Practice Questions For Terraform Associate Certification Part - 3

Questions For Terraform Associate Certification

All the questions and answers are taken straight from their documentation. These are only practice questions.

We are not going to discuss any concepts here, rather, I just want to create a bunch of practice questions for this exam based on the curriculum provided here.

Question 1: There can be multiple provider blocks for AWS within a single terraform configuration file? True

Question 2: After creating an EC2 instance, Yash wants to automatically install certain software packages like Nginx inside that EC2 instance. What is the way to achieve it?

Make use of Local Provisioner https://www.terraform.io/language/resources/provisioners/remote-exec

Question 3: You want to upgrade the provider version to the latest acceptable one. What is the approach to do it?

terraform init-upgrade

https://www.terraform.io/cli/commands/init

Question 4: Will the below action is blocker , when terraform state file is locked? terraform fmt

false

Question 5: Supratik has joined a Security Architect in Enterprise Corp. He has mandated that all the Terraform configuration that creates an S3 bucket must have encryption feature enabled. What is the best way to achieve it?

Make us of sentinel policies

Question 6: What does terraform destroy do?

Destroy all infrastructure in the Terraform sate file

Question 7: 

 If resources are deleted manually but were created through terraform, what will happen if terraform apply?

resources will be created again 

Question 8: terraform refresh will update the state file?

True 

Question 9: Enterprise Corp has recently tied up with multiple small organization for exchanging database information.
Due to this, the firewall rules are increasing and are more than 100 rules.
This is leading firewall configuration file that is difficult to manage.
What is the way this type of configuration can be managed easily?

Dynamic blocks

Question 10: What is the system in which terraform plan and apply is happening remotely but the output is streamed locally called?

Remote backends

Question 11: James has created a variable and has explicitly defined the type as a string. Following is the snippet: 



 
variable "myvar" {
  type = string
}

Which of the following value will be accepted?

2 and "2" both

Question 12: Alice has created 10 different AWS resources from a single terraform configuration file named large.tf Due to some manual modification to one of the EC2 instances, she wants to destroy and recreate the EC2 instance. What is the ideal way to achieve it?

Question 13: True/False Will the below action be blocked when the Terraform state file is locked?

terraform apply 

Ans : true Since it is a write operation, it will be blocked.

Question 14: What of these function is NOT part of string functions in terraform?

Ans :  slice 

 Although this is a little theoretical Question, it is still important to remember for the exams. https://www.terraform.io/language/functions

Question 15: Which service among these provides the direct capability of locking the state file for the remote backend?

Consul 

 For Amazon S3 ,we requires DynamoDB as well.

Question 16: True/False Will the below action be blocked when the Terraform state file is locked?

terraform validate 

false

Question 17: When sentinel runs in terraform enterprise?

Before Apply

Question 18: How do you create DOT file?

terraform graph

Question 19: Which command is used to save a terraform plan to a file?

terraform plan -out = &lt file &gt

Question 20: There are a total of 50 EC2 instances that are being created. Following count parameter is set: count = 50 EC2 resource has an attribute of private_dns. There is a requirement that outputs should show attribute value for all of the 50 EC2 instances. What of the following syntax can be used as initials to achieve this?

resource.localname[*].attribute

Question 21 What of these are NOT other services that are Iaas?

Notpad

 as Teraform 

 ARM and cloudformation are IAAS

Question 22: A module can access all the variables of the parent module?

False

Question 23: What are the steps to iteratively develop the Terraform code for your intended infrastructure?

Write terraform code, terraform plan to view the planned infa and terraform apply to create infrastructure.

Question 24: Sentinel is ___ ?

Proactive service

Question 25:

True/False

Question 26: Will the below action be blocked when the Terraform state file is locked? terraform destroy

true

Question 27: What is the local name of the resource in Terraform from the following snippet? 



 
resource "azurerm_resource_group" "example" {
name = "test"
location = "West Europe"resource

"example"

Question 28: True/False The person who generated the plan is the only person who can apply it?

false 

as we can store plan and later can be applied by other as well.

Question 28: True/False When running terraform taint, terraform will immediately delete and recreate it?

true

Question 29: What is the provisioner that invokes a process on machine that runs terraform?

local-exec

Question 30: True/False Is it mandatory to provide a module version while pulling code from Terraform Registry?

false

Question 31: True/False Is it mandatory to provide a module version while pulling code from Terraform Registry?

List

Question 32: Which configuration consistency errors does terraform validate report?

Declaring resource identifiers more than once

Question 33: What is one of the downsides of using dynamic blocks in a Terraform configuration?

makes code harder to read and understand to the others

Question 34:

Question 35: Will the below action be blocked when the Terraform state file is locked?

terraform state list false

Question 36: The Terraform module installer supports installation from a number of different source types, which of these is not a supported source type?

FTP server

Question 36: What is the use of Sentinel policy as a code in Terraform Enterprise provides what security posture?

A proactive governance of infrastructure best practices

Question 37: As a developer, you want to ensure your plugins are up to date with the latest version. Which Terraform command should you use?

terraform init --upgrade

Question 38: A key benefit of using the Terraform Enterprise Sentinel is the ability to enforce policy logic at what phrase of a Terraform to run?

Sentinel checks run before the apply phase of run

Question 39: Terraform backend can only be migrated if no resources are created

False
We can easily migrate the backend even if the resources are created.

Question 40: Terraform state file stores which type of dependency information?

Both explicit and Implicit dependencies are stored in the state

Question 41: Following is the terraform configuration file: 



 

resource "aws_instance" "myec2" { 
  instance_type = "t2.small"
  ami           = "ami-12345"
  count          = 4 
}

Among these, what does the terraform resource address aws_instance.myec2 point to?

It refers to all 4 web instances, together, together, for further individuals segregation, indexing required, with a 0 based index

Question 42: Developers in Medium Corp are facing a few issues while writing complex expressions that involve interpolation. They have to run the terraform plan every time and check whether there are errors, and also verify the terraform apply to print value as a temporary output for the purpose of debugging What can be achieved to avoid this?

use the terraform console command with the full access to the underlaying terraform state to run your interpolations, and debug at a real-time.

Question 43: If an organization is making use of parent/child modules to deploy its production infrastructure, how can they export value from one module to import into another module?

Configure an output value in the application module in order to use that value for DNS modules

Question 44: Matthew has written the following Terraform configuration file. In which order will the resources be created? 



resource "aws_instance" "myec2" {
 ami = "ami-12345"
 instance_type = "t2.large"
}
 
resource "aws_eip" "myeip"{
 vpc = true 
 instance = aws_instance.myec2.id
}

aws_instance will b created first aws_eip will be created second

Question 45: After executing a terraform apply, you notice that a resource has a tilde (~) next to it. What does this infer?

the resource will be updated in place

Question 46: Which of the following is not a supported backend type?

Github

 Consul

 Artifacory

 S3 

terraform enterprise are supported types

Question 47: Terraform makes use of parallelism to reduce the time it takes for provisioning of resources. What is the number of concurrent operations that runs while provisioning resources?

10 -parallelism=n - Limit the number of concurrent operation as Terraform walks the graph. Defaults to 10.

Question 48: Which configuration block type is used to add terraform related settings?

terraform

Question 49: Matthew has created 3 terraform workspace workspaces using the command line: workspacea, workspaceb, workspacec. Matthew wants to create an additional workspace named testing. Which command will create a new workspace?

terraform workspace new testing

Question 50: In the following terraform resource code, where is the value of the DNS record's IP address originating from? 



resource "aws_route53_record" "mydns" {
  zone_id = aws_route53_zone.primary.zone_id
  name = "http://kplabs.in"
  type = "A"
  records = [module.web_server.instance_ip_address]
}

the output of module named web_server

We have seen Practice Questions For Terraform Associate Certification Part - 3 . in the next post we will see more questions.