HashiCorp Terraform-Associate-003 HashiCorp Certified: Terraform Associate (003) Exam Practice Test

Answer : A, B, C

When the state file is locked, operations that modify or depend on the state (like terraform apply, terraform destroy, and terraform state list) are blocked. terraform fmt only formats the configuration files and does not interact with the state, so it is allowed.

References:

Terraform State Locking

Answer : B, D

Terraform Cloud provides features like remote state storage and a web-based user interface for managing your Terraform runs. While it offers robust infrastructure as code capabilities, automatic backups of configuration and state are not directly provided by Terraform Cloud; instead, the state is stored remotely and secured.

References:

Terraform Cloud Features

Answer : B

Terraform state files are not automatically encrypted by default. Sensitive values are stored in plaintext within the state file. However, you can protect the state file by using remote backends that support encryption, such as AWS S3 with server-side encryption enabled or Terraform Cloud, which offers encrypted state storage.

References:

Terraform State

Answer : B

The terraform plan command is used to create an execution plan. It allows you to see what actions Terraform will take to reach the desired state defined in your configuration files. It evaluates the current state and configuration, showing a detailed outline of the resources that will be created, updated, or destroyed. This is a critical step in the development process as it helps you verify that the changes you are about to apply will perform as expected, without actually modifying any state or infrastructure.

References:

Terraform documentation on terraform plan: Terraform Plan

Answer : B

You cannot access state stored with the local backend by using the terraform_remote_state data source. The terraform_remote_state data source is used to retrieve the root module output values from some other Terraform configuration using the latest state snapshot from the remote backend. It requires a backend that supports remote state storage, such as S3, Consul, AzureRM, or GCS. The local backend stores the state file locally on the filesystem, which terraform_remote_state cannot access.

References:

Terraform documentation on terraform_remote_state data source: Terraform Remote State Data Source

Example usage of remote state: Example Usage (remote Backend)

Answer : B

Not all standard backend types support state locking and remote operations like plan, apply, and destroy. For example, the local backend does not support remote operations and state locking. State locking is a feature that ensures that no two users can make changes to the state file at the same time, which is crucial for preventing race conditions. Remote operations allow running Terraform commands on a remote server, which is supported by some backends like remote or consul, but not all.

References:

Terraform documentation on backends: Terraform Backends

Detailed backend support: Terraform Backend Types

Answer : A

A Terraform output that sets the 'sensitive' argument to true will store that value in the state file. The purpose of setting sensitive = true is to prevent the value from being displayed in the CLI output during terraform plan and terraform apply, and to mask it in the Terraform UI. However, it does not affect the storage of the value in the state file. Sensitive outputs are still written to the state file to ensure that Terraform can manage resources correctly during subsequent operations.

References:

Terraform documentation on sensitive outputs: Terraform Output Values