DevOps Shack

100 Terraform Basic To

Advanced Interview
Questions & Answers
Terraform Basics

1. What is Terraform?

o Terraform is an open-source infrastructure as code software tool created by

HashiCorp. It allows users to define and provision infrastructure using a high-
level configuration language known as HashiCorp Configuration Language
(HCL).

2. Explain the difference between Terraform and other configuration

management tools like Ansible or Chef.

o Terraform is focused on infrastructure provisioning and management, while

tools like Ansible or Chef are primarily configuration management tools for
servers and applications.

3. What is Infrastructure as Code (IaC)?

o Infrastructure as Code is the practice of managing infrastructure using code

and automation. With IaC, infrastructure configurations are defined in code,
version-controlled, and can be automatically provisioned and managed.
 4. What is the purpose of state files in Terraform?

o State files in Terraform store information about the infrastructure managed by

Terraform. They track resource metadata, dependencies, and other details
required for Terraform to manage the infrastructure effectively.

5. How do you initialize a Terraform configuration?

o You initialize a Terraform configuration by running the terraform

init command in the directory containing your Terraform configuration files.

Terraform Commands:

6. What is the command to initialize a Terraform configuration?

o terraform init

7. How do you create an execution plan in Terraform?

o You create an execution plan by running the terraform plan command. This
command generates an execution plan showing what Terraform will do when
you apply the configuration.

8. What is the command to apply Terraform configuration changes?

o terraform apply

9. How do you destroy Terraform-managed infrastructure?

o You can destroy Terraform-managed infrastructure using the terraform

destroy command.

10. What command is used to validate Terraform configuration files?

o terraform validate

Terraform Configuration:

11. What is a provider in Terraform?

o A provider is a plugin that Terraform uses to interact with a specific cloud or

infrastructure service. Examples include AWS, Azure, Google Cloud, etc.
 12. How do you define a provider in Terraform configuration?

o You define a provider using the provider block in your Terraform

configuration file. For example:
o provider "aws" {
o region = "us-west-2"
}

13. What is a resource in Terraform?

o A resource in Terraform represents a piece of infrastructure, such as an AWS

EC2 instance, Google Cloud Storage bucket, or Azure Virtual Network.

14. How do you define a resource in Terraform configuration?

o You define a resource using the resource block in your Terraform

configuration file. For example:
o resource "aws_instance" "example" {
o ami = "ami-0c55b159cbfafe1f0"
o instance_type = "t2.micro"
}

15. What is a module in Terraform?

o A module in Terraform is a collection of Terraform configuration files grouped

together to encapsulate reusable infrastructure components.

Terraform State:

16. Where does Terraform store its state by default?

o Terraform stores its state locally by default, in a file

named terraform.tfstate in the working directory.

17. What are the drawbacks of storing Terraform state locally?

o Storing Terraform state locally can lead to issues with collaboration and
concurrency, as multiple users working on the same configuration can
overwrite each other's changes.

18. How can you store Terraform state remotely?

o Terraform supports storing state remotely using backend configurations.

Popular options include Amazon S3, Azure Blob Storage, Google Cloud
Storage, and HashiCorp Consul.

19. What is the purpose of locking in Terraform state?

o Locking in Terraform state prevents concurrent operations from multiple

users, ensuring that changes are applied sequentially and preventing conflicts.
 20. How do you enable state locking in Terraform?

o You enable state locking by configuring a locking mechanism in your

Terraform backend configuration. For example, with S3 backend, you can
enable locking by setting dynamodb_table parameter.

Terraform Variables and Outputs:

21. What are Terraform variables?

o Terraform variables allow you to parameterize your configurations, making

them more flexible and reusable.

22. How do you define variables in Terraform configuration?

o You define variables using the variable block in your Terraform configuration
file. For example:
o variable "instance_type" {
o description = "The type of EC2 instance to create"
o default = "t2.micro"
}

23. How do you assign values to variables in Terraform?

o You can assign values to variables using various methods, such as passing
them as command-line arguments, using environment variables, or defining
them in a separate variable file.

24. What are Terraform outputs?

o Terraform outputs allow you to extract information from your Terraform

configuration, such as resource attributes or computed values, and display
them after applying the configuration.

25. How do you define outputs in Terraform configuration?

o You define outputs using the output block in your Terraform configuration file.
For example:
o output "instance_ip" {
o value = aws_instance.example.public_ip
}
Terraform Modules:

26. What is a Terraform module?

o A Terraform module is a reusable collection of Terraform configuration files

that represent a set of related infrastructure resources.

27. What is the purpose of using Terraform modules?

o Terraform modules promote code reuse, modularity, and maintainability by

encapsulating infrastructure components into reusable units.

28. How do you call a module from within another Terraform configuration?

o You call a module using the module block in your Terraform configuration file,
providing values for any input variables defined by the module.

29. What are input variables in Terraform modules?

o Input variables in Terraform modules allow you to customize the behavior of

the module by passing values from the calling configuration.

30. How do you define input variables for Terraform modules?

o You define input variables for modules using the variable block within the
module's configuration files.

Terraform Networking:

31. How do you create a virtual network in Terraform?

o You can create a virtual network using the appropriate resource block for the
cloud provider you are using, such as aws_vpc for AWS
or google_compute_network for Google Cloud.

32. What is subnet in Terraform?

o A subnet in Terraform represents a range of IP addresses within a virtual

network. Subnets are used to divide a network into smaller, more manageable
segments.

33. How do you create a subnet in Terraform?

o You create a subnet using the appropriate resource block for the cloud
provider you are using, such as `

aws_subnetfor AWS orgoogle_compute_subnetwork` for Google Cloud.

 34. What is security group in Terraform?

o A security group in Terraform is a set of firewall rules that control inbound and
outbound traffic for instances within a virtual network.

35. How do you define a security group in Terraform?

o You define a security group using the appropriate resource block for the cloud
provider you are using, such as aws_security_group for AWS
or google_compute_firewall for Google Cloud.

Terraform Best Practices:

36. What are some best practices for organizing Terraform configurations?

o Some best practices include modularizing configurations with Terraform

modules, using version control for configuration files, and separating
environments using workspaces or separate directories.

37. How do you manage secrets and sensitive information in Terraform?

o Secrets and sensitive information can be managed using Terraform's built-in

mechanisms such as input variables marked as sensitive or by integrating with
external secret management solutions like HashiCorp Vault or AWS Secrets
Manager.

38. What is a Terraform workspace?

o A Terraform workspace is a separate environment for running Terraform

commands, allowing you to manage multiple environments (e.g.,
development, staging, production) with separate state files and
configurations.

39. How do you create and switch between Terraform workspaces?

o You create a new workspace using the terraform workspace new command
and switch between workspaces using the terraform workspace
select command.

40. What are some common pitfalls to avoid when using Terraform?

o Common pitfalls include not properly managing state files, failing to use
appropriate locking mechanisms, and not testing changes thoroughly before
applying them in production environments.
Advanced Terraform Concepts:

41. What is Terraform interpolation?

o Terraform interpolation allows you to insert dynamic values into your

configuration files, such as referencing attributes of other resources or using
built-in functions.

42. How do you use interpolation in Terraform?

o Interpolation is performed by enclosing the expression within ${} or using the

newer ${var.} syntax for variables.

43. What is Terraform's plan output?

o Terraform's plan output provides a detailed summary of the changes

Terraform will make to your infrastructure when you apply the configuration.

44. How can you customize Terraform's plan output?

o You can customize Terraform's plan output using the -out flag to save the
plan to a file or using the -compact-warnings flag to condense warning
messages.

45. What is Terraform's graph command used for?

o The terraform graph command generates a visual representation of the

dependency graph for your Terraform configuration, showing the
relationships between resources.

Miscellaneous:

46. What are some common error messages you might encounter when
working with Terraform?

o Common error messages include resource conflicts, syntax errors in

configuration files, and issues with state file locking.

47. How do you troubleshoot Terraform configuration errors?

o Troubleshooting Terraform configuration errors involves carefully reviewing

error messages, checking syntax and formatting, and examining state files for
inconsistencies.

48. What is Terraform's remote backend?

o Terraform's remote backend allows you to store state files remotely, enabling
collaboration and concurrency among multiple users.
 49. How do you configure a remote backend in Terraform?

o You configure a remote backend by specifying the backend configuration

block in your Terraform configuration files, including details such as the
backend type (e.g., S3, Azure Blob Storage) and access credentials.
50. What is the difference between terraform apply and terraform refresh?
o terraform apply applies changes to your infrastructure as defined in the
Terraform configuration, while terraform refresh updates the state file to
reflect the current state of the infrastructure without making any changes.

Advanced
Infrastructure as Code (IaC) Concepts:

1. What is Infrastructure as Code (IaC)?

o Answer: IaC is the practice of managing and provisioning infrastructure

through machine-readable definition files, rather than physical hardware
configuration or interactive configuration tools.

2. Explain the benefits of using Terraform for IaC.

o Answer: Terraform provides benefits such as infrastructure versioning,

automated provisioning, consistency across environments, and the ability to
manage complex infrastructure setups.

3. What are the key components of Terraform?

o Answer: Key components include the Terraform CLI, Terraform configuration

files (.tf files), providers, resources, data sources, and modules.

Terraform Commands:

4. How do you initialize a Terraform configuration?

o Answer: Use the terraform init command.

5. What command is used to create an execution plan?

o Answer: Use the terraform plan command.

6. How do you apply changes to your infrastructure with Terraform?

o Answer: Use the terraform apply command.

 7. How do you destroy resources provisioned by Terraform?

o Answer: Use the terraform destroy command.

Terraform Configuration:

8. What is a Terraform provider?

o Answer: A provider is responsible for managing the lifecycle of a resource. It

authenticates with the cloud provider and exposes resources for use in
Terraform configurations.

9. Explain the purpose of Terraform variables.

o Answer: Variables allow you to parameterize your configurations, making them

more flexible and reusable across environments.

10. How do you define variables in Terraform?

o Answer: Variables can be defined using the variable block in a .tf file or by
passing them via command-line flags or environment variables.

Terraform State Management:

11. What is Terraform state?

o Answer: Terraform state is a representation of your infrastructure as managed

by Terraform. It keeps track of resources and their dependencies.

12. How is Terraform state stored?

o Answer: Terraform state can be stored locally in a file (terraform.tfstate) or

remotely using backend services like AWS S3, Azure Storage, or HashiCorp
Consul.

13. What happens if Terraform state is lost or corrupted?

o Answer: Loss or corruption of Terraform state can lead to inconsistencies

between the desired infrastructure state and the actual state. It's crucial to
back up and protect Terraform state.
Terraform Modules:

14. What are Terraform modules?

o Answer: Modules are self-contained packages of Terraform configurations that

are managed as a group. They allow you to encapsulate and reuse
infrastructure components.

15. How do you use Terraform modules?

o Answer: Modules are used by referencing them in your Terraform

configurations using the module block and providing input variables.

16. What are the advantages of using Terraform modules?

o Answer: Advantages include code reuse, abstraction of complexity, easier

maintenance, and improved collaboration.

Advanced Terraform Concepts:

17. Explain the difference between terraform apply and terraform plan.
o Answer: terraform plan generates an execution plan without making any
changes, while terraform apply executes the plan and makes the necessary
changes to reach the desired state.
18. What is the purpose of Terraform's count parameter?
o Answer: The count parameter allows you to create multiple instances of a
resource based on a numerical value or condition.

19. How do you handle sensitive data in Terraform configurations?

o Answer: Sensitive data can be managed using sensitive input variables

(sensitive = true) or stored securely in external systems and referenced in
Terraform configurations.

20. Explain the concept of Terraform workspaces.

o Answer: Workspaces allow you to manage multiple environments (such as

development, staging, and production) within the same Terraform
configuration, maintaining separate state files for each environment.
Terraform Best Practices:

21. What are some best practices for organizing Terraform configurations?

o Answer: Best practices include using modules for reusable components,

leveraging variables and locals for configuration flexibility, and separating
environments using workspaces or directories.

22. How do you manage dependencies between Terraform resources?

o Answer: Terraform automatically manages dependencies based on resource

references. You can also use depends_on to explicitly define dependencies
between resources.

23. What precautions should you take when running Terraform in a team
environment?

o Answer: It's important to establish version control practices, use locking

mechanisms to prevent concurrent state modifications, and implement access
controls to restrict permissions.

Terraform Networking:

24. How do you manage network resources (e.g., VPCs, subnets) with
Terraform?

o Answer: Use Terraform's network provider (e.g., AWS, Azure, GCP) to define
network resources in your configuration files.
25. Explain the use of Terraform's cidrsubnet function.
o Answer: cidrsubnet is used to calculate subnets within a given CIDR block,
allowing you to dynamically generate subnet configurations based on a
specified prefix length.

Terraform and Cloud Providers:

26. What cloud providers does Terraform support?

o Answer: Terraform supports major cloud providers such as AWS, Azure,

Google Cloud Platform, as well as providers for various other services and
platforms.

27. How do you authenticate Terraform with cloud providers?

o Answer: Terraform providers authenticate using credentials (e.g., API keys,

access tokens) provided through environment variables, configuration files, or
external identity providers.
 28. What is the Terraform remote backend?
o Answer: The remote backend allows Terraform state to be stored remotely,
enabling collaboration and state locking across multiple users and
environments.

Terraform Security:

29. How can you implement security best practices in Terraform

configurations?

o Answer: Best practices include using secure credentials management,

implementing least privilege access controls, encrypting sensitive data, and
regularly auditing configurations for vulnerabilities.
30. What is the terraform fmt command used for?
o Answer: terraform fmt is used to format Terraform configuration files
according to a consistent style, improving readability and maintainability.

Troubleshooting Terraform:

31. How do you troubleshoot errors in Terraform configurations?

o Answer: Troubleshooting involves examining Terraform logs (terraform.log),

analyzing error messages, checking for syntax errors, and validating resource
dependencies.

32. What steps can you take to prevent accidental destruction of

infrastructure with Terraform?

o Answer: Implementing safeguards such as enabling terraform

apply confirmation prompts, using terraform plan to review changes before
applying, and enabling state file backups can help prevent accidental
destruction.
Terraform Integration:

33. How can Terraform be integrated with CI/CD pipelines?

Answer: Terraform can be integrated into CI/CD pipelines using tools like Jenkins,
GitLab CI/CD, or AWS CodePipeline to automate infrastructure provisioning and
deployment.

34. What is Terraform's local-exec provisioner?

o Answer: The local-exec provisioner allows you to execute commands locally
on the machine running Terraform, enabling tasks such as local script
execution or resource configuration.

Advanced Terraform Techniques:

35. How do you manage Terraform state across multiple teams or projects?

o Answer: Use Terraform's remote state backend with access controls and state
locking mechanisms to manage state across teams or projects securely.
36. What is the purpose of Terraform's terraform console command?
o Answer: terraform console opens an interactive console where you can
evaluate Terraform expressions, test configurations, and troubleshoot issues.

Terraform Enterprise:

37. What is Terraform Enterprise, and how does it differ from the open-
source version?

o Answer: Terraform Enterprise is a commercial offering by HashiCorp that

provides additional features such as collaboration, governance, and
automation capabilities beyond the open-source version.

38. How do you manage Terraform Enterprise workspaces and permissions?

o Answer: Terraform Enterprise allows you to manage workspaces and

permissions through its web interface, providing granular control over who
can access and modify infrastructure configurations.
Terraform Cloud:

39. What is Terraform Cloud, and how does it integrate with Terraform?

o Answer: Terraform Cloud is a SaaS platform for collaborating on Terraform

configurations, providing features such as remote execution, state
management, and version control integration.

40. How do you trigger Terraform runs in Terraform Cloud?

o Answer: Terraform runs in Terraform Cloud can be triggered manually,

automatically on VCS (Version Control System) changes, or via API calls.

Terraform Automation:

41. How can you automate Terraform tasks using scripts or tools?

o Answer: Terraform tasks can be automated using scripting languages (e.g.,

Bash, Python) or automation tools (e.g., Ansible, Puppet) to orchestrate
Terraform commands and workflows.
42. What is Terraform's remote-exec provisioner used for?
o Answer: The remote-exec provisioner allows you to execute commands on
remote instances after provisioning, enabling tasks such as software
installation or configuration management.

Terraform Migration:

43. How do you migrate existing infrastructure to Terraform?

o Answer: Existing infrastructure can be migrated to Terraform by reverse-

engineering configurations, defining them in Terraform format, and gradually
transitioning resources using terraform import and terraform apply.

44. What are some challenges you might encounter when migrating to
Terraform?

o Answer: Challenges include ensuring compatibility between existing

infrastructure and Terraform configurations, handling state migration, and
managing dependencies between resources.
Terraform Scaling:

45. How does Terraform handle scaling infrastructure resources?

o Answer: Terraform can scale infrastructure resources dynamically using

features such as count, for_each, and conditional expressions to manage
resource instances based on demand or configuration parameters.

46. What strategies can you employ to optimize Terraform performance for
large-scale deployments?

o Answer: Strategies include parallelism tuning, modularization of

configurations, state management optimizations, and leveraging caching
mechanisms to improve performance.

Terraform Observability:

47. How can you monitor and track changes to infrastructure managed by
Terraform?

o Answer: Monitoring solutions and change tracking mechanisms (e.g., AWS

CloudTrail, Azure Activity Logs) can be used to audit and track changes made
by Terraform, providing visibility into infrastructure modifications.

48. What logging options are available for Terraform?

o Answer: Terraform generates logs that can be configured to various output

destinations (e.g., stdout, files) and levels of verbosity to aid in
troubleshooting and auditing.

Terraform Upgrades and Maintenance:

49. How do you handle upgrades and maintenance of Terraform versions?

o Answer: Upgrades can be managed using package managers (e.g., Homebrew,

Chocolatey) or by downloading and installing the latest Terraform binary
manually. It's essential to test upgrades in a non-production environment
before applying them in production.

50. What considerations should you take into account when planning
Terraform version upgrades?

o Answer: Considerations include compatibility with existing configurations,

changes in behavior or syntax, availability of new features, and potential
impacts on existing infrastructure.