Terraform Interview Questions [Junior level - S1E2]

If you're diving into Terraform, it’s important to remember that it's all about automating infrastructure. Whether you're managing cloud resources or just getting started, Terraform helps you define and provision everything as code. This list of 10 junior-level Terraform interview questions is meant to be more like a casual discussion with an engineer—think of it as helping a colleague prep for their interview.

1. What is Terraform, and why should I use it?

Approach:
Start by understanding that Terraform is an Infrastructure as Code (IaC) tool. It allows you to define your infrastructure using configuration files, and Terraform handles the process of provisioning and managing resources. It’s great because it’s cloud-agnostic—meaning you can use the same tool across AWS, Azure, GCP, and others.

Answer:
Terraform is an IaC tool that lets you define infrastructure through code. It helps automate cloud infrastructure setup, making it repeatable and version-controlled. It eliminates manual configuration, which is crucial for large environments. You specify what resources you need (like EC2 instances or S3 buckets), and Terraform figures out how to create them. Plus, it tracks the state of your resources so you don’t have to worry about manually syncing things.

2. What are Terraform providers?

Approach:
Think of providers as the link between Terraform and the cloud services you use. Terraform communicates with different platforms via providers to create and manage resources. Make sure you understand the role they play.

Answer:
Providers in Terraform are plugins that enable Terraform to interact with different cloud platforms. Each provider is specific to a platform (e.g., AWS, GCP, Azure). Providers define how to authenticate with the cloud and which resources can be managed. For example, the AWS provider would let you manage EC2 instances, S3 buckets, etc. You specify the provider in your configuration, and Terraform handles the rest.

3. How does terraform plan differ from terraform apply?

Approach:
These commands are fundamental to understanding how Terraform operates. Explain that terraform plan previews changes, while terraform apply actually makes those changes.

Answer:

• terraform plan: Think of this as a dry run. It tells you what Terraform will do but doesn’t make any changes. It's useful for reviewing your infrastructure changes before actually applying them.

• terraform apply: This is when the changes actually happen. After you've reviewed the plan, running apply provisions the resources as specified in the configuration.

4. What are Terraform modules?

Approach:
Modules are a way to organize Terraform code into reusable, logical units. They make it easier to maintain large infrastructure setups. You can think of them as functions or classes in programming.

Answer:
Modules in Terraform are like packages of resources that you can reuse across different projects. A module might contain everything necessary to create a VPC, for instance, and you can call that module whenever you need it. This helps avoid repetition in your code and promotes best practices by encapsulating logic into manageable pieces. You can use pre-built modules from the Terraform Registry or create your own.

5. What’s the purpose of the terraform init command?

Approach:
You can think of terraform init as the setup phase. Before you can do anything with Terraform, you need to initialize your working directory and set up any necessary providers or backends.

Answer:
terraform init prepares your working directory by downloading the necessary provider plugins, initializing the backend (where your state will be stored), and setting up the environment to run Terraform. It’s the first thing you run when starting a new Terraform project or when adding new modules or providers.

6. How do you use Terraform variables?

Approach:
Variables make your Terraform configurations more flexible. Rather than hardcoding values, you can use variables for things like instance sizes, regions, or AMI IDs.

Answer:
Terraform variables allow you to customize the configuration without changing the code directly. You can define a variable like this:

variable "instance_type" {
  default = "t2.micro"
}

Then, you reference it in your resources like so:

resource "aws_instance" "example" {
  instance_type = var.instance_type
}

Variables help keep your configuration reusable and modular.

7. What is the state file in Terraform, and why is it important?

Approach:
The state file is like the brain of Terraform. It tracks what resources exist and their current status, so Terraform knows what to do next.

Answer:
The state file is a key part of Terraform’s operation. It keeps track of the resources you've created, updated, or destroyed. Terraform uses this state file to determine the current state of your infrastructure and to apply the necessary changes during future runs. It’s critical for Terraform to function properly, so handling it securely is important, especially in a collaborative environment.

8. How do you manage sensitive data in Terraform?

Approach:
Sensitive data like API keys or passwords shouldn’t be hardcoded into Terraform configurations. Discuss secure ways to handle such data.

Answer:
Sensitive data in Terraform can be managed securely by using environment variables, .tfvars files (with .gitignore), or services like AWS Secrets Manager or Vault. Additionally, you can mark variables as sensitive to prevent Terraform from outputting them to logs or in the state file. Here’s an example of how to mark a variable as sensitive:

variable "db_password" {
  type      = string
  sensitive = true
}

9. What is the difference between terraform output and terraform show?

Approach:
These two commands help you inspect your infrastructure but serve different purposes. It's important to know when to use each one.

Answer:

• terraform output: This command is used to display the values of the output variables you've defined in your configuration. These outputs are useful when you need to pass information from one module to another or share data after an apply.

• terraform show: This command provides a detailed view of the current state of your infrastructure. It’s useful for inspecting everything that’s managed by Terraform.

10. What is terraform destroy, and when should you use it?

Approach:
This one’s simple but powerful—terraform destroy is used to tear down your infrastructure. Make sure to discuss when to use it and why it’s important.

Answer:
terraform destroy is used to delete all the resources that were created with Terraform. It's useful when you no longer need the infrastructure or when cleaning up resources after testing. Use it cautiously, as it will remove everything specified in your configuration. If you need to remove just a specific resource, you can target it with terraform destroy -target=resource_name.

These 10 questions cover some of the essential concepts in Terraform and should help prepare you for any junior-level interview. Terraform can seem complex at first, but by breaking it down into smaller, manageable pieces and understanding the role of each command or resource, it becomes much easier to handle.