Thursday 11 April 2024

Terraform Interview Questions

Here are some Terraform Interview Questions with answers and/or links to answers. Good luck!





What are Terraform modules?


Which operation do you need to perform when adding a new module in TF code? Why? What gets added to the root directory?

Describe set data type (are elements unique? in order?).

How to provision multiple instances of some resource where instances differ by values of some attributes? 

Is is possible to ignore changes made on remote (don't push local attribute state and overwrite remote changes)? Yes

Terraform detected the following changes made outside of Terraform since the last "terraform apply":

  # site24x7_website_monitor.this["tenta_services_monitors"] has been changed
  ~ resource "site24x7_website_monitor" "this" {
      - auth_user                   = "pingdom" -> null
        id                          = "405565000027631014"
      ~ ignore_cert_err             = true -> false
        # (29 unchanged attributes hidden)
    }
  # site24x7_website_monitor.this["vpn_center_licensing"] has been changed
  ~ resource "site24x7_website_monitor" "this" {
        id                          = "405565000027631133"
      ~ ignore_cert_err             = true -> false
        # (29 unchanged attributes hidden)
    }

Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following plan may include actions to undo or respond to these changes.

Is setting variable to empty string same as setting it to null? 



How to reference TF module from an arbitrary branch in github?

module "my_module" {
    source = "git::https://git.example.com/terraform-modules/my-aws-s3-module.git/modules/s3-bucket?ref=feature/my-branch"

modules/s3-bucket is path to the module in the remote repo.

If we want to reference a git tag e.g. v0.0.1 on default branch:
 source = "git::https://git.example.com/terraform-modules/my-aws-s3-module.git?ref=v0.0.1


Advice for reviewing:
- check if default value for input variable is provided, if not, that variable will be mandatory (not optional!)


What are data sources and how to use them?

How are data sources used in Terraform? - Stack Overflow

Data Sources - Configuration Language | Terraform | HashiCorp Developer


What is the purpose of count meta-argument?



When we add count meta argument to resource or module terraform will use array/indexed version in resource address. 

E.g.

module "foo" {
   count = 1
}

terraform plan will show: module.foo[0] 


Why it's bed idea to use index as a key in the map used in for_each?


What are providers and what is Terraform using them for? 

How does Terraform specify which providers it needs to use? Write an example. 

Can providers have their own configuration?


What does each provider add? Do they only manage cloud platforms?

How do we list which providers are required for the current Terraform project/module? Which block is used and where is it placed? How does provider requirement look like, what does it specify (3 things)?


What does coalesce function do?


What is the return value?

> coalesce("a", "b")
?
> coalesce("", "b")
?
> coalesce(1,2)
?
> coalesce(["", "b"]...)
?
> coalesce(1, "hello")
?
> coalesce(true, "hello")
?
> coalesce({}, "hello")
?


What does coalescelist function do?


> coalescelist(["a", "b"], ["c", "d"])
?
> coalescelist([], ["c", "d"])
?
> coalescelist([[], ["c", "d"]]...)
?


What does coalesce return if both arguments are null and/or ""?




Which data type does lookup operate on? What does lookup function do?
What's the signature of this function?


What does jsonencode function do?


Why is it a bad idea to pass a string (or, stringified object) to jsonencode function?

jsonencode encodes a given value to a string using JSON syntax. So string will be transformed into a string:

> jsonencode("{\"name\":\"Bojan\"}")
"\"{\\\"name\\\":\\\"Bojan\\\"}\""

So escape character got escaped...and that's still a valid JSON (try it here: https://jsonlint.com/)

We usually want to JSON-stringify an object, not a string:

> jsonencode({"name":"Bojan"})
"{\"name\":\"Bojan\"}"


This is why, for example, we don't want to call jsonencode(templatefile(file.tftpl, {...})) but vice versa:
templatefile(jsonencode(file.tftpl), {...}). Even better, file.tftpl can be an interpolation of the jsonencode call against the real json content: ${jsonencode({...})}. 




What is terraform configuration block type used for?

What does required_providers block specify? Write an example. [answer]

What does backend configuration define?

How to view the content of the state file? Which command to use?

Why is state stored remotely?

How to Manage Terraform S3 Backend - Best Practices

Can Terraform import existing infrastructure resources? How to bring existing resources under Terraform management? 

How to import manually created AWS infrastructure into Terraform code so the same infra can be re-created in another AWS account (or region)?


How can you make changes in the configuration of already created resources using Terraform?


What is the difference between import blocks (configuration-driven import) and terraform import command? Which one is preferred and why?


Where does terraform import CLI command import resources into? Does it create a configuration? What do we need to use if we want to generate the accompanying configuration for imported resources?


What needs to be done before running terraform import?

Import | Terraform | HashiCorp Developer

Command: import | Terraform | HashiCorp Developer

Importing Existing Infrastructure into Terraform - Step by Step


What is resource address? Which parts it has? What about the case of multi-instance resource?

Internals: Resource Address | Terraform | HashiCorp Developer


What are the components you created using Terraform? Which providers did you use?

EC2, S3, RDS, Security Groups, 

No comments: