First Flashcards
Your company is currently running terraform for development of web application using AWS services. One of your teammates wants to modify the type of the instances currently used to “t2.large”and is asked to change the default set values.
What changes does he have to make to get it working?
A. Issue Terraform plan instance.type”.t2.large” and it deploys the instance
B. Modify the tf.variables with the instance type and issue terraform apply
C. Create a new file my.tfvars and add the type of the instance and issue terraform plan and apply
D. Modify the terraform.tfvars with the instance type and issue terraform plan and then terraform
apply to deploy the instances
D. Modify the terraform.tfvars with the instance type and issue terraform plan and then terraform apply to deploy the instances
Option A is incorrect because the syntax is wrong using cli command to change the instance type is terraform plan -var=”instancetype=t2.large” in the above option it is mentioned as “Instance.type”.t2.large and terraform plan doesn’t deploy the instance
Option B is incorrect though recommended practice is to rather than changing the default values terraform.tfvars variables to be modified, there is no tf.variables in terraform. Always it is good practice to check before apply so terraform plan to check the instance type and then terraform apply for changes
Option C is incorrect as terraform recommended type is terraform.tfvars for anyother tf.vars file types use cli terraform plan -var-file=”my.tfvars”
Reference: https://www.terraform.io/docs/commands/environment-variables.html
https://www.terraform.io/docs/commands/plan.html
You are part of a security team that noticed current terraform code outputs the password of database after you issue terraform apply. You have been asked to make sure password is not in the output.
How do you approach this?
A. Encrypt the plain text values to show output as random values
B. Password is encrypted in database
C. Use Sensitive Parameter
D. Use terraform plan -var-file= “password=no” to hide output values
C. Use Sensitive Parameter
Use a sensitive parameter it does not show output value at terraform apply, plan however if you have
access the state files password can be seen in plain-text format
Reference: https://www.terraform.io/docs/state/sensitive-data.html
One of your colleagues is new to terraform and wants to add a new workspace new-hire.
What command will he execute?
A. terraform workspace –new –new-hire
B. terraform workspace new new-hire
C. terraform workspace init new-hire
D. terraform workspace new-hire
B. terraform workspace new new-hire
Terraform workspace new is the right syntax to be used whenever you want to create a new workspace
Example :
$terraform workspace new new-hire
Created and switched to workspace “new-hire”
You are planning to install terraform on client machines and are asked to evaluate which OS versions are supported. Please choose the correct option.
A. Windows
B. Amazon Linux
C. FreeBSD
D. Unix
E. MacOS
F. All the above
F. All the above
All given options are correct. Amazon Linux is just another flavor of Linux. Terraform works perfectly well on it.
Reference: https://www.terraform.io/downloads.html
John is a newbie to terraform and he wants to enable details logs.
What variables does he need to define?
A. TF_help
B. TF_LOG
C. TF_Debug
D. TF_var_log
B. TF_LOG
Terraform does provide detailed logging and helps to find the errors in the flow
By using TF_LOG enabled you can set to TRACE, INFO, WARN or ERROR, DEBUG Levels
You have made changes to your tfvar files and would like to know contents of the state file.
What command is used to check?
A. Terraform state
B. Terraform current
C. Terraform show
D. Terraform inspect
C. Terraform show
Terraform show command provides output from state or plain file in a readable format
This is used to verify the current state contents and inspect the plan to make sure everything is right.
There is terraform show – json to show outputs in json format
Your company uses git and asked you to commit all the terraform code to git and advised you to be careful with sensitive information during commit.
What file should you NOT include in the commit ?
A. Terraform.tfs
B. Variables.tf
C. Terraform.tfdata
D. Terraform.tfstate
D. Terraform.tfstate
Usually terraform.tfvars and terraform.tfstate files contain sensitive data like password, access keys and db password. It is best to avoid these files from committing.
Your company currently has infrastructure running in Azure and planning to use terraform.
You have been asked to plan, implement, and make sure existing infrastructure is migrated properly.
You used terraform import but notice that import is not successful.
What are the things to be taken care of before import?
A. Make sure existing resources are in shutdown state so that during import there are no issues
B. Make sure resources of the existing infrastructure are updated in the configuration file right
C. Add all the resource details to state files
D. Run terraform show and refresh to see updated state files and then terraform import
B. Make sure resources of the existing infrastructure are updated in the configuration file right
Terraform currently supports imports of a resource into state file but not with configuration file. It is recommended to manually add the resource configuration before terraform import.
You have been asked to make terraform code more dynamic with minimum use of static values.
What options from below you will use?
A. Variables
B. Local values
C. input variable
D. Modules
C. input variable
Input variables serve as parameters for a Terraform module, allowing aspects of the module to be customized without altering the module’s own source code, and allowing modules to be shared between different configurations.
When you declare variables in the root module of your configuration, you can set their values using CLI options and environment variables. When you declare them in child modules, the calling module should pass values in the module block.
If you’re familiar with traditional programming languages, it can be useful to compare Terraform modules to function definitions:
Input variables are like function arguments
Output values are like function return values.
Local values are like a function’s temporary local variables.
Reference: https://www.terraform.io/docs/language/values/variables.html
Which is not a variable defined in terraform?
A. tfvar
B. depends_on
C. instance_aws
D. var1
B. depends_on
Use the depends_on meta-argument to handle hidden resource or module dependencies that Terraform can’t automatically infer.
You have accidentally put lock on a configuration file - what command would you use to remove the lock and make it available?
A. terraform filename-unlock
B. delete the file and create a new state file
C. terraform force-unlock
D. state.tf -unlock
C. terraform force-unlock
force unlock command helps to manually unlock the state configuration. It doesn’t change the infrastructure.
Whenever you issue “terraform init” where are all the configurations saved?
A. terraform. tfstate stores all the current configuration
B. .terraform/home is the home directory for terraform.init
C. .terraform/plugins directory for terraform.init
D. Config.tf where all the init configurations are saved to
C. .terraform/plugins directory for terraform.init
.terraform/plugins
Whenever terraform is initialized all the plugin related files are stored and downloaded under .terraform/plugins
Your colleague is running into issues with terraform and when looking at errors it looks like he incorrectly set the environment variables.
What will you look into for debugging?
A. TF_set
B. TF_VAR
C. TF_.var
D. TF_var_Filename
B. TF_VAR
All the environment variables to configured must be in the format of TF_VAR_name
Examples are TF_VAR_region=us-east-1
You want to evaluate an expression in terraform before applying it.
Which command will you use from below?
A. Graph
B. Validate
C. Console
D. Push
C. Console
Terraform console command is used to evaluate expressions in terraform
Issue terraform console and try to execute the supported expressions
Which database has its own provider?
A. MySQL
B. Mongo
C. Dynamo
D. influx
A. MySQL
https://www.terraform.io/docs/providers/index.html
Which option will you use to run a provisioners which are not associated with any resources?
A. local-exec
B. “_”:null-resource right
C. salt-masterless
D. remote-exec
B. “_”:null-resource right
To run provisioners which are not associated with any resources you would need to use null_resource . like other resources using null_resource configurations can be added
Which language is supported by terraform configuration?
A. xml
B. javascript
C. JSON
D. Plaintext
C. JSON
Terraform usually supports files ending in .tf format but they also support files in tf.json format
Reference: https://www.terraform.io/docs/configuration/syntax-json.html
You have the following configuration, but notice an error saying duplicate provider configuration.
What command from below you will use to make sure multiple configurations are allowed?
Provider “aws” { Region = us-west-2” } Provider “aws” { Region = “eu-central-1” } Provider “aws” { Region = ap-north-2” }
A. Alias
B. Label
C. Module
D. Resource for each provider
A. Alias
By using alias command we can configure different configurations to same provider pointing to different resources
Reference: https://www.terraform.io/docs/configuration/providers.html
What is the provider version of Google Cloud being used in Terraform? (select two)
Google = “~> 1.9.0”
A. 1.9.1
B. 1.0.0
C. 1.8.0
D. 1.9.2
A. 1.9.1
D. 1.9.2
Terraform is looking for any update above 1.9.0, which can 1.9.1 and 1.9.2
According to the Terraform doc, the operator ~> means only the minor (rightmost version increase) updates are accepted. Therefore, ~> 1.9.0 means the related module / provider requirement accepts 1.9.1 or 1.9.2, but not 1.10.0, and absolutely not 1.0.0 or 1.8.0
Reference: https://www.terraform.io/docs/language/expressions/version-constraints.html
Which of the below are supported backend types in terraform? (select three)
A. consul
B. gcs
C. manta
D. bitbucket
A. consul
B. gcs
C. manta
Enhanced backends:
- local
- remote
Standard backends:
- artifactory
- azurerm
- consul
- cos
- etcd
- etcdv3
- gcs
- kubernetes
- manta
- oss
- pg
- s3
- swift
https://www.terraform.io/docs/backends/types/index.html
Terraform plan looks at the code and modifies if there are any missing arguments etc before apply
A. True
B. False
B. False
Terraform plan looks at code and identifies if there are any syntax errors or missing arguments and errors and user has to fix these before issuing next terraform plan
Do terraform workspaces help in adding/allowing multiple state files for a single configuration?
A. Yes
B. No
A. Yes
Terraform workspaces allows configuring multiple state files and associating with a single configuration file
https://www.terraform.io/docs/state/workspaces.html
Resources in terraform can have same names and terraform automatically assigns them in order of precedence.
A. True
B. False
B. False
Terraform resources should have unique names you cannot have same name for resources
You have created a virtual machine manually on azure and would like to use terraform import to import it.
Does terraform import work in this scenario?
A. Yes
B. No
A. Yes
Import :
terraform import azurerm_virtual_machine.example /subscriptions/00000000-0000-0000-0000-
000000000000/resourceGroups/mygroup1/providers/microsoft.compute/virtualMachines/machine1
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine