Terraform Associate Exam Flashcards
What is the typical name of the configuration file in Terraform?
main.tf
What is the command to plan out your Terraform changes?
terraform plan
What is the command to apply your Terraform changes?
terraform apply
What is the command to initialize your Terraform directory?
terraform init
What is the command to destroy your Terraform resources?
terraform destroy
What is the command to check the syntax and validity of your Terraform configuration files before applying changes with them?
terraform validate
What is the command used to download modules referenced in your Terraform config files?
terraform get
What is the command used to show the current state of your infrastructure?
terraform show
What is the command used to show the current version of Terraform?
terraform version
What file describes the values you want to be displayed after Terraform changes are applied?
outputs.tf
What are lifecycle rules used for in Terraform?
Lifecycle rules in Terraform are used to define when and how resources should be created, updated, or deleted during the execution of Terraform operations. Ex - you can set the ‘prevent_destroy’ attribute to prevent a resource from being destroyed.
List the 7 common types of Terraform variables:
String, Number, Boolean, List, Map, Object, Tuple
What is the ‘data’ codeblock used for in Terraform?
used to retrieve and access information from data sources, external systems, or remote resources that are not directly managed by Terraform
Ex - Getting the latest AMI ID from AWS for an Ubuntu system image
What is the default behavior if a variable is not defined when ‘terraform’ commands are run?
The user running the terraform command will be asked to input a value for the variable.
What are dynamic blocks used for in Terraform?
used for generating multiple blocks of configuration with the same structure but different values
What is a tuple in Terraform?
Tuples are lists that can support multiple data types.
Ex - variable “my_tuple” {
type = tuple
default = [“apple”, 42, true]
}
^ notice the different data types all in the same variable
What is a map in Terraform?
a data structure used to store a collection of key-value pairs where each key is unique within the map
Ex - variable “my_map” {
type = map(string)
default = {
key1 = “value1”
key2 = “value2”
}
T/F: A Terraform local value can reference other Terraform local values?
True
Which value provides the most verbose logging to assist with troubleshooting?
TRACE
List the order of variable assignment in TF (there are 4)
- -var flag through the CLI.
- terraform.tfvars file (this resides near the state file)
- Variables set as environment variables, such as TF_VAR_<variable_name>.</variable_name>
- Default variables declared within the config (variables.tf)
What is HashiCorp Sentinel?
a policy as code framework used for defining and enforcing compliance and security policies across infrastructure provisioning and deployment workflows.
What Terraform feature is most applicable for managing small differences between different environments, for example development and production?
Terraform Workspaces
Where are Terraform Workspace local state files stored?
A directory called terraform.tfstate.d
What command creates a new workspace for Terraform?
Terraform workspace new (workspace name)
What is an object in Terraform?
an object structural type is used to define a structured data type with named attributes, each having its own data type
Ex - variable “person” {
type = object({
name = string
age = number
enabled = bool
})
default = {
name = “John Doe”
age = 30
enabled = true
}
What are the types of dependencies used in Terraform? There are 2.
Implicit dependencies & Explicit Dependencies
Describe an implicit dependency.
Dependencies that do not call explicitly to a specific resource name like an explicit dependency. Rather, Terraform is smart enough to understand how resources interact with each other and should be created. For example, Terraform will know to create an EC2 instance with the name specified before attaching an elastic IP.
Describe an explicit dependency.
Uses the “depends_on” command to name a specific resource before creating
What does the ‘depends_on’ command do?
You can specify order creation by adding this to the end of your resource code block. You can specify another resource to specify that you need another resource to be created before this one
Ex - resource “aws_security_group” “example” {
name = “example”
description = “Example security group”
# This resource depends on the “aws_instance” resource named “example”
depends_on = [aws_instance.example]
What is the exact name of the Terraform state file?
terraform.tfstate
What command lets you interact with the current state of your infrastructure?
terraform state
What command lets you manage a resource created outside of Terraform deployment?
terraform import
How can you troubleshoot Terraform using log files?
The TF_LOG file can be used to troubleshoot Terraform issues.
What is Terraform Cloud?
Terraform Cloud allows you to run Terraform code directly in the cloud, and it can provision and manage resources on your behalf without the need for your local machine to execute the Terraform commands.
Does Terraform manage state file locking automatically?
Yes - and if the state file fails to lock, Terraform will not perform the apply.
Name 3 Terraform backend type that support state locking.
consul, kubernetes, s3
If you wish to rename a resource in your Terraform configuration but don’t want Terraform to deploy this resource as new, what command can you run to ‘rename’ it in the state file?
terraform state mv (original name) (new name)
What is a manual command you can run to install new modules to Terraform?
terraform get
By default, when running terraform plan, what files are scanned?
All *.tf files in the current directory
T/F: terraform apply -destroy does the same thing as terraform destroy
True
What command formats your Terraform code using HashiCorp standards?
terraform fmt
What command can you run to properly format all ‘.tf’ files in your working directory?
terraform fmt -recursive
How would you get the JSON output of the ‘terraform validate’ command?
Using the -json flag.
Ex - terraform validate -json
Does ‘terraform validate’ interact with the provider API at all?
No - it validates your configuration files for any possible errors before applying changes.
What is the file name where values for variables are stored in the backend of TF?
Terraform.tfvars
What 3 things must be provided with the terraform import command for Terraform to successfully import resources?
Resource ID, resource type, and the resource name from the cloud provider
What must you do before using ‘terraform import’ to import a cloud resource?
You must create the resource codeblock in main.tf before importing the resource.
Ex. Create an ec2 resource in main.tf before importing the unmanaged EC2 instance.
What command will list all resources managed by Terraform?
terraform state list
What command replaced ‘taint’ in the newest version of Terraform?
terraform apply -replace=”aws_instance.example”
What is not changed when running a ‘terraform apply -refresh-only’?
Main.tf / The refresh command uses the provider’s API to check the current state of resources and reflect them in the state file
What does a ‘terraform apply -refresh-only’ command do?
Compares the state file with the real infrastructure from the cloud provider, then updates the state file to reflect what is running in the cloud provider.
Which flag would you add to terraform plan to save the execution plan to a file?
-out (file name)
Ex- terraform plan -out=example.tfplan
Which flag would you use alongside ‘terraform plan’ & ‘terraform apply’ to make changes to only a specific resource?
‘-target’ allows you to specify a specific resource or resource instance to include in the execution plan, focusing only on changes related to that target.
Ex- terraform plan -target=aws_instance.my-instance
Terraform performs concurrent operations to save time. By default, how many resources will Terraform provision concurrently during a terraform apply?
10
How can you change the number of concurrent operations?
You can change it using the -parallelism=# flag to your ‘terraform apply’ command.
Ex - terraform apply -parallelism=2
What Terraform command can be used to remove the lock on the state for the current configuration?
terraform force-unlock
T/F: Github is a supported backend type of Terraform.
False
To secure keys and other sensitive information, rather than storing them as plain text, where should you store the values?
A credentials file or in environment variables.
What is a terraform provisioner?
a provisioner is a component that is used to execute scripts or commands on a resource after it has been created or updated. Provisioners are typically used for tasks such as configuring or customizing a resource once it’s provisioned.
Ex - like “user data” on an EC2 instance
T/F: It is recommended to use provisioners when creating resources.
False. It is generally not recommended to use provisioners for creating resources in Terraform. Provisioners are primarily used for post-resource creation tasks, such as configuring or initializing resources after they have been created.
Which provisioner copies files or directories from the machine running Terraform to the newly created resource?
The ‘file’ provisioner
What is the syntax to correctly reference a data source?
data.<DATA>.<NAME></NAME></DATA>
How do you update Terraform plugins?
terraform init –upgrade
How do you update Terraform modules?
terraform get -update
What are the three steps of the Core Terraform Workflow?
Write, plan, apply
What are the three Terraform Cloud features?
Remote state management, Remote Terraform Execution, Private Module Registry
How would you delete a resource from your state file?
terraform state rm “resource name”
T/F: Any command that modifies the state file triggers an automatic backup of the current state file before changes are made.
True
What is the file name of the automatic backup that Terraform performs of the state file?
terraform.tfstate.backup
