Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
Terraform Associate Practice Questions 2024
Typology: Exams
1 / 15
run a terraform state rm command to remove the Cloud SQL instance from terraform management before running the terraform destroy command - Freddy and his co-worker Jason are deploying resources in GCP using Terraform for their team. After resources have been deployed, they need to destroy the cloud-based resources to save on costs. However, two other team members, Michael and Chucky, are using a Cloud SQL instance for testing and are asking to keep it running. How can Freddy and Jason easily destroy all other resources without negatively impacting the database? the resource is marked as tainted - During a terraform apply, a resource is successfully created but eventually fails during provisioning. What happens to the resource? since he has introduced a new provider, a terraform init needs to be run to download the infobox plugins - Henry has been working hard on automating his infrastructure for a new application using Terraform. His organization has standardized on Azure for application workloads. Currently, he has his application running successfully, but he has added a new resource to create a DNS record using the Infoblox provider. He has added the new resource but gets an error when he runs a terraform plan. What should Henry do first before running a plan and apply? Bitbucket Cloud Github Enterprise Github.com Azure DevOps server - Terraform Cloud is more powerful when you integrate it with your version control system (VCS) provider. Select all the supported VCS providers from the answers below. (select four) macOS Linux FreeBSD Windows Solaris - Terraform is distributed as a single binary and available for many different platforms. Select all Operating Systems that Terraform is available for. (select five) count [count is a reserved word. - Which of the following is an invalid variable name? use terraform import to import the existing resources under terraform management - Harry has deployed resources on Azure for his organization using Terraform. However, he has discovered that his co-workers Ron and Ginny have manually created a few
resources using the Azure console. Since it's company policy to manage production workloads using IaC, how can Harry start managing these resources in Terraform without negatively impacting the availability of the deployed resources? terraform console - Which of the following commands will launch the Interactive console to evaluate and experiment with expressions? terraform workspace new stage - A user has created three workspaces using the command line - prod, dev, and test. The user wants to create a fourth workspace named stage. Which command will the user execute to accomplish this? TF_LOG - Terraform has detailed logs which can be enabled by setting the _________ environmental variable. True - True or False? Each Terraform workspace uses its own state file to manage the infrastructure associated with that particular workspace. JSON - While Terraform is generally written using the HashiCorp Configuration Language (HCL). What other syntax can Terraform be expressed in? terraform validate - Which Terraform command will check and report errors within modules, attribute names, and value types to make sure they are syntactically valid and internally consistent? False - True or False? Rather than use state, Terraform can inspect cloud resources on every run. Terraform analyzes any expressions within a resource block to find references to other objects and treats those references as implicit ordering requirements when creating, updating, or destroying resources - In Terraform, most resource dependencies are handled automatically. Which of the following statements describes best how Terraform resource dependencies are handled? True - True or False? By default, Terraform destroy will prompt for confirmation before proceeding. force-unlock - Which of the following Terraform subcommands could be used to remove the lock on the state for the current configuration? True - True or False? Terraform Enterprise offers the ability to use Terraform to deploy infrastructure in your local on-premises datacenter as well as a public cloud platform, such as AWS, Azure, or GCP. run a terraform plan and validate the changes that will be made - Oscar is modifying his Terraform configuration file but isn't 100% sure it's correct. He is afraid that changes
made could negatively affect production workloads. How can Oscar validate the changes that will be made without impacting existing workloads? private module registry - What feature of Terraform Cloud and/or Terraform Enterprise allows you to publish and maintain a set of custom modules which can be used within your organization? It can be versioned It can be shared It can be reused - Which are some of the benefits of using Infrastructure as Code in general? (select three) TF_VAR - Environment variables can be used to set the value of input variables. The environment variables must be in the format "____"_
determine the correct order to destroy resources increased performance mapping config to real world resources - What are some of the features of Terraform state? (select three) current working directory - By default, where does Terraform OSS/CLI store its state file? secrets are persisted to the state file - What is the downside to using Terraform to interact with sensitive data, such as reading secrets from Vault? TRACE - After running into issues with Terraform, you need to enable verbose logging to assist with troubleshooting the error. Which of the following values provides the MOST verbose logging? using terraform import, import the existing infrastructure into your terraform state - Your organization has moved to AWS and has manually deployed infrastructure using the console. Recently, a decision has been made to standardize on Terraform for all deployments moving forward. What can you do to ensure that the existing resources are managed by Terraform moving forward without causing interruption to existing resources? False - True or False? Workspaces provide similar functionality in the open-source, Terraform Cloud, and Enterprise versions of Terraform. rewrite terraform configuration files to a canonical format and style - What does the command terraform fmt do? True - True or False? Provisioners should only be used as a last resort. terraform fmt - Larissa is an experienced IT professional and is working to learn Terraform to manage the F5 load balancers that front-end customer-facing applications. Larissa writes great code, but her formatting seldom meets the Terraform canonical formatting and style recommended by HashiCorp. What built-in tool or command can Larissa use to easily format her code to meet the recommendations for formatting Terraform code? Allows infrastructure to be versioned code can be easily shared and reused creates a blueprint of your datacenter - Infrastructure as Code (Iac) provides many benefits to help organizations deploy application infrastructure much faster than clicking around in the console. What are the additional benefits to IaC? (select three)
update all previously installed plugins to the newest version that complies with the configuration's version contraints - What function does the terraform init - upgrade command perform? Terraform makes infrastructure changes defined in your configuration Terraform updates the state file with configuration changes made during execution - What happens when you apply a Terraform configuration using terraform apply? (select two) terraform apply - refresh-only - Which of the following commands can be used to detect configuration drift? VCS connections remote runs private module registry - Terraform Cloud provides organizations with many features not available to those running Terraform open-source to deploy infrastructure. Select the ADDITIONAL features that organizations can take advantage of by moving to Terraform Cloud. (select three) run terraform plan and inspect the proposed changes - You have your production environment deployed with Terraform. A developer request that you update a load balancer configuration to better work with the application. After modifying your Terraform, how can you perform a dry run to ensure no unexpected changes will be made? sentinel - Which feature of Terraform Enterprise can be used to enforce fine-grained policies to enforce standardization and cost controls before resources are provisioned with Terraform? False - True or False? A remote backend configuration is required for using Terraform. sentinel policies - Which of the following Terraform features is NOT available in the open-source version? terraform provider - What feature of Terraform provides an abstraction above the upstream API and is responsible for understanding API interactions and exposing resources? terraform cloud for business - Terraform Cloud Agents are a feature that allows Terraform Cloud to communicate with private infrastructure, such as VMware hosts running on-premises. Which version of Terraform Cloud supports this feature? terraform apply - refresh-only - You are an Infrastructure Engineer at Strategies, Inc, which is a new organization that provides marketing services to startups. All of your infrastructure is provisioned and managed by Terraform. Despite your pleas to not make
changes outside of Terraform, sometimes the other engineers log into the cloud platform and make minor changes to resolve problems. What Terraform command can you use to reconcile the state with the real-world infrastructure in order to detect any drift from the last-known state? true - True or False? Before a terraform validate can be run, the directory must be initialized. multiple provider blocks using an alias - Scenario: You are deploying a new application and want to deploy it to multiple AWS regions within the same configuration file. Which of the following features will allow you to configure this? False [If no explicit plan file is given on the command line, terraform apply will create a new plan automatically and prompt for approval to apply it] - True or False? A terraform plan is a required step before running a terraform apply? enable code reuse supports modules stored locally or remotely supports versioning - Which of the following are the benefits of using modules in Terraform? (select three) terraform cloud maintains the state version and run history for each workspace CLI workspaces are alternative state files in the same working directory - Both Terraform CLI and Terraform Cloud offer a feature called "workspaces". Which of the following statements are true regarding workspaces? (select three) use environmental variables directly in the provider block by hardcoding or using a variable integrated services (AWS IAM) - When using a Terraform provider, it's common that Terraform needs credentials to access the API for the underlying platform, such as VMware, AWS, or Google Cloud. While there are many ways to accomplish this, what are three options that you can provide these credentials? (select three) Trace - Terraform has detailed logs that can be enabled using the TF_LOG environment variable. Which of the following log levels is the most verbose, meaning it will log the most specific logs? using the same provider with different configurations for different resources - A provider alias is used for what purpose in a Terraform configuration file? .tfvars file - Variables and their default values are typically declared in a main.tf or variables.tf file. What type of file can be used to set explicit values for the current working directory that will override the default variable values?
enables terraform to fetch data for use elsewhere in the terraform configuration - Which of the following best describes a "data source"? true - True or False? Any sensitive values referenced in the Terraform code, even as variables, will end up in plain text in the state file. terraform { required_providers { aws = ">= 3.0" - Which of the following code snippets will ensure you're using a specific version of the AWS provider? terraform init - upgrade - You are using Terraform to manage some of your AWS infrastructure. You notice that a new version of the provider now includes additional functionality you want to take advantage of. What command do you need to run to upgrade the provider? False - True or False? A provider block is required in every configuration file so Terraform can download the proper plugin. local-exec provisioner - Terraform includes two types of provisioners. Which provisioner type will invoke a process on the machine executing Terraform?
in the terrafrom.tfstate file on the backend - By default, where does Terraform CLI store its state? state - Rather than having to scan and inspect every resource on every run, Terraform relies on what feature to help manage resources? False "While it's not required, it is highly recommended to specify the version for each module to avoid issues with newer versions of the module that could break your configuration" - True or False? When you are referencing a module, you must specify the version of the module in the calling module block. state
False - True or False? Input variables that are marked as sensitive are NOT written to Terraform state. in the .terraform/modules folder in the working directory - You've included two different modules from the official Terraform registry in a new configuration file. When you run a terraform init, where does Terraform OSS download and store the modules locally? True - True or False? In Terraform OSS, workspaces generally use the same code repository while workspaces in Terraform Enterprise/Cloud are often mapped to different code repositories. terraform apply - refresh-only - Your organization has multiple engineers that have permission to manage Terraform as well as administrative access to the public cloud where these resources are provisioned. If an engineer makes a change outside of Terraform, what command can you run to detect drift and update the state file? terraform init - After hours of development, you've created a new Terraform configuration from scratch and now you want to test it. Before you can provision the resources, what is the first command that you should run? the official terraform public module registry - prod-vpc - run a terraform state rm to remove it from state and then destroy the remaining resources by running terraform destroy - You are managing multiple resources using Terraform running in AWS. You want to destroy all the resources except for a single web server. How can you accomplish this? output block - A child module created a new subnet for some new workloads. What Terraform block type would allow you to pass the subnet ID back to the parent module? Nothing will happen. Terraform will validate the infrastructure matches the desired state
export TF_VAR_user=dbadmin "You need to use TF_VAR_ to set an environment variable for use with Terraform" - You need to set the value for a Terraform input variable. Which of the following allows you to set the value using an environment variable?
"A terraform apply will actually run its own "plan" to make sure it knows what resources to update." - True or False? Running a terraform apply will fail if you do not run a terraform plan first. Private module registry - Given the definition below, what Terraform feature is being described? "helps you share Terraform providers and Terraform modules across your organization. It includes support for versioning, a searchable list of available providers and modules, and a configuration designer to help you build new workspaces faster." True - True or False? Infrastructure as code (IaC) tools allow you to manage infrastructure with configuration files rather than through a graphical user interface. False "You don't have to specify a provider block since Terraform is smart enough to download the right provider based on the specified resources." - True or False? A provider block is required in every configuration file so Terraform can download the proper plugin. Terraform OSS - Which of the following Terraform versions does NOT support Sentinel? TF_LOG=TRACE - After running terraform apply, you notice some odd behavior and need to investigate. Which of the following environment variables will configure Terraform to write more detailed logs to assist with troubleshooting? terraform destroy terraform apply - destroy - What CLI commands will completely tear down and delete all resources that Terraform is currently managing? (select two) True "You can change your backend configuration at any time. You can change both the configuration itself as well as the type of backend (for example from "consul" to "s3")." - True or False? You can move Terraform state between supported backends at any time, even after running your first terraform apply. use the s3 backend using the encrypt option to ensure state is encrypted store in a remote backend that encrypts state at rest - You are worried about unauthorized access to the Terraform state file since it might contain sensitive information. What are some ways you can protect the state file? (select two) Add the following code to the parent module:
output "website" { description = "Outputs the URL of the provisioned website" value = "https://${module.web.public_dns}:8080/index.html } - You are using modules to deploy various resources in your environment. You want to provide a "friendly name" for the DNS of a new web server so you can simply click the CLI output and access the new website. Which of the following code snippets would satisfy these requirements? subnet = module.prod_subnet.subnet_id - You have a module named prod_subnet that outputs the subnet_id of the subnet created by the module. How would you reference the subnet ID when using it for an input of another module? environment variables credentials file - Your co-worker has decided to migrate Terraform state to a remote backend. They configure Terraform with the backend configuration, including the type, location, and credentials. However, you want to better secure this configuration. Rather than storing them in plaintext, where should you store the credentials? (select two) Develop code that provisions new application servers programmatically. Use monitoring software to trigger a pipeline that deploys additional servers during periods of increased demand - You work for a retail organization that has multiple peak seasons throughout the year. During those peak seasons, your applications need to be scaled up quickly to handle the increased demand. However, the deployment of application servers is manual and new servers are only deployed when problems are reported by users. How can you reduce the effort required to deploy new resources, increase the speed of deployments, and reduce or eliminate the negative experiences of your customers? False - True or False? When developing Terraform code, you must include a provider block for each unique provider so Terraform knows which ones you want to download and use. see image - You need to use multiple providers in Terraform to accomplish a task. Which of the following can be used to configure the settings for multiple providers? run terraform plan - out=thomas - Thomas has recently developed a new Terraform configuration in a new working directory and is very cost-conscious. After running a terraform init, how can Thomas perform a dry run to ensure Terraform will create the right resources without deploying real-world resources? Before applying the new configuration, Terraform will refresh the state and recognize the manual change. It will update the resource based on the desired state as configured in the Terraform configuration. The manual change will no longer exist - You are working on updating your infrastructure managed by Terraform. Before lunch, you update your configuration file and run a terraform plan to validate the changes. While
you are away, a colleague manually updates a tag on a managed resource directly in the console (UI). What will happen when you run a terraform apply? Plugins directory Terraform registry Official HashiCorp releases site Terraform plugin cache - When using Terraform, where can you install providers from? (select four) in the .terraform/modules subdirectory in the current working directory - When initializing Terraform, you notice that Terraform's CLI output states it is downloading the modules referenced in your code. Where does Terraform cache these modules? This prevents others from acquiring the lock and potentially corrupting your state - If supported by your backend, Terraform will lock your state for all operations that could write state. What purpose does this serve? produces nested configuration blocks instead of a complex typed value - Which of the following is the best description of a dynamic block? False - True or False? Terraform can only manage dependencies between resources if the depends_on argument is explicitly set for the dependent resources. Terraform needs to initialize the directory and download the required plugins - You have recently cloned a repo containing Terraform that you want to test in your environment. Once you customize the configuration, you run a terraform apply but it immediately fails. Why would the apply fail? terraform state list - Which common action does not cause Terraform to refresh its state? False These are actually examples of Terraform functions, not expressions. Expressions would be something more in the line of string, number, bool, null, etc. - True or False? min, max, format, join, trim, and length are examples of different expressions in Terraform. True "The terraform graph command is used to generate a visual representation of either a configuration or execution plan. The output is in the DOT format, which can be used by
GraphViz to generate charts." - True or False? The terraform graph command can be used to generate a visual representation of a configuration or execution plan. it always matches the infrastructure deployed with Terraform - Which of the following is not true about the terraform.tfstate file used by Terraform? Terraform Cloud (free) Terraform Cloud for Business Terraform Enterprise - Which of the following Terraform versions offer the ability to use a private module registry? (select three) var.products[2] - True - True or False? terraform validate will validate the syntax of your HCL files. terraform console - What Terraform command can be used to evaluate and experiment with expressions in your configuration? terraform init - reconfigure - terraform apply - refresh-only - You have deployed your network architecture in AWS using Terraform. A colleague recently logged in to the AWS console and made a change manually and now you need to be sure your Terraform state reflects the new change. What command should you run to update your Terraform state? Add a data block to your configuration to query the existing resource. Use the available exported attributes of that resource type as needed throughout your configuration to get the values you need. - You have an existing resource in your public cloud that was deployed manually, but you want the ability to reference different attributes of that resource throughout your configuration without hardcoding any values. How can you accomplish this? True "This is true. If a module or provider is marked as official, it is owned and maintained by HashiCorp themselves." - True or False? Official Terraform providers and modules are owned and maintained by HashiCorp. Terraform OSS/CLI Terraform Enterprise - You want to use Terraform to deploy resources across your on- premises infrastructure and a public cloud provider. However, your internal security policies require that you have full control over both the operating system and
deployment of Terraform binaries. What versions of Terraform can you use for this? (select two) terraform state show aws_instance.frontend - Steve is a developer who is deploying resources to AWS using Terraform. Steve needs to gather detailed information about an EC2 instance that he deployed earlier in the day. What command can Steve use to view this detailed information? a single module can be called many times in a single configuration file - Which of the following is true about working with modules? resource block - You want to use a Terraform provisioner to execute a script on the remote machine. What block type would use to declare the provisioner?