Terraform Interview Questions [Junior level - S1E3]

Here are 10 more junior-level Terraform interview questions, formatted casually to help you prepare for an interview. These questions focus on additional important concepts within Terraform but avoid repeating the topics from the previous set.

1. How do you specify the region in Terraform for AWS resources?

Approach:
When you use Terraform to work with AWS, you’ll need to specify the region where your resources will be provisioned. This can be done in several ways, so think about how Terraform gets its environment configuration.

Answer:
You can specify the region in the provider block, which tells Terraform where to create your resources. The region can be specified directly within the provider or set via environment variables. Here's an example:

provider "aws" {
  region = "us-east-1"
}

Alternatively, you can set it using the AWS_REGION environment variable:

export AWS_REGION=us-west-2

2. What is a "data source" in Terraform, and can you give an example?

Approach:
Data sources in Terraform allow you to fetch data from the cloud provider that isn't managed by Terraform but can be used in your resources. Think of it as querying for existing information.

Answer:
A data source is used to fetch information from the provider that is already present in your environment. For example, you can fetch an existing AMI (Amazon Machine Image) from AWS and use it to create an EC2 instance.

Example:

data "aws_ami" "latest_amazon_linux" {
  most_recent = true
  owners      = ["amazon"]
  filters = {
    name = "amzn2-ami-hvm-*-x86_64-gp2"
  }
}

resource "aws_instance" "example" {
  ami           = data.aws_ami.latest_amazon_linux.id
  instance_type = "t2.micro"
}

3. What does terraform taint do?

Approach:
The terraform taint command is used to mark a resource as needing to be replaced. This is useful when a resource is in an undesirable state, and you want Terraform to recreate it.

Answer:
The terraform taint command manually marks a resource as "tainted," which means Terraform will destroy and recreate the resource the next time terraform apply is run. This is helpful if you need to force a resource to be recreated without modifying the configuration.

Example:

terraform taint aws_instance.example

4. How do you organize and manage your Terraform configurations for multiple environments?

Approach:
When working with multiple environments (like dev, staging, prod), you’ll want a strategy for organizing your code. Think about how you would handle different configurations for each environment.

Answer:
To manage multiple environments, you can create different directories for each environment, each containing its own Terraform configuration files. You can also use workspaces or variable files (like dev.tfvars, prod.tfvars) to manage different configurations. Here's a basic directory structure:

/terraform
  /dev
    main.tf
    variables.tf
    terraform.tfvars
  /prod
    main.tf
    variables.tf
    terraform.tfvars

You can use workspaces:

terraform workspace new dev
terraform workspace select dev

5. What is terraform show, and when would you use it?

Approach:
Think of terraform show as a way to inspect what’s been created or is currently being managed. This command provides details on resources managed by Terraform.

Answer:
The terraform show command provides a human-readable output of the current state of your infrastructure. It’s useful when you want to get a detailed look at the resources managed by Terraform without modifying anything.

Example:

terraform show

6. How do you manage dependencies between resources in Terraform?

Approach:
Terraform automatically handles dependencies between resources in most cases, but understanding how to define relationships explicitly can be helpful when resources rely on each other.

Answer:
Terraform automatically creates dependencies between resources based on references. For example, if an EC2 instance references a security group, Terraform knows to create the security group first. However, you can also use the depends_on argument to explicitly define dependencies when necessary.

Example:

resource "aws_security_group" "example" {
  name = "example-sg"
}

resource "aws_instance" "example" {
  ami           = "ami-123456"
  instance_type = "t2.micro"
  depends_on = [aws_security_group.example]
}

7. What is the use of the terraform state command?

Approach:
The terraform state command is used to interact with the state file, which tracks the resources managed by Terraform. You can use it to inspect, move, or modify the state.

Answer:
The terraform state command allows you to manage and manipulate the state file. You can use it to list resources, view the state of specific resources, or even move resources between different Terraform configurations.

Example:

terraform state list
terraform state show aws_instance.example

8. What is the difference between terraform plan -out and terraform plan?

Approach:
Both commands generate a plan, but the key difference is how you handle and execute the plan after it’s generated. The -out option allows you to save the plan and apply it later.

Answer:

• terraform plan shows the execution plan but doesn't save it for later use.

• terraform plan -out=planfile saves the plan to a file, which you can apply later using terraform apply planfile. This ensures that the same plan is applied and avoids discrepancies.

9. How do you upgrade Terraform to the latest version?

Approach:
Upgrading Terraform can be done easily, but it’s important to consider the compatibility of your existing configurations.

Answer:
To upgrade Terraform, you can download the latest version from the official Terraform website. If you use a package manager, you can upgrade using the appropriate commands:

• Homebrew (macOS):

  brew upgrade terraform
  

• APT (Ubuntu):

  sudo apt-get update && sudo apt-get install terraform
  

10. What is a "remote backend" in Terraform?

Approach:
When working with teams or needing better state file management, remote backends are crucial. They allow you to store the state file remotely, so everyone on the team has access to the same state.

Answer:
A remote backend allows you to store your Terraform state file in a remote location, such as AWS S3, Terraform Cloud, or Azure Storage. This is particularly useful for collaboration, as it ensures everyone is working with the same state and can help prevent conflicts.

Example (AWS S3 backend):

terraform {
  backend "s3" {
    bucket = "my-tf-state-bucket"
    key    = "path/to/statefile"
    region = "us-east-1"
  }
}

This second set of questions goes deeper into Terraform’s features and best practices, giving you a better understanding of how to manage and optimize your infrastructure code.