Terraform Interview Questions and Answers (2023)

Sentinel is the policy enforcement language used by HashiCorp. Sentinel policies are validated when the Terraform plan is executed. Sentinel will detect incorrect settings before they reach production.

The usual way to represent "rolling back" in Terraform is to put your configuration in version control and commit before each change, and then you can use your version control system's features to revert to an older configuration if needed. Not all changes can be rolled back purely by reverting a VCS change though.

The Terraform cloud is a collaboration tool for teams using Terraform. It is a platform that can make teams use Terraform together, either on-demand or in response to various events.

Terraform apply command is used to create or introduce changes to real infrastructure. By default, apply scans the current working directory for the configuration and applies the changes appropriately.

Terraform keeps track of the resources it has created in a state file. This crucial file contains all of the information Terraform requires to change, update, and delete infrastructure.

A provider is a Terraform plugin that allows users to manage an external API. Provider plugins like the AWS provider or the cloud-init provider act as a translation layer that allows Terraform to communicate with many different cloud providers, databases, and services.

The terraform init command creates a working directory in which Terraform configuration files can be found.

Terraform Core oversees the reading and interpolation of resource plan executions, resource graphs, state management features and configuration files. Core is composed of compiled binaries written in the Go programming language.

main.tf contains the primary configuration for your module.

Without locking, if two team members are running Terraform at the same time, you may run into race conditions as multiple Terraform processes make concurrent updates to the state files, leading to conflicts, data loss, and state file corruption.

Yes, Terraform is usable for an on-prem infrastructure as it allows a lot of obtainable providers which we can choose according to the best usage by using an API.

Terraform is preferred for DevOps because it allows us to manage infrastructure as code. The infrastructure as code is the foundation for DevOps practices such as continuous integration, version control, continuous deployment, and code review.

• State file could contain sensitive data
• Inability to collaborate
• On a local machine, there is a chance of losing the state file.
• There is no centralised record keeping to track historical developments

Terraform helps you manage all of your infrastructure as code and construct it as and when needed.

Key features:

• Console that allows users to observe functions
• Ability to translate HCL code into JSON format
• A configuration language that supports interpolation
• A module count that keeps track of the number of modules applied to the infrastructure

Terraform Cloud allows you to create and confidentially share infrastructure modules within an organization using the private module registry. With Terraform Enterprise, the private module registry allows you to share modules within or across organizations.

The terraform version command shows the current Terraform version as well as any installed plugins

Sensitive Variable is Secure Place for API Credentials: Terraform Cloud can securely store and encrypt passwords. This encrypted storage can be used to store passwords, TLS certificates, SSH keys, and anything else that shouldn't be stored in plain text.

Yes, Terraform is cloud-agostic and allows a single configuration to manage multiple providers and handle cross-cloud dependencies. It is also used to simplify management and orchestration, facilitates operators to build large-scale multi-cloud infrastructures.