Terraform Interview Questions [Junior level - S1E1]

1. What is Terraform, and why is it used?

Answer:
Terraform is an open-source Infrastructure as Code (IaC) tool used to automate the provisioning, management, and versioning of infrastructure. It allows you to define infrastructure using configuration files, which can be version-controlled, shared, and reused. Terraform supports multiple cloud providers like AWS, Azure, and Google Cloud, making it platform-agnostic.

2. What are providers in Terraform?

Answer:
Providers in Terraform are plugins that allow Terraform to interact with different cloud services and platforms. A provider is responsible for managing the lifecycle of a resource, including creating, updating, and deleting resources. Examples of providers include AWS, Azure, Google Cloud, and Kubernetes.

provider "aws" {
  region = "us-east-1"
}

3. What is the difference between terraform apply and terraform plan?

Answer:

• terraform plan: This command generates and shows an execution plan, detailing the actions Terraform will take to achieve the desired state. It does not make any changes to the infrastructure.

• terraform apply: This command applies the changes described in the execution plan to your infrastructure, making the necessary adjustments to match the desired state.

4. What are modules in Terraform?

Answer:
Modules in Terraform are reusable groups of resources that are used to organize and encapsulate configurations. A module can be as simple as a few resources or as complex as an entire infrastructure stack. Modules allow for code reuse, making it easier to manage and share configurations across different environments.

module "vpc" {
  source = "./vpc"
}

5. What is the state file in Terraform, and why is it important?

Answer:
The Terraform state file is a crucial component that keeps track of the resources Terraform manages and their current state. This file allows Terraform to map real-world resources to your configuration. It’s important because it helps Terraform know what changes need to be applied during the next run. The state file is typically stored in terraform.tfstate and should be protected, especially in collaborative environments.

6. How do you handle sensitive data in Terraform?

Answer:
Sensitive data in Terraform, like API keys or passwords, should not be hardcoded into your configuration files. Instead, you can use environment variables, the terraform.tfvars file (which should be excluded from version control), or tools like AWS Secrets Manager or Vault for secure storage and retrieval of secrets.

Example using an environment variable:

provider "aws" {
  access_key = var.aws_access_key
  secret_key = var.aws_secret_key
}

variable "aws_access_key" {
  type = string
  sensitive = true
}

7. What is the purpose of the terraform init command?

Answer:
The terraform init command initializes a working directory containing Terraform configuration files. It downloads the necessary provider plugins, sets up the backend (where the state is stored), and prepares the working environment. This command needs to be run at the beginning of a project or when adding new providers/modules.

8. Can you explain what terraform output does?

Answer:
terraform output is used to display the values of outputs that are defined in the Terraform configuration. Outputs allow you to extract and use values from the resources managed by Terraform after the infrastructure is provisioned.

Example:

output "instance_ip" {
  value = aws_instance.my_instance.public_ip
}

After applying the Terraform plan, you can retrieve the output using:

terraform output instance_ip

9. What is the purpose of the terraform destroy command?

Answer:
The terraform destroy command is used to tear down and remove all the infrastructure that was previously created by Terraform. It is helpful when you need to clean up your environment or avoid incurring unnecessary costs. It reads the current state file, and based on the configuration, deletes the resources.

10. What is a backend in Terraform, and how is it used?

Answer:
A backend in Terraform is responsible for storing the state of the infrastructure. It defines where and how Terraform's state file is stored. By default, Terraform stores state locally, but for collaborative work or more secure management, you can use remote backends such as AWS S3, Azure Blob Storage, or Terraform Cloud.

Example using AWS S3 as a backend:

terraform {
  backend "s3" {
    bucket = "my-tf-state"
    key    = "path/to/statefile"
    region = "us-east-1"
  }
}

These questions cover the fundamental concepts and commands in Terraform and will help you prepare for junior-level interviews.