Terraform Associate Exam

Question 1

What is the typical name of the configuration file in Terraform?

Answer 1

main.tf

Question 2

What is the command to plan out your Terraform changes?

Answer 2

terraform plan

Question 3

What is the command to apply your Terraform changes?

Answer 3

terraform apply

Question 4

What is the command to initialize your Terraform directory?

Answer 4

terraform init

Question 5

What is the command to destroy your Terraform resources?

Answer 5

terraform destroy

Question 6

What is the command to check the syntax and validity of your Terraform configuration files before applying changes with them?

Answer 6

terraform validate

Question 7

What is the command used to download modules referenced in your Terraform config files?

Answer 7

terraform get

Question 8

What is the command used to show the current state of your infrastructure?

Answer 8

terraform show

Question 9

What is the command used to show the current version of Terraform?

Answer 9

terraform version

Question 10

What file describes the values you want to be displayed after Terraform changes are applied?

Answer 10

outputs.tf

Question 11

What are lifecycle rules used for in Terraform?

Answer 11

Lifecycle rules in Terraform are used to define when and how resources should be created, updated, or deleted during the execution of Terraform operations. Ex - you can set the ‘prevent_destroy’ attribute to prevent a resource from being destroyed.

Question 12

List the 7 common types of Terraform variables:

Answer 12

String, Number, Boolean, List, Map, Object, Tuple

Question 13

What is the ‘data’ codeblock used for in Terraform?

Answer 13

used to retrieve and access information from data sources, external systems, or remote resources that are not directly managed by Terraform

Ex - Getting the latest AMI ID from AWS for an Ubuntu system image

Question 14

What is the default behavior if a variable is not defined when ‘terraform’ commands are run?

Answer 14

The user running the terraform command will be asked to input a value for the variable.

Question 15

What are dynamic blocks used for in Terraform?

Answer 15

used for generating multiple blocks of configuration with the same structure but different values

Question 16

What is a tuple in Terraform?

Answer 16

Tuples are lists that can support multiple data types.

Ex - variable “my_tuple” {
type = tuple
default = [“apple”, 42, true]
}
^ notice the different data types all in the same variable

Question 17

What is a map in Terraform?

Answer 17

a data structure used to store a collection of key-value pairs where each key is unique within the map

Ex - variable “my_map” {
type = map(string)
default = {
key1 = “value1”
key2 = “value2”
}

Question 18

T/F: A Terraform local value can reference other Terraform local values?

Answer 18

True

Question 19

Which value provides the most verbose logging to assist with troubleshooting?

Answer 19

TRACE

Question 20

List the order of variable assignment in TF (there are 4)

Answer 20

1. -var flag through the CLI.
2. terraform.tfvars file (this resides near the state file)
3. Variables set as environment variables, such as TF_VAR_<variable_name>.</variable_name>
4. Default variables declared within the config (variables.tf)

Question 21

What is HashiCorp Sentinel?

Answer 21

a policy as code framework used for defining and enforcing compliance and security policies across infrastructure provisioning and deployment workflows.

Question 22

What Terraform feature is most applicable for managing small differences between different environments, for example development and production?

Answer 22

Terraform Workspaces

Question 23

Where are Terraform Workspace local state files stored?

Answer 23

A directory called terraform.tfstate.d

Question 24

What command creates a new workspace for Terraform?

Answer 24

Terraform workspace new (workspace name)

Question 25

What is an object in Terraform?

Answer 25

an object structural type is used to define a structured data type with named attributes, each having its own data type

Ex - variable “person” {
type = object({
name = string
age = number
enabled = bool
})

default = {
name = “John Doe”
age = 30
enabled = true
}

Question 26

What are the types of dependencies used in Terraform? There are 2.

Answer 26

Implicit dependencies & Explicit Dependencies

Question 27

Describe an implicit dependency.

Answer 27

Dependencies that do not call explicitly to a specific resource name like an explicit dependency. Rather, Terraform is smart enough to understand how resources interact with each other and should be created. For example, Terraform will know to create an EC2 instance with the name specified before attaching an elastic IP.

Question 28

Describe an explicit dependency.

Answer 28

Uses the “depends_on” command to name a specific resource before creating

Question 29

What does the ‘depends_on’ command do?

Answer 29

You can specify order creation by adding this to the end of your resource code block. You can specify another resource to specify that you need another resource to be created before this one

Ex - resource “aws_security_group” “example” {
name = “example”
description = “Example security group”

# This resource depends on the “aws_instance” resource named “example”
depends_on = [aws_instance.example]

Question 30

What is the exact name of the Terraform state file?

Answer 30

terraform.tfstate

Question 31

What command lets you interact with the current state of your infrastructure?

Answer 31

terraform state

Question 32

What command lets you manage a resource created outside of Terraform deployment?

Answer 32

terraform import

Question 33

How can you troubleshoot Terraform using log files?

Answer 33

The TF_LOG file can be used to troubleshoot Terraform issues.

Question 34

What is Terraform Cloud?

Answer 34

Terraform Cloud allows you to run Terraform code directly in the cloud, and it can provision and manage resources on your behalf without the need for your local machine to execute the Terraform commands.

Question 35

Does Terraform manage state file locking automatically?

Answer 35

Yes - and if the state file fails to lock, Terraform will not perform the apply.

Question 36

Name 3 Terraform backend type that support state locking.

Answer 36

consul, kubernetes, s3

Question 37

If you wish to rename a resource in your Terraform configuration but don’t want Terraform to deploy this resource as new, what command can you run to ‘rename’ it in the state file?

Answer 37

terraform state mv (original name) (new name)

Question 38

What is a manual command you can run to install new modules to Terraform?

Answer 38

terraform get

Question 39

By default, when running terraform plan, what files are scanned?

Answer 39

All *.tf files in the current directory

Question 40

T/F: ​​terraform apply -destroy does the same thing as terraform destroy

Answer 40

True

Question 41

What command formats your Terraform code using HashiCorp standards?

Answer 41

terraform fmt

Question 42

What command can you run to properly format all ‘.tf’ files in your working directory?

Answer 42

terraform fmt -recursive

Question 43

How would you get the JSON output of the ‘terraform validate’ command?

Answer 43

Using the -json flag.

Ex - terraform validate -json

Question 44

Does ‘terraform validate’ interact with the provider API at all?

Answer 44

No - it validates your configuration files for any possible errors before applying changes.

Question 45

What is the file name where values for variables are stored in the backend of TF?

Answer 45

Terraform.tfvars

Question 46

What 3 things must be provided with the terraform import command for Terraform to successfully import resources?

Answer 46

Resource ID, resource type, and the resource name from the cloud provider

Question 47

What must you do before using ‘terraform import’ to import a cloud resource?

Answer 47

You must create the resource codeblock in main.tf before importing the resource.

Ex. Create an ec2 resource in main.tf before importing the unmanaged EC2 instance.

Question 48

What command will list all resources managed by Terraform?

Answer 48

terraform state list

Question 49

What command replaced ‘taint’ in the newest version of Terraform?

Answer 49

terraform apply -replace=”aws_instance.example”

Question 50

What is not changed when running a ‘terraform apply -refresh-only’?

Answer 50

Main.tf / The refresh command uses the provider’s API to check the current state of resources and reflect them in the state file

Question 51

What does a ‘terraform apply -refresh-only’ command do?

Answer 51

Compares the state file with the real infrastructure from the cloud provider, then updates the state file to reflect what is running in the cloud provider.

Question 52

Which flag would you add to terraform plan to save the execution plan to a file?

Answer 52

-out (file name)

Ex- terraform plan -out=example.tfplan

Question 53

Which flag would you use alongside ‘terraform plan’ & ‘terraform apply’ to make changes to only a specific resource?

Answer 53

‘-target’ allows you to specify a specific resource or resource instance to include in the execution plan, focusing only on changes related to that target.

Ex- terraform plan -target=aws_instance.my-instance

Question 54

Terraform performs concurrent operations to save time. By default, how many resources will Terraform provision concurrently during a terraform apply?

Answer 54

10

Question 55

How can you change the number of concurrent operations?

Answer 55

You can change it using the -parallelism=# flag to your ‘terraform apply’ command.

Ex - terraform apply -parallelism=2

Question 56

What Terraform command can be used to remove the lock on the state for the current configuration?

Answer 56

terraform force-unlock

Question 57

T/F: Github is a supported backend type of Terraform.

Answer 57

False

Question 58

To secure keys and other sensitive information, rather than storing them as plain text, where should you store the values?

Answer 58

A credentials file or in environment variables.

Question 59

What is a terraform provisioner?

Answer 59

a provisioner is a component that is used to execute scripts or commands on a resource after it has been created or updated. Provisioners are typically used for tasks such as configuring or customizing a resource once it’s provisioned.

Ex - like “user data” on an EC2 instance

Question 60

T/F: It is recommended to use provisioners when creating resources.

Answer 60

False. It is generally not recommended to use provisioners for creating resources in Terraform. Provisioners are primarily used for post-resource creation tasks, such as configuring or initializing resources after they have been created.

Question 61

Which provisioner copies files or directories from the machine running Terraform to the newly created resource?

Answer 61

The ‘file’ provisioner

Question 62

What is the syntax to correctly reference a data source?

Answer 62

data.<DATA>.<NAME></NAME></DATA>

Question 63

How do you update Terraform plugins?

Answer 63

terraform init –upgrade

Question 64

How do you update Terraform modules?

Answer 64

terraform get -update

Question 65

What are the three steps of the Core Terraform Workflow?

Answer 65

Write, plan, apply

Question 66

What are the three Terraform Cloud features?

Answer 66

Remote state management, Remote Terraform Execution, Private Module Registry

Question 67

How would you delete a resource from your state file?

Answer 67

terraform state rm “resource name”

Question 68

T/F: Any command that modifies the state file triggers an automatic backup of the current state file before changes are made.

Answer 68

True

Question 69

What is the file name of the automatic backup that Terraform performs of the state file?

Answer 69

terraform.tfstate.backup