20 Scenario-Based Terraform Interview Questions & Answers
When it comes to provisioning, managing, and altering infrastructure as code, HashiCorp’s Terraform is a highly sought-after tool among DevOps professionals. Consequently, being well-prepared for Terraform-based interviews is critical for aspiring DevOps professionals. To assist with your preparation, here are 20 scenario-based interview questions, along with their ideal responses.
1. Question: How can you handle state conflicts with Terraform?
Answer: Terraform’s state is a crucial component for tracking and managing resources. Conflicts usually occur when multiple team members concurrently attempt modifications. To manage such situations, Terraform offers “state locking” for backends that support it. State locking prevents others from acquiring the lock and potentially corrupting the state.
2. Question: How would you manage sensitive data with Terraform?
Answer: For managing sensitive data, Terraform has the concept of ‘variables’. These can be marked as sensitive, which stops the values from being displayed in the CLI output. We can also use Terraform’s data encryption features, or external vault services for storing secrets.
3. Question: Can you explain how you would handle lifecycle hooks in Terraform?
Answer: Lifecycle hooks in Terraform are controlled through the lifecycle
configuration block within a resource block. This can control actions such as preventing a resource from being destroyed (prevent_destroy
), and deciding when to create a new resource before destroying the old one (create_before_destroy
).
4. Question: Explain how you would import existing resources into Terraform?
Answer: Existing resources can be imported into Terraform using the terraform import
command followed by the resource type and ID. This command maps an existing resource to a Terraform resource in the configuration file.
5. Question: How would you ensure idempotency in Terraform?
Answer: Terraform naturally ensures idempotency. When a terraform apply
command is executed, it compares the desired state defined in the configuration files with the current state, and then it only modifies what’s necessary to reach the desired state.
6. Question: What would you do if a Terraform apply fails midway?
Answer: Terraform is designed to handle such situations. If a terraform apply
fails, you can simply run it again. Terraform will compare the desired and current state and then pick up where it left off.
7. Question: How would you manage multiple environment configurations (like staging, production) using Terraform?
Answer: You can manage different environments by separating them into different directories or workspaces, each with its own state file. This ensures the isolation between the environments.
8. Question: Can you explain how to create reusable components in Terraform?
Answer: Reusable components in Terraform can be created using Modules. A module is a container for multiple resources that are used together.
9. Question: What is Terraform’s way of handling infrastructure changes?
Answer: Terraform uses a declarative approach where the infrastructure needed is defined in a configuration file and Terraform takes care of how to achieve that. For changes, it compares the current infrastructure state with the declared state and makes necessary adjustments.
10. Question: How would you update a single module in Terraform?
Answer: You can use the command terraform get -update
to fetch and update modules.
11. Question: Explain how to use conditionals in Terraform?
Answer: Conditionals in Terraform can be used using the count
parameter, or the for_each
and if
expressions. They allow you to create or ignore resources based on certain conditions.
12. Question: What would you do if Terraform state file gets deleted?
Answer: You can use terraform import
to import the real infrastructure into the state file again, or restore from backup if available. This is one of the reasons why remote state files are recommended, which inherently provide versioning and backup.
13. Question: How would you share output values between different Terraform configurations?
Answer: You can use Terraform’s output values to extract information from a configuration and share it with another. You declare an output variable in one configuration and reference it in another using terraform_remote_state
data source.
14. Question: How would you test Terraform code?
Answer: Testing can be done using terraform plan
command, which shows what actions Terraform will take without actually performing them. Additionally, tools like Terratest provide a more comprehensive testing framework.
15. Question: How would you handle changing the provider in Terraform?
Answer: Providers in Terraform can be changed by modifying the provider block in the Terraform configuration files. Once changed, you can run terraform init
to initialize the new provider.
16. Question: Can you explain how you would use variables in Terraform?
Answer: Variables in Terraform are declared in the root module and can be defined directly in the configuration file, through command-line flags, from a file, or from environment variables.
17. Question: How would you define and manage dependencies in Terraform?
Answer: In Terraform, dependencies can be explicit (by using the depends_on
argument) or implicit (derived from the relationships of the resources). Terraform builds a dependency graph and ensures resources are created, updated, or destroyed in a proper sequence.
18. Question: How would you prevent resources from being accidentally destroyed in Terraform?
Answer: To prevent resources from accidental destruction, you can use the prevent_destroy
lifecycle argument. When this is set to true, Terraform will refuse to destroy the resource.
19. Question: How can you refactor a monolithic Terraform configuration into a modular one?
Answer: Start by identifying logical components and dependencies of your infrastructure. Each of these can be a separate module. Move the related resources into these module directories and replace them in the main configuration with module calls. Test each module independently to ensure they work as expected.
20. Question: How would you rollback a change made by Terraform?
Answer: Rollbacks aren’t inherently supported by Terraform as it’s designed to move forward to a known state. However, you can achieve a similar effect by using version control for your configuration files. You can revert to a previous commit and then run terraform apply
to set your infrastructure to that state.
Being well-versed in these scenarios and strategies will strengthen your understanding of Terraform and improve your chances of acing your DevOps interview. Happy learning!