Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
Terraform Associate Exam questions with correct answers
Typology: Exams
1 / 58
Which of the following commands will launch the Interactive console for Terraform interpolations? CORRECT ANSWER terraform console When using providers that require the retrieval of data, such as the HashiCorp Vault provider, in what phase does Terraform actually retrieve the data required? CORRECT ANSWER terraform init resource "aws_s3_bucket" "example" { bucket = "my-test-s3-terraform-bucket" ... } resource "aws_iam_role" "test_role" { name = "test_role" ... } Due to the way that the application code is written , the s3 bucket must be created before the test role is created , otherwise there will be a problem. How can you ensure that? CORRECT ANSWER Add explicit dependency using depends_on. This will ensure the correct order of resource creation. Which of the below backends support state locking? CORRECT ANSWER - S
variable "my_var" { type = string } CORRECT ANSWER - 15
Terraform providers are always installed from the Internet? CORRECT ANSWER False Terraform provisioners can be added to any resource block? CORRECT ANSWER True Complete the following sentence:For local state, the workspaces are stored directly in a ___________. CORRECT ANSWER directory called terraform.tfstate.d What is the name assigned by Terraform to reference this resource? resource "azurerm_resource_group" "dev" { name = "test" location = "westus" } CORRECT ANSWER test A variable az has the following default value. What will be the datatype of the variable? az=["us-west-1a","us-east-1a"] CORRECT ANSWER List Your developers are facing a lot of problem while writing complex expressions involving difficult interpolations. They have to run the terraform plan every time and check whether there are errors , and also check terraform apply to print the value as a temporary output for debugging purposes. What should be done to avoid this? CORRECT ANSWER Use terraform console command to have an interactive UI with full access to the underlying terraform state to run your interpolations , and debug at real-time.
Provisioners should only be used as a last resort. CORRECT ANSWER True The terraform.tfstate file always matches your currently built infrastructure. CORRECT ANSWER False You have provisioned some aws resources in your test environment through Terraform for a POC work. After the POC, now you want to destroy the resources but before destroying them you want to check what resources will be getting destroyed through terraform. what are the options of doing that? CORRECT ANSWER - Use terraform plan -destroy command.
As the infrastructure have grown to a very complex and large, he has started experiencing slowness when he run runs terraform plan. What are the options for him to resolve this slowness? CORRECT ANSWER - Use -refresh=false flag as well as the -target flag with terraform plan in order to work around this.
another provider for us-west region. While creating the resources using the tf script , reference the appropriate provider (using the alias). John is writing a module and within the module, there are multiple places where he has to use the same conditional expression but he wants to avoid repeating the same values or expressions multiple times in a configuration,. What is a better approach to dealing with this? CORRECT ANSWER Local Values Terraform provisioner must be nested inside a resource configuration block. CORRECT ANSWER True ABC Enterprise has recently tied up with multiple small organizations for exchanging database information. Due to this, the firewall rules are increasing and
are more than 100 rules. This is leading firewall configuration file that is difficult to manage. What is the way this type of configuration can be managed easily? CORRECT ANSWER Dynamic Blocks What are some of the problems of how infrastructure was traditionally managed before Infrastructure as Code? CORRECT ANSWER - Traditional deployment methods are not able to meet the demands of the modern business where resources tend to live days to weeks, rather than months to years
A user has created three workspaces using the command line - prod, dev, and test. The user wants to create a fourth workspace named stage. Which command will the user execute to accomplish this? CORRECT ANSWER terraform workspace new stage The Terraform language does not support user-defined functions, and so only the functions built in to the language are available for use. CORRECT ANSWER False If you enable TF_LOG = DEBUG, the log will be stored in syslog.log file in the currect directory? CORRECT ANSWER False Ric wants to enable detail logging and he wants highest verbosity of logs. Which of the following environment variable settings is correct option for him to select. CORRECT ANSWER Set TF_LOG = TRACE Your team lead does not trust the junior terraform engineers who now have access to the git repo. So , he wants you to have some sort of a checking layer , whereby , you can ensure that the juniors will not create any non-compliant resources that might lead to a security audit failure in future. What can you do to efficiently enforce this? CORRECT ANSWER Since your team is using Hashicorp Terraform Enterprise Edition , enable Sentinel , and write Policy-As-Code rules that will check for non-compliant resource provisioning , and prevent/report them. Command terraform refresh will update state file? CORRECT ANSWER True After running into issues with Terraform, you need to enable verbose logging to assist with troubleshooting the error. Which of the following values provides the MOST verbose logging? CORRECT ANSWER TRACE
Terraform works well in Windows but a Windows server is required? CORRECT ANSWER False terraform state subcommands such as list are read-only commands, do read-only commands create state backup files? CORRECT ANSWER False Where in your Terraform configuration do you specify a state backend? CORRECT ANSWER The terraform block By default, where does Terraform store its state file? CORRECT ANSWER current working directory A single terraform resource file that defines an aws_instance resource can simply be renamed to vsphere_virtual_machine in order to switch cloud providers. CORRECT ANSWER False Your organization has moved to AWS and has manually deployed infrastructure using the console. Recently, a decision has been made to standardize on Terraform for all deployments moving forward. What can you do to ensure that all existing is managed by Terraform moving forward without interruption to existing services? CORRECT ANSWER Using terraform import, import the existing infrastructure into your Terraform state. Matt wants to import a manually created EC2 instance into terraform so that he can manage the EC2 instance through terraform going forward. He has written the configuration file of the EC2 instance before importing it to Terraform. Following is the code:
resource "aws_instance" "matt_ec2" { ami = "ami-bg2640de" instance_type = "t2.micro" vpc_security_group_ids = ["sg-6ae7d613", "sg-53370035"] key_name = "mysecret" subnet_id ="subnet-9e3cfbc5" } The instance id of that EC2 instance i CORRECT ANSWER terraform import aws_instance.matt_ec2 i-0260835eb7e9bd You run a local-exec provisioner in a null resource called null_resource.run_script and realize that you need to rerun the script. Which of the following commands would you use first? CORRECT ANSWER terraform taint null_resource.run_script Which of the following Terraform files should be ignored by Git when committing code to a repo? CORRECT ANSWER - Files named exactly terraform.tfvars or terraform.tfvars.json.
How would you solve this using infrastructure as code? CORRECT ANSWER Implement a provisioning pipeline that deploys infrastructure configurations committed to your version control system following code reviews Which of the following is the correct way to pass the value in the variable num_servers into a module with the input servers? CORRECT ANSWER servers = num_servers In Terraform Enterprise, a workspace can be mapped to how many VCS repos? CORRECT ANSWER 1 State is a requirement for Terraform to function? CORRECT ANSWER True Valarie has created a database instance in AWS and for ease of use is outputting the value of the database password with the following code. Valarie wants to hide the output value in the CLI after terraform apply that's why she has used sensitive parameter.
What information does the public Terraform Module Registry automatically expose about published modules? CORRECT ANSWER None of the above A "backend" in Terraform determines how state is loaded and how an operation such as apply is executed. Which of the following is not a supported backend type? CORRECT ANSWER Github What is a downside to using the Vault provider to read secrets from Vault? CORRECT ANSWER Secrets are persisted to the state file and plans. What is the provider for this fictitious resource? resource "aws_pvc" "main" { name = "test" } CORRECT ANSWER aws Your manager has instructed you to start using terraform for the entire infra provisioning of the application stack. There are 4 environments - DEV , QA , UAT , and PROD. The application team has asked for complete segregation between these environments including the backend , state , and also configurations ,since there will be unique resources in different environments. What is the possible way to structure the terraform code to facilitate that. CORRECT ANSWER Completely separate the working directories , keep one for each environment. For each working directory , maintain a separate configuration file , variables file , and map to a different backend. Terraform variables and outputs that set the "description" argument will store that description in the state file? CORRECT ANSWER False
Provider dependencies are created in several different ways. Select the valid provider dependencies CORRECT ANSWER - Explicit use of a provider block in configuration, optionally including a version constraint.
Which of the following challenges would Terraform be a candidate for solving? CORRECT ANSWER - Have a single interoperable tool to manage the variety of services including GitHub repositories, MySQL database, and Kubernetes clusters.
When should you use the force-unlock command? CORRECT ANSWER Automatic unlocking failed A user creates three workspaces from the command line - prod, dev, and test. Which of the following commands will the user run to switch to the dev workspace? CORRECT ANSWER terraform workspace select dev Your company has been using Terraform Cloud for a some time now. But every team is creating their own modules , and there is no standardization of the modules , with each team creating the resources in their own unique way. You want to enforce a standardization of the modules across the enterprise. What should be your approach. CORRECT ANSWER Implement a Private module registry in Terraform cloud, and ask teams to reference them. During a terraform plan, a resource is successfully created but eventually fails during provisioning. What happens to the resource? CORRECT ANSWER the resource is marked as tainted Which of the following is considered a Terraform plugin? CORRECT ANSWER Terraform provider Only the user that generated a plan may apply it. CORRECT ANSWER True Which of the following statements best describes the Terraform list(...) type? CORRECT ANSWER a sequence of values identified by consecutive whole numbers starting with zero. What kind of resource dependency is stored in terraform.tfstate file? CORRECT ANSWER Both implicit and explicit dependencies are stored in state file.
In the example below, where is the value of the DNS record's IP address originating from?
Select all features which are exclusive to Terraform Enterprise. CORRECT ANSWER - Audit Logs
True or False? By default, Terraform destroy will prompt for confirmation before proceeding. CORRECT ANSWER True Once a resource is marked as tainted, the next plan will show that the resource will be _________ and___________ and the next apply will implement this change. CORRECT ANSWER destroyed and recreated Refer to the following terraform variable definition variable "track_tag" { type = list default = ["data_ec2","integration_ec2","digital_ec2"] } track_tag = { Name = element(var.track_tag,count.index)} If count.index is set to 2, which of the following values will be assigned to the name attribute of track_tag variable? CORRECT ANSWER digital_ec You want to get involved in the development of Terraform. As this is an open source project, you would like to contribute a fix for an open issue of Terraform. What programming language will need to use to write the fix? CORRECT ANSWER Go What is not processed when running a terraform refresh? CORRECT ANSWER - Credentials
What does terrafom plan do? CORRECT ANSWER Create an execution plan by evaluating the difference between configuration file and state file. Which of the following Terraform commands will automatically refresh the state unless supplied with additional flags or arguments? CORRECT ANSWER - terraform plan
Select the operating systems which are supported for a clustered Terraform Enterprise CORRECT ANSWER -Red Hat
Which two steps are required to provision new infrastructure in the Terraform workflow? CORRECT ANSWER - init
What is the workflow for deploying new infrastructure with Terraform? CORRECT ANSWER terraform plan to import the current infrastructure to the state file, make code changes, and terraform apply to update the infrastructure When writing Terraform code, HashiCorp recommends that you use how many spaces between each nesting level? CORRECT ANSWER 2 In terraform, most resource dependencies are handled automatically. Which of the following statements describes best how terraform resource dependencies are handled? CORRECT ANSWER Terraform analyses any expressions within a resource block to find references to other objects, and treats those references as implicit ordering requirements when creating, updating, or destroying resources. Which option can not be used to keep secrets out of Terraform configuration files? CORRECT ANSWER A -var flag In regards to Terraform state file, select all the statements below which are correct? CORRECT ANSWER - Terraform Cloud always encrypts state at rest.
Which of the following allows Terraform users to apply policy as code to enforce standardized configurations for resources being deployed via infrastructure as code? CORRECT ANSWER Sentinel Which argument(s) is (are) required when declaring a Terraform variable? CORRECT ANSWER default Which of the following state management command allow you to retrieve a list of resources that are part of the state file? CORRECT ANSWER terraform state list Select the answer below that completes the following statement: Terraform Cloud can be managed from the CLI but requires __________? CORRECT ANSWER an API token Which provisioner invokes a process on the resource created by Terraform? CORRECT ANSWER remote-exec Where are providers downloaded by terraform init stored? CORRECT ANSWER Providers downloaded by terraform init are only installed for the current working directory; other working directories can have their own installed provider versions. Can terraform init download third party providers that are not distributed by HashiCorp CORRECT ANSWER False How do you constrain the provider version? CORRECT ANSWER add a required_providers block
How do you upgrade the terraform provider? CORRECT ANSWER terraform init -upgrade How can you optionally define multiple configurations for the same provider, and select which one to use on a per-resource or per-module basis. CORRECT ANSWER use alias Where are providers downloaded to? CORRECT ANSWER locally If multiple versions of a plugin are installed, Terraform will use? CORRECT ANSWER If multiple versions of a plugin are installed, Terraform will use the newest version that meets the configuration's version constraints. The name of a variable can be any valid identifier except the following CORRECT ANSWER source version providers count for_each lifecycle depends_on locals How can an input variable be accessed? CORRECT ANSWER its value can be accessed from within expressions as var.