ERASED TEST, YOU MAY BE INTERESTED ON HashiCorp Terraform - Practice Exam
Title of test:
HashiCorp Terraform - Practice Exam

HashiCorp Certified: Terraform Associate

Other tests from this author

Creation Date:

Category: Computers

Number of questions: 112
Share the Test:
New CommentNuevo Comentario
No comments about this test.
Scenario: You have a Terraform configuration file with no defined resources. However, there is a related state file for resources that were created on AWS. What happens when you run a terraform apply? Terraform will produce an error since there are no resources defined Terraform will not perform any operations. Terraform will scan the AWS infrastructure and create a new configuration file based on the state file Terraform will destroy all of the resources.
Shahin a Terraform config that includes the following code, how would you reference the last instance that will be created? 1 resource "aws_instance" "database" { 2 # ... 3 for_each = { 4 "vault": "value1", 5 "terraform": "value2", 6 "consul": "value3", 7 "nomad": "value4", 8 } 9 } aws_instance.database["nomad"] aws_instance.database[3] aws_instance.nomad aws_instance.database[4].
True or False? Any sensitive values referenced in the Terraform code, even as variables, will end up in plain text in the state file. True False.
Arvin is new to Terraform and has a single configuration file that is ready to be deployed. Which of the following can be true about this configuration file? (select three) the state file can be stored in Azure but provision applications in AWS Arvin's configuration file can deploy applications in both AWS and GCP the state can be disabled when deploying to multiple clouds to prevent sensitive data from being shared across cloud platforms the configuration file can deploy both QA and Staging infrastructure for applications.
True or False? A terraform plan is a required step before running a terraform apply? True False.
Variables and their default values are typically declared in a main.tf or terraform.tf file. What type of file can be used to set explicit values for the current working directory that will override the default variable values? .tfvars file .txt file .tfstate file .sh file.
Zahra has executed a terraform apply using a complex Terraform configuration file. However, a few resources failed to deploy due to incorrect variables. After the error is discovered, what happens to the resources that were successfully provisioned? Terraform deletes the resources on the next run resources successfully deployed are marked as tainted the resources that were successfully provisioned will remain as deployed Terraform rolls back the configuration due to the error, therefore the resources are automatically destroyed.
Which of the following best describes a "data source"? enables Terraform to fetch data for use elsewhere in the Terraform configuration a file that contains the current working version of Terraform provides required data for declared variables used within the Terraform configuration maintains a list of strings to store the values of declared outputs in Terraform.
Bijan is a DevOps Engineer for a large company and is currently managing the infrastructure for many different applications using Terraform. Recently, Bijan received a request to remove a specific VMware virtual machine from Terraform as it is no longer needed by the application team. Bijan opens his terminal and issues the command: $ terraform state rm vsphere_virtual_machine.app1 Removed vsphere_virtual_machine.app1 Successfully removed 1 resource instance(s). The next time that Bijan runs a terraform apply, the resource is not marked to be deleted. In fact, Terraform is stating that it is creating another identical resource. ..... An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # vsphere_virtual_machine.app1 will be created What would explain this behavior? the state file was not saved before the terraform apply was executed, therefore Terraform sees that the resource is still in the state file after running the terraform rm command, Bijan needs to run a Terraform plan first to tell Terraform of the updated configuration. A plan will instruct Terraform that the resource should be deleted upon the next terraform apply Bijan removed the resource from the state file, and not the configuration file. Therefore, Terraform is no longer aware of the virtual machine and assumes Bijan wants to create a new one since the virtual machine is still in the Terraform configuration file the resource was manually deleted within the VMware infrastructure and needs to be recreated.
AutoPlants, Inc is a new startup that uses AI and robotics to grow sustainable and organic vegetables for California farmers' markets. The organization can quickly burst into the public cloud during the busy season using Terraform to provision additional resources to process AI computations and images. Since its compute stack is proprietary and critical to the organization, it needs a solution to create and publish Terraform modules that only its engineers and architects can use. Which feature can provide this functionality? Sentinel Terraform Enterprise Workspaces public module registry private module registry.
When running a terraform plan, how can you save the plan so it can be applied at a later time? use the -file parameter you cannot save a plan use the -out parameter use the -save parameter.
Based on the code provided, how many subnets will be created in the AWS account? variables.tf variable "private_subnet_names" { type = list(string) default = ["private_subnet_a", "private_subnet_b", "private_subnet_c"] } variable "vpc_cidr" { type = string default = "" } variable "public_subnet_names" { type = list(string) default = ["public_subnet_1", "public_subnet_2"] } main.tf resource "aws_subnet" "private_subnet" { count = length(var.private_subnet_names) vpc_id = aws_vpc.vpc.id cidr_block = cidrsubnet(var.vpc_cidr, 8, count.index) availability_zone = data.aws_availability_zones.available.names[count.index] tags = { Name = var.private_subnet_names[count.index] Terraform = "true" } } 1 2 3 0.
What function does the terraform init -upgrade command perform? upgrades the Terraform configuration file(s) to use the referenced Terraform version update all previously installed plugins to the newest version that complies with the configuration’s version constraints upgrades all of the referenced modules and providers to the latest version of Terraform upgrades the backend to the latest supported version.
14. Based on the Terraform code below, what block type is used to define the VPC? vpc_id = aws_vpc.main.id locals block data block resource block provider block.
Which of the following Terraform CLI commands are valid? (select five) $ terraform delete $ terraform taint $ terraform login $ terraform workspace select $ terraform show $ terraform initialize $ terraform fmt .
You have created a brand new workspace for a new project, and have added all of your Terraform configuration files in the new directory. Before you execute a terraform plan, you want to validate the configuration using the terraform validate command. However, Terraform returns the error: $ terraform validate Error: Could not load plugin What would cause this error when trying to validate the configuration? the credentials for the provider are invalid the configuration is invalid the directory was not initialized the directory does not contain valid Terraform configuration files.
Which of the following Terraform features is NOT available in the open-source version? sentinel policies public cloud providers public module registry remote backend.
Given the following snippet of code, what does servers = 4 reference? module "servers" { source = "./modules/aws-servers" servers = 4 } servers is not a valid configuration for a module the number of times the module will be executed the output variable of the module the value of an input variable.
True or False? A main.tf file is always required when using Terraform? False True.
Using the Terraform code below, where will the resource be provisioned? provider "aws" { region = "us-east-1" } provider "aws" { alias = "west" region = "us-west-2" } provider "aws" { alias = "eu" region = "eu-west-2" } resource "aws_instance" "vault" { ami = data.aws_ami.amzlinux2.id instance_type = "t3.micro" key_name = "ec2_key" vpc_security_group_ids = var.vault_sg subnet_id = var.vault_subnet user_data = file("vault.sh") tags = { Name = "vault" } } us-west-2 us-east-1 us-west-.
Which of the following is not a benefit of Terraform state? reduces the number of outbound traffic by requiring state is stored locally provides a one-to-one mapping of the configuration to real-world resources increases performance by reducing the requirement to query multiple resources at once determines the dependency order for deployed resources.
When deploying an EC2 instance in AWS, for example, what value is the data source returning? data "aws_ami" "amzlinux2" { most_recent = true owners = ["amazon"] filter { name = "name" values = ["amzn2-ami-hvm-*-x86_64-ebs"] } } resource "aws_instance" "vault" { ami = data.aws_ami.amzlinux2.id instance_type = "t3.micro" key_name = "vault-key" vpc_security_group_ids = var.sg subnet_id = var.subnet associate_public_ip_address = "true" user_data = file("vault.sh") tags = { Name = "vault" } } a custom AMI for Amazon Linux 2 the IP address of an EC2 instance running in AWS the latest AMI you have previously used for an Amazon Linux 2 image the AMI ID for the latest version of the Amazon Linux 2 image.
What happens if multiple users attempt to run a terraform apply simultaneously when using a remote backend? (select two) the Terraform apply will work for both users both users will get an error if the backend does not support locking, the state file could become corrupted if the backend supports locking, the first terraform apply will lock the file for changes, preventing the second user from running the apply.
Amira is calling a child module to deploy infrastructure for her organization. Just as a good architect does (and suggested by HashiCorp), she specifies the module version she wants to use even though there are newer versions available. During a terrafom init, Terraform downloads v0.0.5 just as expected. What would happen if Amira removed the version parameter in the module block and ran a terraform init again? module "consul" { source = "hashicorp/consul/aws" version = "0.0.5" servers = 3 } Terraform would skip the module Terraform would return an error, as the version parameter is required Terraform would download the latest version of the module Terraform would use the existing module already downloaded.
Terraform Cloud Agents are a feature that allows Terraform Cloud to communicate with private infrastructure, such as VMware hosts running on-premises. Which version of Terraform Cloud supports this feature? Terraform Team and Governance Terraform Cloud for Business Terraform Cloud Free.
Soraya is implementing Terraform and was given a configuration that includes the snippet below. Where is this particular module stored? module "consul" { source = "hashicorp/consul/aws" version = "0.1.0" } public Terraform registry a private module registry supported by your organization locally in the hashicorp/consul/aws directory locally but a directory back from the current directory.
True or False? Before a terraform validate can be run, the directory must be initialized. False True.
Fill in the correct answers below: Infrastructure as Code (IaC) makes infrastructure changes _______, ________, ________, and __________. (select four) idempotent repeatable highly-available consistent predictable.
Scenario: You are deploying a new application and want to deploy it to multiple AWS regions within the same configuration file. Which of the following features will allow you to configure this? multiple provider blocks using an alias using the default provider along with a single defined provider one provider block that defines multiple regions a provider with multiple versions defined.
Anahita is an experienced IT professional and is working to learn Terraform to manage the F5 load balancers that front-end customer-facing applications. Anahita writes great code, but her formatting seldom meets the Terraform canonical formatting and style recommended by HashiCorp. What built-in tool or command can Anahita use to easily format her code to meet the recommendations for formatting Terraform code? $ terraform fmt $ terraform lint $ terraform validate $ terraform refresh .
What feature of Terraform provides an abstraction above the upstream API and is responsible for understanding API interactions and exposing resources? Terraform provider Terraform configuration file Terraform backend Terraform provisioner.
True or False? Performing a terraform plan can modify the existing Terraform state file. True False.
True or False? A remote backend configuration is required for using Terraform. True False.
There are multiple ways to authenticate when using a Terraform provider. However, several methods will result in sensitive information being written to the state file, which is not desirable. Which method below will not result in sensitive information being written to the state file. using a tfvars file retrieving the credentials from a data source, such as HashiCorp Vault using a declared variable using environment variables.
Given the following snippet of code, what will the value of the "Name" tag equal after a terraform apply? variable "name" { description = "The username assigned to the infrastructure" default = "data_processing" } variable "team" { description = "The team responsible for the infrastructure" default = "IS Team" } locals { name = (var.name != "" ? var.name : random_id.id.hex) owner = var.team common_tags = { Owner = local.owner Name = local.name } } data_processing IS Team a random hex value an empty string.
You are an Infrastructure Engineer at Strategies, Inc, which is a new organization that provides marketing services to startups. All of your infrastructure is provisioned and managed by Terraform. Despite your pleas to not make changes outside of Terraform, sometimes the other engineers log into the cloud platform and make minor changes to resolve problems. What Terraform command can you use to reconcile the state with the real-world infrastructure in order to detect any drift from the last-known state? terraform state show terraform validate terraform graph terraform refresh .
Scenario: You have a Terraform configuration file defining resources to deploy on VMware, yet there is no related state file. You have successfully run a terraform init already. What happens when you run a terraform apply? Since there is no state file associated with this configuration file, the defined resources will be created on the VMware infrastructure. Terraform will scan the VMware infrastructure, create a new state file, and compare the state to the configuration file to determine what resources should be created. Terraform will produce an error since there is no state file All existing infrastructure on VMware will be deleted, and the resources defined in the configuration file will be creat.
Based on the following code, which of the resources will be created first? example_sqs_queue aws_eip.ip aws_s3_bucket.customer_data aws_instance.data_processing .
Ario works at a payment processing company and manages the organization's VMware environment. He recently provisioned a new cluster for a production environment. To ensure everything is working as expected, Ario has been using Terraform and the VMware vSphere client to create and destroy new virtual machines. Currently, there are three virtual machines running on the new cluster, so Ario runs terraform destroy to remove the remaining virtual machines from the cluster. However, Terraform only removes two of the virtual machines, leaving one virtual machine still running. Why would Terraform only remove two of the three virtual machines? Terraform can only destroy a maximum of 2 resources per terraform destroy execution the vSphere provider credentials are invalid, and therefore Terraform cannot reach the third virtual machine the virtual machine was marked with vSphere tags to prevent it from being destroyed the remaining virtual machine was not created by Terraform, therefore Terraform is not aware of the virtual machine and cannot destroy it.
When a terraform apply is executed, where is the AWS provider retrieving credentials to create cloud resources in the code snippet below? provider "aws" { region = us-east-1 access_key = data.vault_aws_access_credentials.creds.access_key secret_key = data.vault_aws_access_credentials.creds.secret_key } from the .tfvars file called vault From a data source that is retrieving credentials from HashiCorp Vault. Vault is dynamically generating the credentials on Terraform's behalf. From a variable called vault_aws_access_credentials from a script that is executing commands against Vault.
Shahin just finished up a new Terraform configuration file and has successfully deployed the configuration on Azure using Terraform open-source. After confirming the configuring on Azure, Pam changes to a new workspace and then heads to lunch. When she arrives back at her desk, Pam decides to destroy the resources to save on cost. When Pam executes a terraform destroy, the output indicates there are no resources to delete. Why can't Pam delete the newly created resources in Azure? $ terraform destroy An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: Terraform will perform the following actions: Plan: 0 to add, 0 to change, 0 to destroy. there is no Terraform state in the current workspace she is working in the Terraform state was deleted when she created the new workspace Terraform reached the maximum timeout while Pam was away from lunch, therefore the resources were automatically destroyed an Azure administrator manually deleted the resources.
Which type of configuration block assigns a name to an expression that can be used multiple times within a module without having to repeat it? backend provider resources local.
Terraform has detailed logs that can be enabled using the TF_LOG environment variable. Which of the following log levels is the most verbose, meaning it will log the most specific logs? ERROR INFO DEBUG TRACE .
Which of the following commands can be used to detect configuration drift? terraform taint terraform apply -refresh-only terraform init terraform fmt .
HashiCorp offers multiple versions of Terraform to meet the needs of individuals to large enterprises. Which of the following offerings provide access to a private module registry? (select four) Terraform Cloud - Team & Governance Terraform Cloud - Free Terraform Cloud - Business Terraform Open-Source Terraform Enterprise (self-hosted).
Both Terraform CLI and Terraform Cloud offer a feature called "workspaces". Which of the following statements are true regarding workspaces? (select three) Each CLI workspace coincides with a different VCS repo Terraform Cloud maintains the state version and run history for each workspace Terraform Cloud manages infrastructure collections with a workspace whereas CLI manages collections of infrastructure resources with a persistent working directory CLI workspaces are alternative state files in the same working directory Run history is logged in a file underneath the working directory of a CLI workspace.
True or False? Terraform is designed to work with public cloud platforms, and organizations that wish to use it for on-premises infrastructure (private cloud) should look for an alternative solution. True False.
Which feature of Terraform Enterprise can be used to enforce fine-grained policies to enforce standardization and cost controls before resources are provisioned with Terraform? remote runs module registry sentinel workspaces.
Terraform Cloud provides organizations with many features not available to those running Terraform open-source to deploy infrastructure. Select the ADDITIONAL features that organizations can take advantage of by moving to Terraform Cloud. (select three) providers remote runs VCS connection private module registry public module registry.
Infrastructure as Code (Iac) provides many benefits to help organizations deploy application infrastructure much faster than clicking around in the console. What are the additional benefits to IaC? (select three) creates a blueprint of your data center eliminates parallelism code can easily be shared and reused can always be used to deploy the latest features and services allows infrastructure to be versioned.
When using a Terraform provider, it's common that Terraform needs credentials to access the API for the underlying platform, such as VMware, AWS, or Google Cloud. While there are many ways to accomplish this, what are three options that you can provide these credentials? (select three) Terraform can manage dependencies within a single cloud, but not cross-cloud Terraform can simplify both management and orchestration of deploying large-scale, multi-cloud infrastructure A single Terraform configuration file can be used to manage multiple providers Terraform is cloud-agnostic but requires a specific provider for the cloud platform.
Shervin is using Terraform to deploy infrastructure using modules. Where is the module below stored? module "monitoring_tools" { source = "././modules/monitoring_tools" cluster_hostname = module.k8s_cluster.hostname } in a public GitLab repository locally on the instance running Terraform on the Terraform public module registry a private module registry in Terraform Cloud (free).
Arvin has deployed many resources in AWS using Terraform and can easily update or destroy resources when required by the application team. A new employee, Dwight, is working with the application team and deployed a new EC2 instance through the AWS console. When Arvin finds out, he decided he wants to manage the new EC2 instance using Terraform moving forward. He opens his terminal and types: $ terraform import aws_instance.web_app_42 i-b54a26b28b8acv7233 However, Terraform returns the following error: Error: resource address "aws_instance.web_app_42" does not exist in the configuration. What does Arvin need to do first in order to manage the new Amazon EC2 instance with Terraform? import the configuration of the EC2 instance called web_app_42 from AWS first configure the appropriate tags on the Amazon EC2 resource so Terraform knows that it should manage the resource moving forward create a configuration for the new resource in the Terraform configuration file, such as: resource "aws_instance" "web_app_42" { # (resource arguments) } Terraform cannot manage resources that were provisioned manually .
Which of the following are the benefits of using modules in Terraform? (select three) enables code reuse allows modules to be stored anywhere accessible by Terraform supports versioning to maintain compatibility supports modules stored locally or remotely.
A provider alias is used for what purpose in a Terraform configuration file? to use as shorthand for resources to be deployed with the referenced provider alias isn't used with providers, they are used with provisioners using the same provider with different configurations for different resources to signify what resources should be deployed to a certain cloud provider.
What are some of the problems of how infrastructure was traditionally managed before Infrastructure as Code? (select three) Traditional deployment methods are not able to meet the demands of the modern business where resources tend to live days to weeks, rather than months to years Requests for infrastructure or hardware required a ticket, increasing the time required to deploy applications Pointing and clicking in a management console is a scalable approach and reduces human error as businesses are moving to a multi-cloud deployment model Traditionally managed infrastructure can't keep up with cyclic or elastic applications.
In Terraform Enterprise, a workspace can be mapped to how many VCS repos? 5 1 3 2.
HashiCorp offers multiple versions of Terraform, including Terraform open-source, Terraform Cloud, and Terraform Enterprise. Which of the following Terraform features are only available in the Enterprise edition? (select one) Private Network Connectivity Private Module Registry SAML/SSO Audit Logs Locally hosted installation Clustering.
When configuring a remote backend in Terraform, it might be a good idea to purposely omit some of the required arguments to ensure secrets and other relevant data are not inadvertently shared with others. What are the ways the remaining configuration can be added to Terraform so it can initialize and communicate with the backend? (select three) directly querying HashiCorp Vault for the secrets use the -backend-config=PATH to specify a separate config file command-line key/value pairs interactively on the command line.
By default, where does Terraform store its state file? Amazon S3 bucket current working directory remotely using Terraform Cloud shared directory.
In order to make a Terraform configuration file dynamic and/or reusable, static values should be converted to use what? module input variables regular expressions output value.
Using multi-cloud and provider-agnostic tools provides which of the following benefits? (select two) slower provisioning speed allows the operations team to catch mistakes before they are applied can be used across major cloud providers and VM hypervisors operations teams only need to learn and manage a single tool to manage infrastructure, regardless of where the infrastructure is deployed increased risk due to all infrastructure relying on a single tool for management.
Terraform-specific settings and behaviors are declared in which configuration block type? resource provider data terraform.
Aladdin is writing brand new code and needs to ensure it is syntactically valid and internally consistent. Stephen doesn't want to wait for Terraform to access any remote services while making sure his code is valid. What command can he use to accomplish this? terraform fmt terraform show terraform validate terraform refresh .
What are the benefits of using Infrastructure as Code? (select five) Infrastructure as Code allows a user to turn a manual task into a simple, automated deployment Infrastructure as Code is relatively simple to learn and write, regardless of a user's prior experience with developing code Infrastructure as Code provides configuration consistency and standardization among deployments Infrastructure as Code gives the user the ability to recreate an application's infrastructure for disaster recovery scenarios Infrastructure as Code easily replaces development languages such as Go and .Net for application development Infrastructure as Code is easily repeatable, allowing the user to reuse code to deploy similar, yet different resources.
Published modules via the Terraform Registry provide which of the following benefits? (select four) show examples and READMEs allow browsing version histories automatically generated documentation support versioning support from any code repo.
What does the command terraform fmt do? updates the font of the configuration file to the official font supported by HashiCorp deletes the existing configuration file formats the state file in order to ensure the latest state of resources can be obtained rewrite Terraform configuration files to a canonical format and style.
Select the answer below that completes the following statement: Terraform Cloud can be managed from the CLI but requires __________? a TOTP token an API token a username and password authentication using MFA.
What is the best and easiest way for Terraform to read and write secrets from HashiCorp Vault? API access using the AppRole auth method integration with a tool like Jenkins Vault provider CLI access from the same machine running Terraform.
Your organization has moved to AWS and has manually deployed infrastructure using the console. Recently, a decision has been made to standardize on Terraform for all deployments moving forward. What can you do to ensure that all existing is managed by Terraform moving forward without interruption to existing services? submit a ticket to AWS and ask them to export the state of all existing resources and use terraform import to import them into the state file resources that are manually deployed in the AWS console cannot be imported by Terraform using terraform import, import the existing infrastructure into your Terraform state delete the existing resources and recreate them using new a Terraform configuration so Terraform can manage them moving forward.
True or False? State is a requirement for Terraform to function. False True.
Which of the following best describes a Terraform provider? a container for multiple resources that are used together a plugin that Terraform uses to translate the API interactions with the service or provider serves as a parameter for a Terraform module that allows a module to be customized describes an infrastructure object, such as a virtual network, compute instance, or other components.
What is a downside to using a Terraform provider, such as the Vault provider, to interact with sensitive data, such as reading secrets from Vault? Terraform requires a unique auth method to work with Vault Terraform and Vault must be running on the same version secrets are persisted to the state file and plans Terraform and Vault must be running on the same physical host.
You have been given requirements to create a security group for a new application. Since your organization standardizes on Terraform, you want to add this new security group with the fewest number of lines of code. What feature could you use to iterate over a list of required tcp ports to add to the new security group? dynamic block splat expression terraform import dynamic backend.
In the example below, where is the value of the DNS record's IP address originating from? resource "aws_route53_record" "www" { zone_id = aws_route53_zone.primary.zone_id name = "www.helloworld.com" type = "A" ttl = "300" records = [module.web_server.instance_ip_addr] } the regular expression named module.web_server the output of a module named web_server value of the web_server parameter from the variables.tf file by querying the AWS EC2 API to retrieve the IP address.
True or False? You can migrate the Terraform backend but only if there are no resources currently being managed. False True.
True or False? Workspaces provide identical functionality in the open-source, Terraform Cloud, and Enterprise versions of Terraform. False True.
Which of the following represents a feature of Terraform Cloud that is NOT free to customers? workspace management private module registry team management and governance VCS integration.
What are some of the features of Terraform state? (select three) determining the correct order to destroy resources increased performance mapping configuration to real-world resources inspection of cloud resources.
What is the purpose of using the local-exec provisioner? (select two) to invoke a local executable ensures that the resource is only executed in the local infrastructure where Terraform is deployed executes a command on the resource to invoke an update to the Terraform state to execute one or more commands on the machine running Terraform.
Which of the following best describes the default local backend? The local backend is where Terraform Enterprise stores logs to be processed by an log collector The local backend is the directory where resources deployed by Terraform have direct access to in order to update their current state The local backend is how Terraform connects to public cloud services, such as AWS, Azure, or GCP. The local backend stores state on the local filesystem, locks the state using system APIs, and performs operations locally.
Terry is using a module to deploy some EC2 instances on AWS for a new project. He is viewing the code that is calling the module for deployment, which is shown below. Where is the value of the security group originating? module "ec2_instances" { source = "terraform-aws-modules/ec2-instance/aws" version = "2.12.0"  name = "my-ec2-cluster" instance_count = 2  ami = "ami-0c5204531f799e0c6" instance_type = "t2.micro" vpc_security_group_ids = [module.vpc.default_security_group_id] subnet_id = module.vpc.public_subnets[0]  tags = { Terraform = "true" Environment = "dev" } the output of another module the Terraform public module registry from a variable likely declared in a .tfvars file being passed to another module an environment variable being using during a terraform apply .
Select the feature below that best completes the sentence: The following list represents the different types of __________ available in Terraform. max min join replace list length range functions data sources backends named values.
True or False? Starting in Terraform v0.12, the Terraform language now has built-in syntax for creating lists using the [ and ] delimiters, replacing and deprecating the list () function. True False.
What happens when a terraform plan is executed? reconciles the state Terraform knows about with the real-world infrastructure creates an execution plan and determines what changes are required to achieve the desired state in the configuration files. the backend is initialized and the working directory is prepped applies the changes required in the target infrastructure in order to reach the desired configuration.
Behruz is using modules to provision an Azure environment for a new application. She is using the following code and specifying a version of her virtual machine module to ensure she's calling the correct module. Which of the following provides support for versioning of a module? (select two) module "compute" { source = "Azure/compute/azurerm" version = "3.8.0" } local file paths public module registry modules stored in GitLab private module registry.
When using parent/child modules to deploy infrastructure, how would you export a value from one module to import into another module. For example, a module dynamically deploys an application instance or virtual machine, and you need the IP address in another module to configure a related DNS record in order to reach the newly deployed application. configure the pertinent provider's configuration with a list of possible IP addresses to use preconfigure the IP address as a parameter in the DNS module configure an output value in the application module in order to use that value for the DNS module export the value using terraform export and input the value using terraform input .
Which of the following actions are performed during a terraform init? (select three) download the declared providers which are supported by HashiCorp initializes the backend configuration provisions the declared resources in your configuration initializes downloaded and/or installed providers.
Which of the following connection types are supported by the remote-exec provisioner? (select two) winrm ssh smb rdp.
What Terraform feature is shown in the example below? 1. resource "aws_security_group" "example" { 2. name = "sg-app-web-01" 3. 4. dynamic "ingress" { 5. for_each = var.service_ports 6. content { 7. from_port = ingress.value 8. to_port = ingress.value 9. protocol = "tcp" 10. } 11. } 12. } dynamic block conditional expression data source local values.
You want to use terraform import to start managing infrastructure that was not originally provisioned through infrastructure as code. Before you can import the resource's current state, what must you do in order to prepare to manage these resources using Terraform? shut down or stop using the resources being imported so no changes are inadvertently missed run terraform refresh to ensure that the state file has the latest information for existing resources. modify the Terraform state file to add the new resources update the configuration file to include the new resources.
Which of the following is considered a Terraform plugin? Terraform tooling Terraform provider Terraform language Terraform logic.
Given the Terraform configuration below, in which order will the resources be created? 1. resource "aws_instance" "web_server" { 2. ami = "i-abdce12345" 3. instance_type = "t2.micro" 4. } 5. 6. resource "aws_eip" "web_server_ip" { 7. vpc = true 8. instance = aws_instance.web_server.id 9. } resources will be created simultaneously aws_eip will be created first aws_instance will be created second no resources will be created aws_instance will be created first aws_eip will be created second.
When multiple engineers start deploying infrastructure using the same state file, what is a feature of remote state storage that is critical to ensure the state does not become corrupt? object storage state locking workspaces encryption.
What happens when a terraform apply command is executed? reconciles the state Terraform knows about with the real-world infrastructure the backend is initialized and the working directory is prepped creates the execution plan for the deployment of resources applies the changes required in the target infrastructure in order to reach the desired configuration.
What Terraform command can be used to inspect the current state file? terraform inspect terraform show terraform read terraform state .
From the answers below, select the advantages of using Infrastructure as Code. (select four) Safely test modifications using a "dry run" before applying any actual changes Easily integrate with application workflows (GitLab Actions, Azure DevOps, CI/CD tools) Easily change and update existing infrastructure Provide a codified workflow to develop customer-facing applications Provide reusable modules for easy sharing and collaboration.
True or False? Multiple providers can be declared within a single Terraform configuration file. True False.
Why is it a good idea to declare the required version of a provider in a Terraform configuration file? to match the version number of your application being deployed via Terraform to remove older versions of the provider providers are released on a separate schedule from Terraform itself; therefore a newer version could introduce breaking changes to ensure that the provider version matches the version of Terraform you are using.
Select two answers to complete the following sentence: Before a new provider can be used, it must be ______ and _______. (select two) uploaded to source control declared or used in a configuration file approved by HashiCorp initialized.
Which of the following Terraform files should be ignored by Git when committing code to a repo? (select two) terraform.tfvars terraform.tfstate variables.tf output.tf.
Rick is writing a new Terraform configuration file and wishes to use modules in order to easily consume Terraform code that has already been written. Which of the modules shown below will be created first? 1. terraform { 2. required_providers { 3. aws = { 4. source = "hashicorp/aws" 5. } 6. } 7. } 8. 9. provider "aws" { 10. region = "us-west-2" 11. } 12. 13. module "vpc" { 14. source = "terraform-aws-modules/vpc/aws" 15. version = "2.21.0" 16. 17. name = var.vpc_name 18. cidr = var.vpc_cidr 19. 20. azs = var.vpc_azs 21. private_subnets = var.vpc_private_subnets 22. public_subnets = var.vpc_public_subnets 23. 24. enable_nat_gateway = var.vpc_enable_nat_gateway 25. 26. tags = var.vpc_tags 27. } 28. 29. module "ec2_instances" { 30. source = "terraform-aws-modules/ec2-instance/aws" 31. version = "2.12.0" 32. 33. name = "my-ec2-cluster" 34. instance_count = 2 35. 36. ami = "ami-0c5204531f799e0c6" 37. instance_type = "t2.micro" 38. vpc_security_group_ids = [module.vpc.default_security_group_id] 39. subnet_id = module.vpc.public_subnets[0] 40. 41. tags = { 42. Terraform = "true" 43. Environment = "dev" 44. } 45. } 1. module "vpc" 1. module "ec2_instances".
Frank has a file named main.tf which is shown below. Which of the following statements are true about this code? (select two) 1. module "servers" { 2. source = "./app-cluster" 3. 4. servers = 5 5. } app-cluster is the child module main.tf is the calling module app-cluster is the calling module main.tf is the child module.
Which Terraform command will force a marked resource to be destroyed and recreated on the next apply? terraform taint terraform destroy terraform fmt terraform refresh .
What are the core Terraform workflow steps to use infrastructure as code? 1. 1) Plan 2. 2) Apply 3. 3) Destroy 1. 1) Plan 2. 2) Apply 3. 3) Pray 1. 1) Code 2. 2) Validate 3. 3) Apply 1. 1) Write 2. 2) Plan 3. 3) Apply.
Which of the following allows Terraform users to apply policy as code to enforce standardized configurations for resources being deployed via infrastructure as code? functions module registry workspaces sentinel.
After running into issues with Terraform, you need to enable verbose logging to assist with troubleshooting the error. Which of the following values provides the MOST verbose logging? WARN DEBUG INFO ERROR TRACE.
After executing a terraform plan, you notice that a resource has a tilde (~) next to it. What does this infer? the resource will be destroyed and recreated the resource will be updated in place Terraform can't determine how to proceed due to a problem with the state file The prefix -/+ means that Terraform will destroy and recreate the resource, rather than updating it in-place. Some attributes and resources can be updated in-place and are shown with the ~ prefix.
In regards to deploying resources in multi-cloud environments, what are some of the benefits of using Terraform rather than a provider's native tooling? (select three) Terraform simplifies management and orchestration, helping operators build large-scale, multi-cloud infrastructure Terraform can help businesses deploy applications on multiple clouds and on-premises infrastructure Terraform is not cloud-agnostic and can be used to deploy resources across a single public cloud Terraform can manage cross-cloud dependencies.
True or False? Provisioners should only be used as a last resort. True False.
Which configuration block would be used within a Terraform configuration to identify the specific version of a provider required? required-provider required-version required_versions required_providers.
In regards to Terraform state file, select all the statements below which are correct: (select four) storing state remotely can provide better security Terraform Cloud always encrypts state at rest using the mask feature, you can instruct Terraform to mask sensitive data in the state file when using local state, the state file is stored in plain-text the state file is always encrypted at rest the Terraform state can contain sensitive data, therefore the state file should be protected from unauthorized access.
Report abuse