ExamGecko
Search Search Login
Home Home / HashiCorp / Terraform Associate 003

HashiCorp Terraform Associate 003 Practice Test - Questions Answers, Page 19

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

How is terraform import run?
If a module declares a variable with a default, that variable must also be defined within the module.
Which type of block fetches or computes information for use elsewhere in a Terraform configuration?
Which of the following is not a key principle of infrastructure as code?
Which backend does the Terraform CU use by default?
If a DevOps team adopts AWS CloudFormation as their standardized method for provisioning public cloud resoruces, which of the following scenarios poses a challenge for this team?
Terraform providers are part of the Terraform core binary.
A developer on your team is going lo leaf down an existing deployment managed by Terraform and deploy a new one. However, there is a server resource named aws instant.ubuntu[l] they would like to keep. What command should they use to tell Terraform to stop managing that specific resource?
You should run terraform fnt to rewrite all Terraform configurations within the current working directory to conform to Terraform-style conventions.
What is one disadvantage of using dynamic blocks in Terraform?

Question 181

Report
Export
Collapse

Which of these are features of HCP Terraform/Terraform Cloud? (Pick the 2 correct responses)

A.

Automatic backups of configuration and state.

A.

Automatic backups of configuration and state.

Answers
B.

Remote state storage.

B.

Remote state storage.

Answers
C.

Automated infrastructure deployment visualization.

C.

Automated infrastructure deployment visualization.

Answers
D.

A web-based user interface (UI).

D.

A web-based user interface (UI).

Answers
Suggested answer: B, D

Explanation:

Terraform Cloud provides features like remote state storage and a web-based user interface for managing your Terraform runs. While it offers robust infrastructure as code capabilities, automatic backups of configuration and state are not directly provided by Terraform Cloud; instead, the state is stored remotely and secured.

References:

Terraform Cloud Features

Question 182

Report
Export
Collapse

Which of these actions are forbidden when the Terraform state file is locked? (Pick the 3 correct responses)

A.

terraform apply

A.

terraform apply

Answers
B.

terraform state list

B.

terraform state list

Answers
C.

terraform destroy

C.

terraform destroy

Answers
D.

terraform fmt

D.

terraform fmt

Answers
Suggested answer: A, B, C

Explanation:

When the state file is locked, operations that modify or depend on the state (like terraform apply, terraform destroy, and terraform state list) are blocked. terraform fmt only formats the configuration files and does not interact with the state, so it is allowed.

References:

Terraform State Locking

Question 183

Report
Export
Collapse

Which of these statements about HCP Terraform/Terraform Cloud workspaces is false?

A.

They can securely store cloud credentials.

A.

They can securely store cloud credentials.

Answers
B.

They have role-based access controls.

B.

They have role-based access controls.

Answers
C.

Plans and applies can be triggered via version control system integrations.

C.

Plans and applies can be triggered via version control system integrations.

Answers
D.

You must use the CLI to switch between workspaces.

D.

You must use the CLI to switch between workspaces.

Answers
Suggested answer: D

Explanation:

In Terraform Cloud, you can switch between workspaces using both the web UI and CLI. The statement that you 'must use the CLI' is false. Workspaces can securely store cloud credentials, offer role-based access control, and integrate with VCS to trigger plan and apply operations.

References:

Terraform Cloud Workspaces

Question 184

Report
Export
Collapse

Which of these are benefits of using Sentinel with HCP Terraform/Terraform Cloud? (Pick the 3 correct responses)

A.

You can enforce a list of approved AWS AMIs.

A.

You can enforce a list of approved AWS AMIs.

Answers
B.

Sentinel Policies can be written in HashiCorp Configuration Language (HCL).

B.

Sentinel Policies can be written in HashiCorp Configuration Language (HCL).

Answers
C.

You can check out and check in cloud access keys.

C.

You can check out and check in cloud access keys.

Answers
D.

Policy-as-code can enforce security best practices.

D.

Policy-as-code can enforce security best practices.

Answers
Suggested answer: A, C, D

Explanation:

Sentinel is a policy-as-code framework that integrates with Terraform Cloud to enforce security, compliance, and governance rules. You can enforce rules such as approved AMIs and ensure security best practices. Policies are written in the Sentinel language, not HCL.

References:

Sentinel Policies

Question 185

Report
Export
Collapse

You used Terraform to create an ephemeral development environment in the cloud and are now ready to destroy all the infrastructure described by your Terraform configuration. To be safe, you would like to first see all the infrastructure that Terraform will delete.

Which command should you use to show all the resources that will be deleted? (Pick the 2 correct responses)

A.

Run terraform destroy. This will output all the resources that will be deleted before prompting for approval.

A.

Run terraform destroy. This will output all the resources that will be deleted before prompting for approval.

Answers
B.

Run terraform show -destroy.

B.

Run terraform show -destroy.

Answers
C.

Run terraform state rm *.

C.

Run terraform state rm *.

Answers
Suggested answer: A, B

Explanation:

Running terraform destroy will show all resources that will be deleted before prompting for approval. You can also run terraform plan -destroy to simulate the destruction without actually applying it, which is useful for reviewing the planned changes.

References:

Terraform Destroy

Question 186

Report
Export
Collapse

Terraform configuration can only call modules from the public registry.

A.

True

A.

True

Answers
B.

False

B.

False

Answers
Suggested answer: B

Explanation:

Terraform can call modules from various sources including the public Terraform Registry, private registries, local file paths, or version control systems like GitHub.

References:

Terraform Modules

Question 187

Report
Export
Collapse

You want to use API tokens and other secrets within your team's Terraform workspaces. Where does HashiCorp recommend you store these sensitive values? (Pick the 3 correct responses)

A.

In an HCP Terraform/Terraform Cloud variable, with the sensitive option checked.

A.

In an HCP Terraform/Terraform Cloud variable, with the sensitive option checked.

Answers
B.

In HashiCorp Vault.

B.

In HashiCorp Vault.

Answers
C.

In a terraform.tfvars file, securely managed and shared with your team.

C.

In a terraform.tfvars file, securely managed and shared with your team.

Answers
D.

In a terraform.tfvars file, checked into your version control system.

D.

In a terraform.tfvars file, checked into your version control system.

Answers
E.

In a plaintext document on a shared drive.

E.

In a plaintext document on a shared drive.

Answers
Suggested answer: A, B, C

Explanation:

Sensitive values such as API tokens should be stored in a secure way, either in Terraform Cloud variables marked as sensitive or in HashiCorp Vault. Storing secrets in version control systems or plaintext files is not recommended.

References:

Terraform Cloud Environment Variables

Question 188

Report
Export
Collapse

When do you need to explicitly execute Terraform in refresh-only mode?

A.

Before every terraform plan.

A.

Before every terraform plan.

Answers
B.

Before every terraform apply.

B.

Before every terraform apply.

Answers
C.

Before every terraform import.

C.

Before every terraform import.

Answers
D.

None of the above.

D.

None of the above.

Answers
Suggested answer: C

Explanation:

Purpose of Refresh-Only Mode: Running Terraform in refresh-only mode updates Terraform's state file with the current state of resources in your infrastructure without making changes to the resources themselves.

Context of Terraform Import: When using terraform import, you're adding existing resources to the state file, and running Terraform in refresh-only mode before this operation can ensure that any initial configuration syncs precisely with the actual state.

For more on refresh-only mode in relation to terraform import, refer to Terraform's import documentation.

Question 189

Report
Export
Collapse

In a HCP Terraform/Terraform Cloud workspace linked to a version control repository, speculative plan runs start automatically when you merge or commit changes to version control.

A.

True

A.

True

Answers
B.

False

B.

False

Answers
Suggested answer: A

Explanation:

Speculative Plans: Terraform Cloud's speculative plan feature runs automatically when changes are detected in a linked VCS repository, enabling users to review potential infrastructure changes without committing them.

Automatic Integration: This feature automates the planning process by triggering when changes are committed, aiding teams in previewing infrastructure changes seamlessly.

For further understanding, see the Terraform Cloud VCS Integration documentation.

Question 190

Report
Export
Collapse

Which command(s) adds existing resources in a public cloud into Terraform state?

A.

terraform init

A.

terraform init

Answers
B.

terraform plan

B.

terraform plan

Answers
C.

terraform refresh

C.

terraform refresh

Answers
D.

terraform import

D.

terraform import

Answers
E.

All of these

E.

All of these

Answers
Suggested answer: D

Explanation:

Importing Existing Resources: The terraform import command brings resources already deployed in a cloud environment into Terraform's state file, allowing Terraform to manage them.

Workflow Usage: Importing is vital when managing resources created outside of Terraform or those in place before Terraform adoption.

Refer to Terraform's import command documentation.

Total 195 questions
Go to page: of 20
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms