.
It is recommended to use inherent mechanisms within your infrastructure deployment to carry out custom tasks when possible
Fill in the blank:
“If the command within a provisioner returns a value other than _ , it’s considered failed and the underlying resource is tainted”
0
What happens when a provisioner’s underlying resource is tainted?
Terraform marks the resource against which the provisioner was to be run so it can be created again on the next run
By Default provisioners are:
A. Creation TIme
B. Destruction time
A Creation Time
What is the difference between a Creation Time and Destruction time provisioner in code?
destruction - time provisioners can be determined because they have the “when” condition
True or False: You can use multiple provisioners in the same resource
True
What order are provisioners run in?
The order they are listed
What is the de fault name of the Terraform State FIle?
a. terraform.statetf
b. terraform.tfstate
c. state.tf
d. state.terraform
b. terraform.tfstate
how do you reference the following terraform variable:
variable “my-var” {
description = “My Test Variable”
type = string
default = “Hello”
}
var.my-var
Where is the best practice to store terraform variables?
a. in the main code files
b. in vars.tf
c. in terraform.vars
d. in terraform.tfvars
d. in terraform.tfvars
what parameter helps to hide sensitive info durinf runs?
a. secret
b. safe
c. sensitive
d. redacted
c. sensitive
What are the Base type variables in Terraform?
- string
- number
- boolean
What are the Complex variable types in Terraform
- list
- set
- map
- object
- tuple
When are Output Variables shown
Output variables values are shown on the shell after running terraform apply
What is the purpose of terraform state?
It maps real world resources to Terraform configuration
By Default, where is the terraform state file called?
terraform.tfstate
Terraform refreshes the state:
a. before each opening of the state file
b. after a terraform plan
c. prior to any modification operation
C. prior to any modification operation
True or False: Resource dependency metadata is also tracked via the state file
True
True or false: the terraform state file does not effect deployment performance
False:
Terraform state helps boost deployment performance by caching resource attributes for subsequent use
What is the purpose of the Terraform state command?
The terraform state command is a utility for manipulating and reading the terraform state file
True or False: Under most circumstances, one does not need to modify the Terraform State File
True
What are three scenarios where it is appropriate to use Terraform state commands?
- Advanced State Management
- Manually removing a resource from the Terraform State file so it is not managed by terraform
- Listing out tracked resources and their details
What terraform command lists out all resources tracked by the terraform state file?
terraform state list
What command deletes a resource from the terraform state file?
terraform state rm <resource></resource>
What command shows the details of a resource tracked in the terraform state file?
terraform state show
What is the Default behavior for Terraform state storage?
to save / store terraform state locally on your system
What does State Locking do?
locks state file so parallel executions don’t coincide
State locking is initiated as a default after terraform apply for ___ storage
Local
True or False: State locking is a default behavior for remote state storage
False
State locking is not supported by all remote state storage backends
What is a Terraform Module?
A Terraform Module is a container for multiple resources that are used together
What is the main purpose of a Terraform Module?
To make the terraform code reusable so it can be used elsewhere again and again
True or false: every Terraform configuration has at least one module.
True
It is called the Root Module and consists of code files in your main working directory
What are 3 places Terraform modules can be downloaded or referenced from?
- Terraform Public Registry
- A Private Registry
- Your Local System
True or False: It is a best practice to not list a specific terraform version on terraform modules
False
It is a best practice to require a specific version for the module to ensure that there aren’t breaking changes when updating the modules
What Terraform Module Parameter denotes where the module is being references from?
source
What terraform module parameter allows for spawning multiple separate instances of modules resources?
count
What terraform module parameter allows iterating over complex variables?
for_each
What terraform module parameter allows one to tie down specific providers to a module?
providers
What Terraform module parameter allows you to set dependencies for the module?
depends_on
How do you reference a variable inside a module?
a. var.module.<var>
b. var.<var>
c. module.var.<var></var></var></var>
B. var.<var></var>
How do you reference a module variable in main code?
a. var.<var>
b. var.module.<var>
c. module.<module>.<var>
d. module.var.<modulename>.<var></var></modulename></var></module></var></var>
C. module.<module>.<var></var></module>
True or False: User-defined functions are are extremely useful in making terraform code dynamic and flexible
FALSE
Terraform does not allow for User-defined functions, however this does apply to Built-In functions!
What is the output of join?
variable “project-name” {
type = string
default = “prod”
}
resource “aws_vpc” “my-vpc” {
cidr_block = “10.0.0.0/16”
tags = {
Name = join(“-”, [“terraform”, var.project-name])
}
}
terraform-prod
What does the file function do?
helps insert files into resources
What does the max function do?
determines the max integer value from a provided list
what does the flatten function do?
Creates a singular list out of a provided set of lists
what does the contains function do?
searches for whatever you’ve passed in a list of elements you pass in
What are Dynamic Blocks?
Dynamic Blocks are constructed repeatable nested configuration blocks inside terraform resources
What can Dynamic blocks be used with?
Resource, Data, Provider, and Provisioner
Why should you use Dynamic Blocks?
They make your code look cleaner
Why should you be careful when it comes to Dynamic Blocks?
If you overuse them they can make your code hard to read and maintain
How do you configure dynamic blocks?
They expect a complex variable type to iterate over
They act like for loops and output a nested block for each element in your variable
What is the Best Practice for Dynamic Blocks?
Only use Dynamic B locks when you need to hide detail in order to build a clearer user interface when writing reusable modules
What does terraform fmt
do?
Formats code for readability
Helps in keeping code consistent
What command should you use:
- Before pushing your code to version control (github, etc.)
- After upgrading your Terraform or tis modules
- Any time you’ve made changes to your code
terraform fmt
What does terraform taint RESOURCE_ADDRESS
do?
Marks an existing resource, forcing it to be destroyed and recreated
Modifies the state file which causes the recreation workflow