Terraform Interview Questions [Senior level - S2E1]

Terraform Interview Questions for Senior Level (Season 2, Episode 1)

1. What are workspaces in Terraform, and how do you use them?

Answer:
Workspaces in Terraform allow for managing multiple environments (like dev, staging, and prod) within the same configuration. Each workspace maintains its state file.
How to Answer:

• Define workspaces (terraform workspace new dev).

• Switch between workspaces (terraform workspace select staging).

• Emphasize that workspaces are not an alternative to version control or separate state management across accounts.

2. Explain the lifecycle of a Terraform resource.

Answer:
The lifecycle has four phases:

• Plan: Calculates changes.

• Create: Provisions resources.

• Update: Applies modifications.

• Destroy: Removes resources.
  How to Answer:
  Mention lifecycle hooks like create_before_destroy or prevent_destroy and their importance in managing critical resources.

3. How do you handle secrets in Terraform?

Answer:
Secrets should not be hardcoded in the Terraform configuration. Use tools like:

• Terraform Cloud's workspace variables.

• AWS Secrets Manager or Vault provider.

• Sensitive flag for variables (sensitive = true).
  How to Answer:
  Discuss integrating secret management tools and explain why plain-text storage in state files is risky.

4. What are the different ways to manage dependencies in Terraform?

Answer:

• Implicit dependencies (resource attributes).

• Explicit dependencies (depends_on).

• Using modules for modular dependency management.
  How to Answer:
  Highlight the risks of circular dependencies and how depends_on should only be used when implicit relationships fail.

5. What is the purpose of the terraform refresh command?

Answer:
Synchronizes the state file with the real-world resources.
How to Answer:
Explain scenarios like drift detection and emphasize using it cautiously since it doesn’t modify the resources but updates the state.

6. How do you manage Terraform module versions?

Answer:
By pinning versions in the source argument, e.g., version = ">=1.0.0 <2.0.0".
How to Answer:
Discuss how versioning ensures stability and compatibility. Mention terraform registry for managing standard modules.

7. Can you explain the role of providers in Terraform?

Answer:
Providers are plugins that allow Terraform to interact with APIs for managing resources.
How to Answer:
Explain configuring providers with provider {} block and using multiple providers with aliases for managing multi-cloud setups.

8. What are remote state backends, and why are they important?

Answer:
Remote backends store the state file in a centralized location like S3 or Terraform Cloud.
How to Answer:

• Emphasize collaboration and consistency.

• Explain backends like S3 with DynamoDB for state locking.

• Highlight encryption and security.

9. How do you implement drift detection in Terraform?

Answer:
By running terraform plan or using automated tools in CI/CD pipelines to compare configurations with live resources.
How to Answer:
Explain how drift can lead to mismatched states and how periodic checks ensure consistency.

10. What is a null_resource in Terraform, and when do you use it?

Answer:
A null_resource is used to execute scripts or commands without creating an actual resource.
How to Answer:
Mention use cases like triggering external systems or managing orchestration tasks while emphasizing it should not be overused.

These questions and answers can help you demonstrate expertise while discussing real-world scenarios and best practices during the interview.