Second Flashcards Preview

P211A000N02F > Second > Flashcards

Flashcards in Second Deck (60)
Loading flashcards...
1

What would be output of the below?

> lookup({a="test ", b="good morning"}, "call", "terraform?")

A. test
B. good morning
C. terraform?
D. call

C. terraform?

This is the true result terraform? and this can be tested on terraform console.

lookup command finds the value of a single element from a given map looking at its key

If there is no key it will return the default values. In this case, it is looking for the key of call Because there is no key "call", the default value of “terraform?" is returned.

https://www.terraform.io/docs/configuration/functions/lookup.html

2

In the below-given code,
What is the local name of the module given below?
1. resource "aws_instance" "test" {
2. ami = "ami-test"
3. instance_type = "t2.nano"
4. Vpc.id = “vpc-test1234”
5. }

A. test
B. aws_instance
C. Demo
D. resource

A. test

To identify the resource block we need to use resource_type.name to identify the block. In this case 'test'

https://www.terraform.io/docs/language/resources/index.html

3

What is the correct syntax to reference (references the type "aws_instance") expression for a given localname whizlab?

A. whizlab.*attributes
B. resource.whizlab.*attributes
C. aws_instance.whizlab[*].attribute
D. resource.whizlab

C. aws_instance.whizlab[*].attribute

Terraform makes several kinds of named values available. Each of these names is an expression thatreferences the associated value; you can use them as standalone expressions or combine them withother expressions to compute new values.

A local value assigns a name to an expression, so you can use it multiple times within a module without repeating it.

If you're familiar with traditional programming languages, it can be useful to compare Terraform modulesto function definitions:

Input variables are like function arguments.

Output values are like function return values.

Local values are like a function's temporary local variables.

aws_instance.whizlab[*].attribute

https://www.terraform.io/docs/language/expressions/types.html
https://www.terraform.io/docs/language/values/locals.html

4

What are the benefits of using consul? (select two)

A. Consul is a tool not for orchestration
B. Consul is used for service discovery and configuration
C. Consul provides helps to expose resources to be used to interact with consul cluster
D. Consul is not a provider for consul remote state backend

B. Consul is used for service discovery and configuration
C. Consul provides helps to expose resources to be used to interact with consul cluster

https://registry.terraform.io/providers/hashicorp/consul/latest/docs

5

What is the output of the below terraform function?
> index(["test", "dev", "prod"], "prod")

A. Prod
B. 2
C. 1
D. Dev

B. 2

Index outputs the values of the element index for a given value in list starting with 0. So here it is test=0,dev =1, prod =2

6

What is the result of the following terraform function call?
> zipmap(["john", "Jim"], [0, 2])

A. [ "john", "jim", "0", "2",]
B. {"Jim" = 2, "john" = 0}
C. (“john”=1,”jim”=2)
D. {{ “john”=1 “jim”=2}}

B. {"Jim" = 2, "john" = 0}

Usually, the map is denoted by flower brackets and lists are with square brackets.
{"Jim" = 2, "john" = 0}

7

Your colleague has deployed an instance and forgot to install some configs and wants to deploy them after the deployment. What steps does he need to follow to install the configs?

A. Use terraform remote provisoners to install
B. Logon to instance and manually install as it is one time install
C. Use input values to input these values
D. Create an new instance with bootstrap configurations and clone it

A. Use terraform remote provisoners to install

By using remote-exec provisioner one can run bootstrap and other configs it runs a script on a remote resource after it is created

https://www.terraform.io/docs/provisioners/remote-exec.html

8

How do you launch a terraform interpolations console?

A. Terrafrom apply -config
B. Terraform console
C. Terrafrom plan
D. Terrafrom consul

B. Terraform console

terraform console [options] [dir]

This command helps with interactive command-line console for evaluating and experimenting with expressions

9

Please choose from below which helps users to deploy configurations as policy as a code?

A. Resources
B. Functions
C. Sentinel
D. Workspaces

C. Sentinel

https://docs.hashicorp.com/sentinel/concepts/policy-as-code/

10

You are new to terraform and are asked to find out which providers you are using. What command do you use?

A. terraform state
B. terraform apply
C. terraform providers
D. terraform plan

C. terraform providers

terraform provider command is used to find what provider version you are deploying

11

You have been asked to upgrade modules and plugins. What flags you will use for this purpose?

A. Terraform init -upgrade
B. Terraform provider -upgrade
C. Terraform refesh
D. Terraform init

A. Terraform init -upgrade

12

Please identify which of the below features best apply
resource "aws_ec2_instance " "test"
{
name = "test-terraform"
application = "${aws_ec2_instance.test-terraform }"
dynamic "setting"
{
for_each = var.test
content
{
}
}

A. Resource
B. Providers
C. Local-exec
D. Dynamic-block

A. Resource
D. Dynamic-block

dynamic blocks are to be defined and can define multiple nested blocks inside the dynamic block

https://www.terraform.io/docs/configuration/expressions.html

13

You initiated terraform apply command - what does it do in backend?

A. It will check for canonical format and config errors in the configuration
B. It will create a map of infrastructure to be deployed
C. It will create a workspace and store all the configurations in the .terraform directory
D. It will show the changes to be applied and ask the user to prompt to actually implement them and will go ahead and provide the desired configuration

D. It will show the changes to be applied and ask the user to prompt to actually implement them and will go ahead and provide the desired configuration

14

What are the benefits of policy as code feature sentinel? (select 3)

A. Sandboxing
B. Encryption
C. Automation
D. Codification

A. Sandboxing
C. Automation
D. Codification

Policy as code provides a number of benefits:

Sandboxing. Policies provide the guardrails for other automated systems. As the number of automated systems grow, there is also a growing need to protect those automated systems from performing dangerous actions. Manual verification is too slow; policies need to be represented as code to keep up with other automated systems.

Codification. By representing policy logic as code, the information and logic about a policy is directly represented in code and can be augmented with comments rather than relying on oral tradition to learn about the reason for policies.

Version Control. Policies are encouraged to be stored as simple text files managed by a version control system. This lets you gain all the benefits of a modern VCS such as history, diffs, pull requests, and more.

Testing. Policies are just code. Their syntax and behavior can be easily validated with Sentinel. This also encourages automated testing such as through a CI. Paired with a VCS system, this allows a pull request workflow to verify that a policy keeps the system behavior as expected before merging.

Automation. With all policies as code in simple text files, various automation tools can be used. For example, it is trivial to create tools to automatically deploy the policies into a system.

https://docs.hashicorp.com/sentinel/concepts/policy-as-code

15

You have been asked to manually taint a resource using CLI. Which commands from below should you use?

A. terraform taint -resource-name
B. terraform taint resource.id
C. terrafrom taint = resource.id
D. terraform taint resource.id – name

B. terraform taint resource.id

https://www.terraform.io/docs/commands/taint.html

16

From below code snippet please choose from below the order in which resources will be deployed
resource "aws_instance" "whizlabs" {
}
resource "aws_vpc" "whizlabvpc" {
cidr_block = "192.168.10.0/24"
depends_on = [aws_instance.whizlabs]

A. instance will be created and vpc at same time
B. aws ec2 instance first then vpc is attached to it
C. vpc is provisioned and after instance is created it is attached
D. terraform returns an error

D. terraform returns an error

aws_instance requires info from VPC resource such as subnet_id hence it cannot be created before the VPC resource.

https://learn.hashicorp.com/tutorials/terraform/aws-dependency

17

You have been asked to stop using static values and make code more dynamic. How do you achieve this?

A. Local values
B. Input variables
C. Depends_on
D. Functions

B. Input variables

18

Which command doesn’t destroy an instance, but instead recreates it?

A. Terraform refresh
B. Terraform taint
C. terraform state mv
D. terraform plan -options

B. Terraform taint

The terraform taint command informs Terraform that a particular object has become degraded or damaged. Terraform represents this by marking the object as "tainted" in the Terraform state, in which case Terraform will propose to replace it in the next plan you create.

If your intent is to force replacement of a particular object even though there are no configuration changes that would require it, we recommend instead to use the -replace option with terraform apply

For example:
terraform apply -replace="aws_instance.example[0]"

Creating a plan with the "replace" option is superior to using
terraform taint because it will allow you to see the full effect of that change before you take any externally-visible action. When you use
terraform taint to get a similar effect, you risk someone else on your team creating a new plan against your tainted object before you've had a chance to review the consequences of that change yourself.

19

You have created an ec2 instance on aws console with name as whiz-ec2 and instance id as i-123w8766. You are asked to import this instance.

Please choose the correct command from below.

A. terraform import aws_instance i-123w8766
B. terraform import-whiz-ec2 i-123w8766
C. terraform import i-123w8766 whiz-ec2
D. terrafom import aws_instance.whiz-ec2 i123w8766

D. terrafom import aws_instance.whiz-ec2 i123w8766

The terraform import command is used to import existing infrastructure.

The command currently can only import one resource at a time. This means you can't yet point Terraform import to an entire collection of resources such as an AWS VPC and import all of it. This workflow will be improved in a future version of Terraform.

To import a resource, first write a resource block for it in your configuration, establishing the name by which it will be known to Terraform:

resource "aws_instance" "example" {
# ...instance configuration.....
}

The name "example" here is local to the module where it is declared and is chosen by the configuration author. This is distinct from any ID issued by the remote system, which may change over time while theresource name remains constant.

If desired, you can leave the body of the resource block blank for now and return to fill it in once the instance is imported.

Now terraform import can be run to attach the existing instance to this resource configuration:
$ terraform import aws_instance.example i-abcd1234

so the answer is D because of the question :
ec2 instance on AWS console with name as whiz-ec2 and instance id as
i-123w8766

terrafom import aws_instance.whiz-ec2 i123w8766

20

You are using a vault provider. During what phase does it get the data?

A. terraform refresh
B. terraform apply
C. terraform plan
D. terraform init

C. terraform plan

The terraform plan command is used to create an execution plan.

Terraform performs a refresh, unless explicitly disabled, and then determines what actions are necessary to achieve the desired state specified in the configuration files.

This command is a convenient way to check whether the execution plan for a set of changes matches your expectations without making any changes to real resources or to the state. For example, terraform plan might be run before committing a change to version control, to create confidence that it will behave as expected.

The optional -out argument can be used to save the generated plan to a file for later execution with terraform apply, which can be useful when running Terraform in automation.

If Terraform detects no changes to the resource or to root module output values, terraform plan will indicate that no changes are required.

https://www.terraform.io/docs/cli/commands/plan.html

21

What are the Flags that can be used for terraform apply?

A. Auto-approve
B. init
C. get
D. console

A. Auto-approve

The following options allow you to change various details about how the apply command executes and reports on the apply operation. If you are running terraform apply without a previously-saved plan file,these options are in addition to the planning modes and planning options described for terraform plan.

-auto-approve
Skips interactive approval of plan before applying. This option is ignored when you pass a previously-saved plan file, because Terraform considers you passing the plan file as the approval and so will never prompt in that case.

-compact-warnings
Shows any warning messages in a compact form which includes only the summary messages, unless the warnings are accompanied by at least one error and thus the warning text might be useful context for the errors

-input=false
Disables all of Terraform's interactive prompts. Note that this also prevents Terraformfrom prompting for interactive approval of a plan, so Terraform will conservatively assume that you do not wish to apply the plan, causing the operation to fail. If you wish to run Terraform in a non-interactive context, see Running Terraform in Automation for some different approaches.

-lock=false
Disables Terraform's default behavior of attempting to take a read/write lock on the state for the duration of the operation.

-lock-timeout=DURATION
Unless locking is disabled with -lock=false, instructs Terraform to retryacquiring a lock for a period of time before returning an error. The duration syntax is a number followed by a time unit letter, such as "3s" for three seconds.

-no-color
Disables terminal formatting sequences in the output. Use this if you are running Terraformin a context where its output will be rendered by a system that cannot interpret terminal formatting.

-parallelism=n
Limit the number of concurrent operation as Terraform walks the graph. Defaults to 10.

For configurations using the local backend only, terraform apply also accepts the legacy options -state, -state-out, and -backup.

22

Your colleague has created some configs manually on the AWS console, and you have made the instance using terraform.

When you run the terraform plan, what happens in the background?

A. Terrafrom plan will throw errors in the resources
B. Terraform plan shows ~ and updates everything
C. Terraform plan will show output to remove the manually created one
D. Terrafrom plan will only show what is configured but not anything manually configured

D. Terrafrom plan will only show what is configured but not anything manually configured

What happens when you run terraform plan:
Terraform apply command is used to create or introduce changes to real infrastructure.
By default, apply scans the current working directory for the configuration and applies the changes appropriately.However, you'll optionally give the path to a saved plan file that was previously created with terraforming plan.

https://k21academy.com/terraform-iac/terraform-workflow-and-its-use-case/

23

What is the use of local-exec in terraform. (select two)

A. to invoke commands locally on remote host
B. usually to run commands on the machine where terraform is running
C. use to invoke scripts locally
D. locally create variables and run interrafrom

B. usually to run commands on the machine where terraform is running
C. use to invoke scripts locally

24

You are making some changes to terraform configuration - what are the cases where terraform init needs to be called? (select three)

A. on any new environment that configures a backend
B. on removing backend configuration completely
C. on any change of backend configuration
D. Every time you add some configs run init so that it makes sure everything is up to date

A. on any new environment that configures a backend
B. on removing backend configuration completely
C. on any change of backend configuration

https://www.terraform.io/docs/backends/init.html

25

Which OS version support terraform enterprise? (select two)

A. Fedora
B. Ubuntu 16.0.4.3
C. Centos – 7.7
D. Windows 7
E. All the above

B. Ubuntu 16.0.4.3
C. Centos – 7.7

26

What is the default number of concurrent operations supported by terrafrom apply?

A. 100
B. 10
C. 5
D. 1

B. 10

Default number of concurrent operations supported by terraform are 10

https://www.terraform.io/docs/commands/apply.html

27

Which command is used to save the API token for logins on terraform enterprise and terraform cloud?

A. terrafrom get
B. terrafrom api-get
C. terraform login
D. terraform cloud – get api

C. terraform login

https://www.terraform.io/docs/commands/login.html

28

Which of the below are effective ways to manage secrets in terraform? (select 3)

A. Always store the secrets in tfstate file with sensitive parameter turned on and this will help to mask the parameters and doesn’t show the data unless you unmask it
B. Never hardcode secrets like access keys, passwords in the configuration’s files
C. include Avoid saving the hardcoded secrets in state file or configuration files
D. Make sure when committing to git don’t add the files where the secrets are stored

B. Never hardcode secrets like access keys, passwords in the configuration’s files
C. Avoid saving the hardcoded secrets in state file or configuration files
D. Make sure when committing to git don’t add the files where the secrets are stored

29

What are the two supported backend types in terraform? (select two)

A. Remote-backend
B. Enhanced
C. Local- backend
D. Standard

B. Enhanced
D. Standard

https://www.terraform.io/docs/backends/types

30

You noticed this symbol = “~> 0.11” in your terraform provider version. What does this signify?

A. Version which is more than 0.11and less than 0.10
B. Version which is less than 0.11 and more than 0.10
C. Versions which are less than 0.1 and more than 0.11
D. Version which are more than 0.11 and less than 0.12

D. Version which are more than 0.11 and less than 0.12

For example, ~> 1.0 is equivalent to >= 1.0, < 1.0, and ~> 0.9.2, is equivalent to >= 0.9.2, < 1.0

This is known as Pessimistic Constraint Operator

https://www.terraform.io/docs/language/expressions/version-constraints.html